citascasuales.club Open in urlscan Pro
2606:4700:30::6812:3e0c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sharebutton.co/
Effective URL:
https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0...
Submission: On March 06 via manual (March 6th 2019, 2:40:11 pm UTC) from GB

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 2606:4700:30::6812:3e0c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is citascasuales.club.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 10th 2019. Valid for: a year.

This is the only time citascasuales.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.250 103.224.182.250	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 6	199.59.242.151 199.59.242.151	395082 (BODIS-NJ) (BODIS-NJ - Bodis)
1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400c:c06::66	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.172.94.62 54.172.94.62	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	52.58.87.70 52.58.87.70	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2606:4700:30:... 2606:4700:30::6812:3e0c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
19	8

1 103.224.182.250 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-250.above.com

www.sharebutton.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.59.242.151 (New York, United States) 1 redirects

ASN395082 (BODIS-NJ - Bodis, LLC, US)

ww25.sharebutton.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::66 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.94.62 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-94-62.compute-1.amazonaws.com

usd.xanthos-alf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.87.70 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-87-70.eu-central-1.compute.amazonaws.com

rtxta.bemobtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:30::6812:3e0c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

citascasuales.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	sharebutton.co 2 redirects www.sharebutton.co ww25.sharebutton.co	15 KB
5	citascasuales.club citascasuales.club	379 KB
2	xanthos-alf.com usd.xanthos-alf.com	3 KB
2	gstatic.com fonts.gstatic.com	17 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	bemobtrk.com 1 redirects rtxta.bemobtrk.com	2 KB
1	google.com www.google.com	56 KB
19	8

	Domain	Requested by
6	ww25.sharebutton.co	1 redirects ww25.sharebutton.co
5	citascasuales.club	usd.xanthos-alf.com citascasuales.club
2	usd.xanthos-alf.com	ww25.sharebutton.co usd.xanthos-alf.com
2	fonts.gstatic.com	www.google-analytics.com
2	www.google-analytics.com
1	ajax.googleapis.com	citascasuales.club
1	rtxta.bemobtrk.com	1 redirects
1	fonts.googleapis.com	ww25.sharebutton.co
1	www.google.com	ww25.sharebutton.co
1	www.sharebutton.co	1 redirects
19	10

This site contains links to these domains. Also see Links.

Domain
rtxta.bemobtrk.com

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-02-10` - `2020-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Frame ID: F9822624CD16141980898F8D86A01175
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.sharebutton.co/ HTTP 302
http://ww25.sharebutton.co/ Page URL
http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.xanthos-alf.com%2Fzcvisitor%2Fb5ccfc1f-401d-11e9-a5f5-... HTTP 302
http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9... Page URL
http://usd.xanthos-alf.com/zcredirect?visitid=b5ccfc1f-401d-11e9-a5f5-124d73ca685c&type=js&browserWidth... Page URL
https://rtxta.bemobtrk.com/go/88b28ba7-1967-480f-bebf-44c950ad1a4d?target=lima-due-1hD3D7g9&source=russ... HTTP 302
https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

19
Requests

58 %
HTTPS

60 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

517 kB
Transfer

706 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://rtxta.bemobtrk.com/click
Title: weiter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sharebutton.co/ HTTP 302
http://ww25.sharebutton.co/ Page URL
http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.xanthos-alf.com%2Fzcvisitor%2Fb5ccfc1f-401d-11e9-a5f5-124d73ca685c%3Fcampaignid%3D93680c00-3113-11e9-b058-0a157bfa6bfc&notadsafe HTTP 302
http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc Page URL
http://usd.xanthos-alf.com/zcredirect?visitid=b5ccfc1f-401d-11e9-a5f5-124d73ca685c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://rtxta.bemobtrk.com/go/88b28ba7-1967-480f-bebf-44c950ad1a4d?target=lima-due-1hD3D7g9&source=russet-lark&keyword=sharebutton%2Csharebutton%2Csharebutton.co&match=&age=&education=&ethnicity=&income=&unemployment=&crimes= HTTP 302
https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.sharebutton.co/ HTTP 302
http://ww25.sharebutton.co/

