urlscan.io logo urlscan.io
SecurityTrails logo

ww25.flirtsdreams.info Open in urlscan Pro
199.59.243.225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bnamex.com/
Effective URL: http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
Submission: On May 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 9 HTTP transactions. The main IP is 199.59.243.225, located in United States and belongs to AMAZON-02, US. The main domain is ww25.flirtsdreams.info.
This is the only time ww25.flirtsdreams.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 107.161.23.204 3842 (RAMNODE)
1 1 172.67.190.117 13335 (CLOUDFLAR...)
2 185.155.184.32 6898 (AS-6898 C...)
1 2 185.155.184.55 6898 (AS-6898 C...)
1 1 103.224.182.246 133618 (TRELLIAN-...)
3 199.59.243.225 16509 (AMAZON-02)
1 142.250.185.196 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 6
2    107.161.23.204 (United States)

ASN3842 (RAMNODE, US)
PTR: parking.namesilo.com
bnamex.com
www.bnamex.com
1    172.67.190.117 (United States)

ASN13335 (CLOUDFLARENET, US)
ab.jvhd.com
2    185.155.184.32 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)
bonusthe.life
2    185.155.184.55 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)
a06kdga.ehhipwind.live
1    103.224.182.246 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com
flirtsdreams.info
3    199.59.243.225 (United States)

ASN16509 (AMAZON-02, US)
ww25.flirtsdreams.info
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.adsensecustomsearchads.com
Apex Domain
Subdomains		 Transfer
4 flirtsdreams.info
flirtsdreams.info
ww25.flirtsdreams.info
41 KB
2 ehhipwind.live
a06kdga.ehhipwind.live
1 KB
2 bonusthe.life
bonusthe.life
47 KB
2 bnamex.com
bnamex.com
www.bnamex.com
420 B
1 adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2604
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5045
265 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
72 KB
1 jvhd.com
ab.jvhd.com
706 B
9 8
Domain Requested by
3 ww25.flirtsdreams.info a06kdga.ehhipwind.live
ww25.flirtsdreams.info
2 a06kdga.ehhipwind.live 1 redirects bonusthe.life
2 bonusthe.life
1 www.adsensecustomsearchads.com www.google.com
1 partner.googleadservices.com www.google.com
1 www.google.com ww25.flirtsdreams.info
1 flirtsdreams.info 1 redirects
1 ab.jvhd.com 1 redirects
1 www.bnamex.com 1 redirects
1 bnamex.com 1 redirects
9 10

This site contains no links.

Subject Issuer Validity Valid
bonusthe.life
R3		 2024-05-17 -
2024-08-15		 3 months crt.sh
ehhipwind.live
R3		 2024-05-26 -
2024-08-24		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.googleadservices.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
misc-sni.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
Frame ID: F354E4173B0E33758026B4671AEA69D9
Requests: 8 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol316%2Cpid-bodis-gcontrol465%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis30_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fww25.flirtsdreams.info%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240528-0216-574a-8b36-6f2b31355736&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2441981343413423&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3&nocache=8991716826617944&num=0&output=afd_ads&domain_name=ww25.flirtsdreams.info&v=3&bsl=8&pac=2&u_his=2&u_tz=120&dt=1716826617945&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=635538657&rurl=http%3A%2F%2Fww25.flirtsdreams.info%2F%3Fsubid1%3D20240528-0216-574a-8b36-6f2b31355736
Frame ID: 909695A74C9E91519A08FFFE77390E1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

flirtsdreams.info

Page URL History Show full URLs

  1. http://bnamex.com/ HTTP 307
    https://bnamex.com/ HTTP 307
    http://bnamex.com/ HTTP 301
    http://www.bnamex.com/ HTTP 307
    https://www.bnamex.com/ HTTP 307
    http://www.bnamex.com/ HTTP 301
    https://ab.jvhd.com/visit/65b748ec-1b9c-4518-9dff-49b54e5e7a0c HTTP 302
    https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id} Page URL
  2. https://a06kdga.ehhipwind.live/pdtmvuon/?u=agdk60a&o=n9nr55h&cid=%7Bmc_click_id%7D&f=1&sid=t3~22mekk1iq1wig... Page URL
  3. https://a06kdga.ehhipwind.live/web/ HTTP 302
    https://flirtsdreams.info/ HTTP 302
    http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736 HTTP 307
    https://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736 HTTP 307
    http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736 Page URL