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 10

http://www.google-analytics.com/r/collect?v=1&_v=j73&a=26707304&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1431709532&gjid=2111298385&cid=1164334755.1551883196&tid=UA-89467400-1&_gid=1890664682.1551883196&_r=1&z=751763451 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=26707304&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1431709532&gjid=2111298385&cid=1164334755.1551883196&tid=UA-89467400-1&_gid=1890664682.1551883196&_r=1&z=751763451

Request Chain 11

http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.xanthos-alf.com%2Fzcvisitor%2Fb5ccfc1f-401d-11e9-a5f5-124d73ca685c%3Fcampaignid%3D93680c00-3113-11e9-b058-0a157bfa6bfc&notadsafe HTTP 302
http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ww25.sharebutton.co/
Redirect Chain

http://www.sharebutton.co/
http://ww25.sharebutton.co/

4 KB
4 KB

541ms
101ms

Document
text/html

199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.sharebutton.co/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: fe5ac55e064d0d4b0a364161764edd031e89d10691add09e7040b2e60bea0438

Request headers

Host: ww25.sharebutton.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: openresty
Date: Wed, 06 Mar 2019 14:39:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_pJKsZ/ueqxcBgT4lCD2B7PPl7/A9afmXGUB/Qr/rJ6VFDOY0ddRT6uJW4ovyxZu0PwPdNF/FJsBU74TjoBQagA==

Redirect headers

Date: Wed, 06 Mar 2019 14:39:54 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __tad=1551883194.3211446; expires=Sat, 03-Mar-2029 14:39:54 GMT; Max-Age=315360000
Location: http://ww25.sharebutton.co/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 161 KB
56 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c82ec8d65e86b7326415b4aee3d8f720662c878a5e016d56624f680cf87e4530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.sharebutton.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 14:39:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "11714153968830764715"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Mar 2019 14:39:55 GMT

GET
H/1.1 200
OK px.gif
ww25.sharebutton.co/ 42 B
275 B 104ms
102ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.sharebutton.co/px.gif?ch=1&rn=5.12239991539727
Requested by: Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.sharebutton.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww25.sharebutton.co/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.sharebutton.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 14:39:55 GMT
Last-Modified: Mon, 04 Mar 2019 11:21:31 GMT
Server: openresty
ETag: "5c7d0a3b-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK px.gif
ww25.sharebutton.co/ 42 B
275 B 205ms
100ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.sharebutton.co/px.gif?ch=2&rn=5.12239991539727
Requested by: Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.sharebutton.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww25.sharebutton.co/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.sharebutton.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 14:39:55 GMT
Last-Modified: Mon, 04 Mar 2019 11:21:31 GMT
Server: openresty
ETag: "5c7d0a3b-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK glp Show response
ww25.sharebutton.co/ 8 KB
9 KB 128ms
127ms Script
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by: Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: 776b85007860e26e2082c39f4547f737d7b875b1bd6c79e2714951d48daa43d8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.sharebutton.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://ww25.sharebutton.co/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.sharebutton.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 14:39:55 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
697 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400

Requested by

Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b433fff5919be961f970430072a831557793a468074cd8aaf30427dc6209dc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.sharebutton.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 06 Mar 2019 14:39:55 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 06 Mar 2019 14:39:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 14:39:55 GMT

POST
H/1.1 200
OK gzb
ww25.sharebutton.co/ 198 B
515 B 370ms
369ms XHR
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.sharebutton.co/gzb
Requested by: Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://ww25.sharebutton.co
Accept-Encoding: gzip, deflate
Host: ww25.sharebutton.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://ww25.sharebutton.co/
Connection: keep-alive
Content-Length: 265
Referer: http://ww25.sharebutton.co/
Origin: http://ww25.sharebutton.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 14:39:56 GMT
Server: openresty
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 198
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

18ms
14ms

Script
text/javascript

2a00:1450:400c:c06::66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::66 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww25.sharebutton.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 3752
date: Wed, 06 Mar 2019 13:37:23 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Wed, 06 Mar 2019 15:37:23 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://ww25.sharebutton.co

Response headers

date: Mon, 14 Jan 2019 19:46:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:38 GMT
server: sffe
age: 4388012
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8732
x-xss-protection: 1; mode=block
expires: Tue, 14 Jan 2020 19:46:23 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://ww25.sharebutton.co

Response headers

date: Fri, 22 Feb 2019 16:18:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 1030886
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sat, 22 Feb 2020 16:18:29 GMT

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j73&a=26707304&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_...
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=26707304&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&...

35 B
107 B

19ms
18ms

Image
image/gif

2a00:1450:400c:c06::66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=26707304&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1431709532&gjid=2111298385&cid=1164334755.1551883196&tid=UA-89467400-1&_gid=1890664682.1551883196&_r=1&z=751763451

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::66 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww25.sharebutton.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2019 14:39:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j73&a=26707304&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1431709532&gjid=2111298385&cid=1164334755.1551883196&tid=UA-89467400-1&_gid=1890664682.1551883196&_r=1&z=751763451
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

b5ccfc1f-401d-11e9-a5f5-124d73ca685c
usd.xanthos-alf.com/zcvisitor/
Redirect Chain

http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.xanthos-alf.com%2Fzcvisitor%2Fb5ccfc1f-401d-11e9-a5f5-124d73ca685c%3Fcampaignid%3D93680c00-3113-11e9-b058-0a157bfa6bfc&notadsafe
http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc

1008 B
2 KB

202ms
93ms

Document
text/html

54.172.94.62
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc

Requested by

Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

HTTP/1.1

Server

54.172.94.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-172-94-62.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.xanthos-alf.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww25.sharebutton.co/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww25.sharebutton.co/

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Wed, 06 Mar 2019 14:39:55 GMT
Server: ZeroPark-Traffic
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding: chunked
Connection: keep-alive

Redirect headers

Server: openresty
Date: Wed, 06 Mar 2019 14:39:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Location: http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc

GET
H/1.1 200
OK zcredirect
usd.xanthos-alf.com/ 632 B
1 KB 95ms
94ms Document
text/html 54.172.94.62
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.xanthos-alf.com/zcredirect?visitid=b5ccfc1f-401d-11e9-a5f5-124d73ca685c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usd.xanthos-alf.com
URL: http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc

Protocol

HTTP/1.1

Server

54.172.94.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-172-94-62.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.xanthos-alf.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://usd.xanthos-alf.com/zcvisitor/b5ccfc1f-401d-11e9-a5f5-124d73ca685c?campaignid=93680c00-3113-11e9-b058-0a157bfa6bfc

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Wed, 06 Mar 2019 14:39:56 GMT
redirected: JS
Server: ZeroPark-Traffic
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding: chunked
Connection: keep-alive

GET
H2

200

Primary Request sgfsdegf34gwgr5.html Show response
citascasuales.club/DATING/DE/4step/2/
Redirect Chain

https://rtxta.bemobtrk.com/go/88b28ba7-1967-480f-bebf-44c950ad1a4d?target=lima-due-1hD3D7g9&source=russet-lark&keyword=sharebutton%2Csharebutton%2Csharebutton.co&match=&age=&education=&ethnicity=&i...
https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csh...

4 KB
2 KB

121ms
27ms

Document
text/html

2606:4700:30::6812:3e0c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Requested by: Host: usd.xanthos-alf.com
URL: http://usd.xanthos-alf.com/zcredirect?visitid=b5ccfc1f-401d-11e9-a5f5-124d73ca685c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:3e0c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca80b6c66b0b09a01a08e0280542cfd408c6ec29cea2a1a77d87d5dfbf1f2121