Page Statistics

9
Requests

67 %
HTTPS

11 %
IPv6

8
Domains

10
Subdomains

6
IPs

4
Countries

162 kB
Transfer

273 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bnamex.com/ HTTP 307
    https://bnamex.com/ HTTP 307
    http://bnamex.com/ HTTP 301
    http://www.bnamex.com/ HTTP 307
    https://www.bnamex.com/ HTTP 307
    http://www.bnamex.com/ HTTP 301
    https://ab.jvhd.com/visit/65b748ec-1b9c-4518-9dff-49b54e5e7a0c HTTP 302
    https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id} Page URL
  2. https://a06kdga.ehhipwind.live/pdtmvuon/?u=agdk60a&o=n9nr55h&cid=%7Bmc_click_id%7D&f=1&sid=t3~22mekk1iq1wigxeqt1lni5l5&fp=Nvay4kMmztrVLVuRq1AEoA%3D%3D Page URL
  3. https://a06kdga.ehhipwind.live/web/ HTTP 302
    https://flirtsdreams.info/ HTTP 302
    http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736 HTTP 307
    https://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736 HTTP 307
    http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bnamex.com/ HTTP 307
  • https://bnamex.com/ HTTP 307
  • http://bnamex.com/ HTTP 301
  • http://www.bnamex.com/ HTTP 307
  • https://www.bnamex.com/ HTTP 307
  • http://www.bnamex.com/ HTTP 301
  • https://ab.jvhd.com/visit/65b748ec-1b9c-4518-9dff-49b54e5e7a0c HTTP 302
  • https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id}

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bonusthe.life/
Redirect Chain
  • http://bnamex.com/
  • https://bnamex.com/
  • http://bnamex.com/
  • http://www.bnamex.com/
  • https://www.bnamex.com/
  • http://www.bnamex.com/
  • https://ab.jvhd.com/visit/65b748ec-1b9c-4518-9dff-49b54e5e7a0c
  • https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id}
47 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software
nginx /
Resource Hash
f4b0f48b25821002e2ca9b7b9883ebdcd3759d243e32fc2b3c84b24a434816e8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
47880
Content-Type
text/html
Date
Mon, 27 May 2024 16:16:54 GMT
Server
nginx
cache-control
private

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88a74fe35a053636-FRA
content-type
text/html
date
Mon, 27 May 2024 16:16:54 GMT
expires
0
location
https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RT48UGirzmi0mDKwTN%2FwoQhJ7FZrZ9lx07ShCQgs9nfc11K%2FjwnbjC2xHUKUhAm3%2Fg%2FDIQ271vaoFeIpqNvhQzRmw6oId5%2FV2YzhqRPNQCCzRn18UZcqenWAuWmjVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive
favicon.ico
bonusthe.life/ 		0
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bonusthe.life/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id}
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 16:16:55 GMT
Cache-Control
no-transform
Server
nginx
Connection
keep-alive
/
a06kdga.ehhipwind.live/pdtmvuon/ 		682 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a06kdga.ehhipwind.live/pdtmvuon/?u=agdk60a&o=n9nr55h&cid=%7Bmc_click_id%7D&f=1&sid=t3~22mekk1iq1wigxeqt1lni5l5&fp=Nvay4kMmztrVLVuRq1AEoA%3D%3D
Requested by
Host: bonusthe.life
URL: https://bonusthe.life/?u=agdk60a&o=n9nr55h&cid={mc_click_id}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bonusthe.life/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
682
Content-Type
text/html
Date
Mon, 27 May 2024 16:16:55 GMT
Server
openresty
cache-control
private
Primary Request /
ww25.flirtsdreams.info/
Redirect Chain
  • https://a06kdga.ehhipwind.live/web/
  • https://flirtsdreams.info/
  • http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
  • https://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
  • http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
Requested by
Host: a06kdga.ehhipwind.live
URL: https://a06kdga.ehhipwind.live/pdtmvuon/?u=agdk60a&o=n9nr55h&cid=%7Bmc_click_id%7D&f=1&sid=t3~22mekk1iq1wigxeqt1lni5l5&fp=Nvay4kMmztrVLVuRq1AEoA%3D%3D
Protocol
HTTP/1.1
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0146d4189bfec078db12eb19891feb1ad24165948cde950a0d1ffa1077c06809

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://a06kdga.ehhipwind.live/pdtmvuon/?u=agdk60a&o=n9nr55h&cid=%7Bmc_click_id%7D&f=1&sid=t3~22mekk1iq1wigxeqt1lni5l5&fp=Nvay4kMmztrVLVuRq1AEoA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-prefers-color-scheme
cache-control
no-store, max-age=0
content-length
1186
content-type
text/html; charset=utf-8
critical-ch
sec-ch-prefers-color-scheme
date
Mon, 27 May 2024 16:16:56 GMT
vary
sec-ch-prefers-color-scheme
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_bEJRp+bnCugOb/dE048UrAAW0UxH9Rar2ddwy+LYOQJfOjCXZMVCnAXt1KbbUdUjzptj88qTuqT6YKlFJ247aA==
x-request-id
2fe20d53-1d4c-4db8-9f90-2fea381f4f87

Redirect headers

Location
http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
Non-Authoritative-Reason
HttpsUpgrades
bQQSINnWB.js
ww25.flirtsdreams.info/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww25.flirtsdreams.info/bQQSINnWB.js
Requested by
Host: ww25.flirtsdreams.info
URL: http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
Protocol
HTTP/1.1
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
463d99ca5448f815a05b2d946ddae9eed3e21c335c0f4cfe7a16944e3512f76c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 27 May 2024 16:16:57 GMT
content-length
33791
x-request-id
72fcce3b-b49f-4e5f-a19b-76e01df97036
content-type
application/javascript; charset=utf-8
_fd
ww25.flirtsdreams.info/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://ww25.flirtsdreams.info/_fd?subid1=20240528-0216-574a-8b36-6f2b31355736
Requested by
Host: ww25.flirtsdreams.info
URL: http://ww25.flirtsdreams.info/bQQSINnWB.js
Protocol
HTTP/1.1
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a475274931cf24ed4610c38e3444ae391e7d8a079b2ace27613518c4617c22ac

Request headers

Accept
application/json
Referer
http://ww25.flirtsdreams.info/?subid1=20240528-0216-574a-8b36-6f2b31355736
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 May 2024 16:16:56 GMT
content-length
5645
x-request-id
2baa94cd-c997-4442-840a-b6ae49165e0e
content-type
application/json; charset=utf-8
caf.js
www.google.com/adsense/domains/ 		186 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Requested by
Host: ww25.flirtsdreams.info
URL: http://ww25.flirtsdreams.info/bQQSINnWB.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
sffe /
Resource Hash
178beddc8d8952fa6986240299ef99ba85576cb83228ecb0a0079f9b670f387e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
http://ww25.flirtsdreams.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 16:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"657870217748149356"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Mon, 27 May 2024 16:16:57 GMT
cookie.js
partner.googleadservices.com/gampad/ 		388 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.flirtsdreams.info&client=partner-dp-bodis30_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e826995d2fe9a72d312e3f28e1ad26b2350aabb43d5c1a133c164d6f0e0abc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
http://ww25.flirtsdreams.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 16:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
243
x-xss-protection
0
ads
www.adsensecustomsearchads.com/afs/ Frame 9096 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol316%2Cpid-bodis-gcontrol465%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis30_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fww25.flirtsdreams.info%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240528-0216-574a-8b36-6f2b31355736&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2441981343413423&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3&nocache=8991716826617944&num=0&output=afd_ads&domain_name=ww25.flirtsdreams.info&v=3&bsl=8&pac=2&u_his=2&u_tz=120&dt=1716826617945&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=635538657&rurl=http%3A%2F%2Fww25.flirtsdreams.info%2F%3Fsubid1%3D20240528-0216-574a-8b36-6f2b31355736
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-EtVqRv-gjwu8yt8_1npQNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://ww25.flirtsdreams.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2660
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-EtVqRv-gjwu8yt8_1npQNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 27 May 2024 16:16:58 GMT
expires
Mon, 27 May 2024 16:16:58 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| park object| version object| __parkour number| googleNDT_ number| googleAltLoader object| google function| __sasCookie number| experimentId_

7 Cookies

Domain/Path Name / Value
bonusthe.life/ Name: sid
Value: t3~22mekk1iq1wigxeqt1lni5l5
bonusthe.life/ Name: p1
Value: https://ehhipwind.live/pdtmvuon/
bonusthe.life/ Name: s1
Value: ex724l2dkp8vzp02
a06kdga.ehhipwind.live/ Name: sid
Value: t3~hesj54tx423r4chxpf10qxus
flirtsdreams.info/ Name: __tad
Value: 1716826617.2910508
ww25.flirtsdreams.info/ Name: parking_session
Value: 2fe20d53-1d4c-4db8-9f90-2fea381f4f87
.flirtsdreams.info/ Name: __gsas
Value: ID=ae458e789ac98b67:T=1716826618:RT=1716826618:S=ALNI_MaFIauh8uqq4cxS2VSOUI_fM3nusw