Request headers

:method: GET
:authority: citascasuales.club
:scheme: https
:path: /DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://usd.xanthos-alf.com/zcredirect?visitid=b5ccfc1f-401d-11e9-a5f5-124d73ca685c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://usd.xanthos-alf.com/zcredirect?visitid=b5ccfc1f-401d-11e9-a5f5-124d73ca685c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status: 200
date: Wed, 06 Mar 2019 14:39:56 GMT
content-type: text/html
set-cookie: __cfduid=d7326bebcab99c8e0b1203ec0a13575e01551883196; expires=Thu, 05-Mar-20 14:39:56 GMT; path=/; domain=.citascasuales.club; HttpOnly
last-modified: Tue, 19 Feb 2019 09:17:09 GMT
access-control-allow-origin: *
x-edge-ip: 185.59.220.20
x-edge-location: frankfurtDE
x-cache: HIT
x-age: 67919
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4b3514fce8bc97e0-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Wed, 06 Mar 2019 14:39:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 914
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: bemob-uniq-visit:88b28ba7-1967-480f-bebf-44c950ad1a4d=1; Domain=rtxta.bemobtrk.com; Path=/; Expires=Thu, 07 Mar 2019 14:39:56 GMT; HttpOnly bemob-track-url=https%3A%2F%2Fcitascasuales.club%2FDATING%2FDE%2F4step%2F2%2Fsgfsdegf34gwgr5.html%3Fbemobdata%3Dc%253D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%253D0..b%253D0..c1%253Dlima-due-1hD3D7g9..c2%253Drusset-lark..c3%253Dsharebutton%25252Csharebutton%25252Csharebutton.co..r%253Dhttp%25253A%25252F%25252Fusd.xanthos-alf.com%25252Fzcredirect%25253Fvisitid%25253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%252526type%25253Djs%252526browserWidth%25253D1600%252526browserHeight%25253D1200%252526iframeDetected%25253Dfalse; Domain=rtxta.bemobtrk.com; Path=/; Expires=Thu, 07 Mar 2019 14:39:56 GMT; HttpOnly
Location: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Vary: Accept
X-Response-Time: 8.849ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubDomains

GET
H2 200 style.css
citascasuales.club/DATING/DE/4step/2/ 4 KB
1 KB 49ms
10ms Stylesheet
text/css 2606:4700:30::6812:3e0c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://citascasuales.club/DATING/DE/4step/2/style.css
Requested by: Host: citascasuales.club
URL: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:3e0c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5865d9be4f23323b1000c0e456297b2aca5d6786421bbd5079ca2c8bfc5b726

Request headers

:path: /DATING/DE/4step/2/style.css
pragma: no-cache
cookie: __cfduid=d7326bebcab99c8e0b1203ec0a13575e01551883196
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: citascasuales.club
referer: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
:scheme: https
:method: GET
Referer: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 14:39:57 GMT
content-encoding: br
cf-cache-status: HIT
x-edge-location: frankfurtDE
x-cache: MISS
status: 200
last-modified: Thu, 15 Feb 2018 17:12:50 GMT
server: cloudflare
etag: W/"5a85bf92-11d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
x-edge-ip: 185.59.220.10
cf-ray: 4b3514fdda7a97e0-FRA
expires: Wed, 06 Mar 2019 18:39:57 GMT

GET
H2 200 pin.gif
citascasuales.club/DATING/DE/4step/2/ 264 KB
264 KB 46ms
12ms Image
image/gif 2606:4700:30::6812:3e0c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citascasuales.club/DATING/DE/4step/2/pin.gif
Requested by: Host: citascasuales.club
URL: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:3e0c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41bf29b43af647040b6ec292b83ac095071b581c910bc6e033464ba21a472497

Request headers

:path: /DATING/DE/4step/2/pin.gif
pragma: no-cache
cookie: __cfduid=d7326bebcab99c8e0b1203ec0a13575e01551883196
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: citascasuales.club
referer: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
:scheme: https
:method: GET
Referer: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 14:39:57 GMT
cf-cache-status: HIT
x-edge-location: frankfurtDE
x-cache: MISS
status: 200
content-length: 269836
last-modified: Thu, 15 Feb 2018 17:12:49 GMT
server: cloudflare
etag: "5a85bf91-41e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=14400
x-edge-ip: 185.59.220.10
accept-ranges: bytes
cf-ray: 4b3514fdda7c97e0-FRA
expires: Wed, 06 Mar 2019 18:39:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: citascasuales.club
URL: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 30 Jan 2019 17:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3012557
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 29725
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2020 17:50:40 GMT

GET
H2 200 function.js Show response
citascasuales.club/DATING/DE/4step/2/ 1 KB
422 B 14ms
10ms Script
application/javascript 2606:4700:30::6812:3e0c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://citascasuales.club/DATING/DE/4step/2/function.js
Requested by: Host: citascasuales.club
URL: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:3e0c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55de3e08b58d07de6fa4e816217267e14ec67d9927f55c58552ac905bef2b689

Request headers

:path: /DATING/DE/4step/2/function.js
pragma: no-cache
cookie: __cfduid=d7326bebcab99c8e0b1203ec0a13575e01551883196
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: citascasuales.club
referer: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
:scheme: https
:method: GET
Referer: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 14:39:57 GMT
content-encoding: br
cf-cache-status: HIT
x-edge-location: frankfurtDE
x-cache: MISS
status: 200
last-modified: Thu, 15 Feb 2018 17:12:44 GMT
server: cloudflare
etag: W/"5a85bf8c-421"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-edge-ip: 185.59.220.10
cf-ray: 4b3514fdda7b97e0-FRA
expires: Wed, 06 Mar 2019 18:39:57 GMT

GET
H2 200 bg2.jpg
citascasuales.club/DATING/DE/4step/2/ 111 KB
111 KB 15ms
14ms Image
image/jpeg 2606:4700:30::6812:3e0c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citascasuales.club/DATING/DE/4step/2/bg2.jpg
Requested by: Host: citascasuales.club
URL: https://citascasuales.club/DATING/DE/4step/2/sgfsdegf34gwgr5.html?bemobdata=c%3D88b28ba7-1967-480f-bebf-44c950ad1a4d..a%3D0..b%3D0..c1%3Dlima-due-1hD3D7g9..c2%3Drusset-lark..c3%3Dsharebutton%252Csharebutton%252Csharebutton.co..r%3Dhttp%253A%252F%252Fusd.xanthos-alf.com%252Fzcredirect%253Fvisitid%253Db5ccfc1f-401d-11e9-a5f5-124d73ca685c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:3e0c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1859faf3d262db101c0b9da4dac009349ebe5a285e28d06fec2ebbadd4348e00

Request headers

:path: /DATING/DE/4step/2/bg2.jpg
pragma: no-cache
cookie: __cfduid=d7326bebcab99c8e0b1203ec0a13575e01551883196
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: citascasuales.club
referer: https://citascasuales.club/DATING/DE/4step/2/style.css
:scheme: https
:method: GET
Referer: https://citascasuales.club/DATING/DE/4step/2/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 14:39:57 GMT
cf-cache-status: HIT
x-edge-location: frankfurtDE
x-cache: MISS
status: 200
content-length: 113452
last-modified: Thu, 15 Feb 2018 17:12:43 GMT
server: cloudflare
etag: "5a85bf8b-1bb2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
x-edge-ip: 185.59.220.10
accept-ranges: bytes
cf-ray: 4b3514fe0ad797e0-FRA
expires: Wed, 06 Mar 2019 18:39:57 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citascasuales.club/	1970-01-19 07:50:19	Name: __cfduid Value: d7326bebcab99c8e0b1203ec0a13575e01551883196

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citascasuales.club
fonts.googleapis.com
fonts.gstatic.com
rtxta.bemobtrk.com
usd.xanthos-alf.com
ww25.sharebutton.co
www.google-analytics.com
www.google.com
www.sharebutton.co
103.224.182.250
199.59.242.151
2606:4700:30::6812:3e0c
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2004
2a00:1450:400c:c06::66
52.58.87.70
54.172.94.62
1859faf3d262db101c0b9da4dac009349ebe5a285e28d06fec2ebbadd4348e00
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
41bf29b43af647040b6ec292b83ac095071b581c910bc6e033464ba21a472497
55de3e08b58d07de6fa4e816217267e14ec67d9927f55c58552ac905bef2b689
776b85007860e26e2082c39f4547f737d7b875b1bd6c79e2714951d48daa43d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
b433fff5919be961f970430072a831557793a468074cd8aaf30427dc6209dc3d
b5865d9be4f23323b1000c0e456297b2aca5d6786421bbd5079ca2c8bfc5b726
c82ec8d65e86b7326415b4aee3d8f720662c878a5e016d56624f680cf87e4530
ca80b6c66b0b09a01a08e0280542cfd408c6ec29cea2a1a77d87d5dfbf1f2121
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe5ac55e064d0d4b0a364161764edd031e89d10691add09e7040b2e60bea0438

citascasuales.club Open in urlscan Pro 2606:4700:30::6812:3e0c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

58 %HTTPS

60 %IPv6

8 Domains

10 Subdomains

8 IPs

4 Countries

517 kBTransfer

706 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

Indicators

citascasuales.club Open in urlscan Pro
2606:4700:30::6812:3e0c Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

58 %
HTTPS

60 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

517 kB
Transfer

706 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions