urlscan.io logo urlscan.io
SecurityTrails logo

nataliedate.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pploading.ru/5ekn2p7nww?extra_param=2203702920276603777
Effective URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=A...
Submission: On July 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 17 domains to perform 48 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is nataliedate.com.
TLS certificate: Issued by GTS CA 1P5 on June 4th 2024. Valid for: 3 months.
This is the only time nataliedate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 78.47.114.118 24940 (HETZNER-AS)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 172.67.136.137 13335 (CLOUDFLAR...)
1 1 5.200.60.24 48096 (ITGRAD)
1 1 31.133.223.170 50245 (SERVEREL-AS)
16 188.114.96.3 13335 (CLOUDFLAR...)
1 2620:1ec:bdf::60 8075 (MICROSOFT...)
5 23.213.161.219 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
5 12 2a02:6b8::1:119 13238 (YANDEX)
1 2600:9000:266... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.132 15169 (GOOGLE)
7 2a03:2880:f17... 32934 (FACEBOOK)
1 2 2a01:111:f100... 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
48 13
1    78.47.114.118 (Essen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.118.114.47.78.clients.your-server.de
pploading.ru
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
flclicks.ru
1    172.67.136.137 (United States)

ASN13335 (CLOUDFLARENET, US)
afclick.ru
1    5.200.60.24 (Moscow, Russian Federation)

ASN48096 (ITGRAD, RU)
o2.connectivity.ru
1    31.133.223.170 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
storader.com
16    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
nataliedate.com
1    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dscdn.azureedge.net
5    23.213.161.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-219.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2600:9000:2662:5600:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.clickcease.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
7    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a01:111:f100:a004::bfeb:8c20 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
monitor.clickcease.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
16 nataliedate.com
nataliedate.com
4 MB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8749
4 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
6 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3382
72 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
140 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
289 KB
3 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 14060
monitor.clickcease.com — Cisco Umbrella Rank: 22012
45 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
988 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
86 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
72 KB
2 flclicks.ru
flclicks.ru
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
1 azureedge.net
dscdn.azureedge.net
2 KB
1 storader.com
storader.com
271 B
1 connectivity.ru
o2.connectivity.ru
406 B
1 afclick.ru
afclick.ru
554 B
1 pploading.ru
pploading.ru
473 B
48 17
Domain Requested by
16 nataliedate.com nataliedate.com
7 mc.yandex.com 3 redirects nataliedate.com
mc.yandex.ru
7 www.facebook.com nataliedate.com
5 mc.yandex.ru 2 redirects nataliedate.com
5 analytics.tiktok.com nataliedate.com
analytics.tiktok.com
2 fonts.gstatic.com fonts.googleapis.com
2 monitor.clickcease.com 1 redirects nataliedate.com
2 www.google.com nataliedate.com
www.gstatic.com
2 www.googletagmanager.com nataliedate.com
2 connect.facebook.net nataliedate.com
connect.facebook.net
2 flclicks.ru 2 redirects
1 www.gstatic.com www.google.com
1 fonts.googleapis.com client
1 www.clickcease.com nataliedate.com
1 dscdn.azureedge.net nataliedate.com
1 storader.com 1 redirects
1 o2.connectivity.ru 1 redirects
1 afclick.ru 1 redirects
1 pploading.ru 1 redirects
48 19

This site contains links to these domains. Also see Links.

Domain
www.clickcease.com
Subject Issuer Validity Valid
nataliedate.com
GTS CA 1P5		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-24 -
2025-06-19		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-13 -
2024-07-12		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
clickcease.com
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-24		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Frame ID: AC1D4BE271B776DE2D38156F97CC780B
Requests: 45 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=AW-794501839
Frame ID: 160AB37D5357E97CD9AB39B9CEE6DAAD
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: B3F4616C4394AFA2D1B75F33005C8A1D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=%3C%25%3D%20htmlWebpackPlugin.options.googleRecaptchaKey%20%25%3E&co=aHR0cHM6Ly9uYXRhbGllZGF0ZS5jb206NDQz&hl=ru&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=sewd0mboeo40
Frame ID: C9E221F64F9380AB53A33FC68BE300F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Сайт знакомств - Natalie Date. Знакомься, флиртуй и найди свою любовь!

Page URL History Show full URLs

  1. http://pploading.ru/5ekn2p7nww?extra_param=2203702920276603777 HTTP 307
    https://pploading.ru/5ekn2p7nww?extra_param=2203702920276603777 HTTP 302
    https://flclicks.ru/?flux_action=2&flux_f=1970999250008230937&flux_ffn=2006410704345006352 HTTP 307
    https://afclick.ru/smart?sl=1169&partner_id=141209&source_id=6&traf_src=bigclick&site_id=ads&pt... HTTP 302
    http://o2.connectivity.ru/click.php?key=traffback1000&offer_id=11084&sl=1169&partner_id=141209&source_... HTTP 307
    https://o2.connectivity.ru/click.php?key=traffback1000&offer_id=11084&sl=1169&partner_id=141209&source_... HTTP 302
    https://flclicks.ru/?flux_action=1&flux_f=1970999250008230937&flux_ffn=2030635511413005981&pt_id... HTTP 307
    https://storader.com/go/a7d112f78b1f426b2ed4e4242aaa9b3e365b64d1eb0a0b0b/?tid=2231272564481214350 HTTP 302
    https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

48
Requests

92 %
HTTPS

61 %
IPv6

17
Domains

19
Subdomains

13
IPs

5
Countries

4366 kB
Transfer

8767 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pploading.ru/5ekn2p7nww?extra_param=2203702920276603777 HTTP 307
    https://pploading.ru/5ekn2p7nww?extra_param=2203702920276603777 HTTP 302
    https://flclicks.ru/?flux_action=2&flux_f=1970999250008230937&flux_ffn=2006410704345006352 HTTP 307
    https://afclick.ru/smart?sl=1169&partner_id=141209&source_id=6&traf_src=bigclick&site_id=ads&pt_id=2231272556623801927 HTTP 302
    http://o2.connectivity.ru/click.php?key=traffback1000&offer_id=11084&sl=1169&partner_id=141209&source_id=6_1169&traf_src=bigclick&site_id=ads&pt_id=2231272556623801927&status=bad-operator HTTP 307
    https://o2.connectivity.ru/click.php?key=traffback1000&offer_id=11084&sl=1169&partner_id=141209&source_id=6_1169&traf_src=bigclick&site_id=ads&pt_id=2231272556623801927&status=bad-operator HTTP 302
    https://flclicks.ru/?flux_action=1&flux_f=1970999250008230937&flux_ffn=2030635511413005981&pt_id=2231272556623801927&error_code=bad-operator HTTP 307
    https://storader.com/go/a7d112f78b1f426b2ed4e4242aaa9b3e365b64d1eb0a0b0b/?tid=2231272564481214350 HTTP 302
    https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://mc.yandex.ru/watch/56799835 HTTP 302
  • https://mc.yandex.ru/watch/56799835/1?redirnss=1
Request Chain 17
  • https://monitor.clickcease.com/stats/stats.aspx HTTP 301
  • https://monitor.clickcease.com/stats/stats
Request Chain 34
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10420.WfTbrS7OtcvK3AL0e-Lx96kwrirJ0C_BUNgB7XU5UFonYCaNpigPOHIaygNiaHo6.3AaBXnSLj_PRrCqzzafbIOAlnaA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10420.CpAqvtgAjrArHneyli5wGepW8gJi9TrAKsnPlEzga3iWCDzp9z_kNFLTar848uWxUIEj7aWtK9lci0-0wX5ppbN2iB0awqgS2AZxXe1MCEo2PzDKEG8ANUqhVI16iaNsmH0uVITjoOjgzw-nAAaQ2PfDv9teUdAOj3s_fVFA57ix4q6nLPPYjTqe3euVpMmx9iadO85XL7uD6bSR1w6bC2MMreHl3CjCD2yo12vrpPE%2C.LGcCeUYDhER07Z3dc8Dd49TFgHs%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10420.dDJvfCi3m0aHDYtXtUUzIBAQ27I-PSWYIUcdIoXnyb3Mg6vfYB2LK3wgujzyNNub0G-y2SgRUnt3coTH2iYu3PvPd7u-zXaEF0GMb_w8dl60qTZ7eY2HxKUMmfHAPDttQ4eSnyV11c-MSV38WRk0PzblAONwNktu-Q_OJp8AH90_uKIO5-pnKQvF8bbRXVbyoWXmj_-Pk0puyRkmRxjFnA%2C%2C.49vbC3-ahAvWucAVHj7p4AiVsOY%2C
Request Chain 41
  • https://mc.yandex.com/watch/56799835?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&nohit=1&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1007652602521%3Ahid%3A720872481%3Az%3A120%3Ai%3A20240705001735%3Aet%3A1720131456%3Ac%3A1%3Arn%3A1072032864%3Au%3A1720131456441932586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1720131452961%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720131457%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C!&t=gdpr(14)clc(0-0-0)aw(1)rcm(1)cdl(na)eco(23134724)ti(1) HTTP 302
  • https://mc.yandex.com/watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&nohit=1&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1007652602521%3Ahid%3A720872481%3Az%3A120%3Ai%3A20240705001735%3Aet%3A1720131456%3Ac%3A1%3Arn%3A1072032864%3Au%3A1720131456441932586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1720131452961%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720131457%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%2823134724%29ti%281%29

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wizard-man
nataliedate.com/
Redirect Chain
  • http://pploading.ru/5ekn2p7nww?extra_param=2203702920276603777
  • https://pploading.ru/5ekn2p7nww?extra_param=2203702920276603777
  • https://flclicks.ru/?flux_action=2&flux_f=1970999250008230937&flux_ffn=2006410704345006352
  • https://afclick.ru/smart?sl=1169&partner_id=141209&source_id=6&traf_src=bigclick&site_id=ads&pt_id=2231272556623801927
  • http://o2.connectivity.ru/click.php?key=traffback1000&offer_id=11084&sl=1169&partner_id=141209&source_id=6_1169&traf_src=bigclick&site_id=ads&pt_id=2231272556623801927&status=bad-operator
  • https://o2.connectivity.ru/click.php?key=traffback1000&offer_id=11084&sl=1169&partner_id=141209&source_id=6_1169&traf_src=bigclick&site_id=ads&pt_id=2231272556623801927&status=bad-operator
  • https://flclicks.ru/?flux_action=1&flux_f=1970999250008230937&flux_ffn=2030635511413005981&pt_id=2231272556623801927&error_code=bad-operator
  • https://storader.com/go/a7d112f78b1f426b2ed4e4242aaa9b3e365b64d1eb0a0b0b/?tid=2231272564481214350
  • https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1b00c897d1d189c81a26e69e4be530b7719fd96948d70a55e8dc49868cff78

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
89e27c771d642bb2-FRA
content-encoding
br
content-type
text/html
date
Thu, 04 Jul 2024 22:17:34 GMT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUjUB2oc1J5dEpyNoRMppOjt0W1tO8o4u%2BqNcAybuk1KQDfEjEPQVQY5IHmCR%2FrdSbAFepB%2BUatdZXVYyd%2BxLiWjlZ%2BMeh3suvywvobqVgsfX%2FxSCQsQJ7SNDbwcXo70yWk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 04 Jul 2024 22:17:34 GMT
location
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
server
nginx
analytics.js
dscdn.azureedge.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dscdn.azureedge.net/analytics.js
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
205824ea5ce46798e73b097ae38ad38d3b933593ee73cc8b982fd36807028ad1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
br
last-modified
Sat, 01 Jun 2024 20:17:41 GMT
etag
W/"80a013c160b4da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240704T221734Z-r195c4c79d9xd2j6zeummvbxfs000000036g000000001q4y
content-type
application/x-javascript
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
70818991
styles.css
nataliedate.com/assets/css/ 		949 KB
412 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/css/styles.css?v=d778df55
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66b479013795b56ddb0748d33cdd729f7b421afac6067d62fcad1ba262b0ae52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2560
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5lXEVzYngzvTkNoy8%2FW15zlMU2ZVBNlq3gB4UUvaS8P%2B0GYVgn%2BI%2FTrbaxoEPTclqPXIXEZsVNkygTWTWQ6VAJraNjL%2BZ5SUh9OwDHbX2e7RUOK%2F1tNZ8Ywc6AjmCzdGL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3600
cf-ray
89e27c781e3d2bb2-FRA
alt-svc
h3=":443"; ma=86400
vendor.js
nataliedate.com/ 		153 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/vendor.js?v=d778df55
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63097a6cbae56a39e86dbe271edf6caaafd1ae5159e94e69da883d9002ecce7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2560
alt-svc
h3=":443"; ma=86400
content-length
51138
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
server
cloudflare
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2F11O3Iyx0yZw%2BTOmhQsx6YRj9j7zEBX5SP6mI%2FxZoZEV%2BxM2VSobFA8KwtYS%2FK32v3FYy7eSd436WrDR313Ir3DJcvcHl4h8fUqJNkbDtXipxyAIMqpz2J3dHC%2B0W06CWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c783e5b2bb2-FRA
main.js
nataliedate.com/ 		3 MB
872 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/main.js?v=d778df55
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9835c2f3dbe0524c497fd4f8f22b496ca20416367bafa293fea0e24eda8312c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2560
alt-svc
h3=":443"; ma=86400
content-length
892593
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
server
cloudflare
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VU3zA60bOrYzABoM9LXzkJPT9SSxvWU2zXSkqxMvjkqCJlrUh2h3MWcx1939SKhpfEfg69RhFPtaaHCGoQknyzoUOVJttar8lFu7PQDE1d7v7NB3dAchi5TsxW4Gg6gQu%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c783e5e2bb2-FRA
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R4NAPURMH959SBQ0HG&lib=ttq
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6a982d74decb15e76c0638a1e5324c0a2c9868111de38257e9ce06518e916d36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
1cc89494
date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240704221734D79BAE10F864A195F597-502A56F3840B7914-00
x-cache
TCP_MISS from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=116
content-length
1777
pragma
no-cache
server
nginx
x-tt-logid
20240704221734D79BAE10F864A195F597
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
117,23.213.160.219
x-tt-trace-host
0158f08db0c9b8b93ec75a84be63d23d36dee80688595033c72609e4b97e6dd0a357211f014cd48ba2adefe89a963940927c80216c6930e4c5c94171e6488885d52d36ad6b923478aebb1b814b26854a14e1596a7b58a7bce8885a5dd7d4dd989a
expires
Thu, 04 Jul 2024 22:17:34 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 22:17:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
KS3/t6aa04nNtpNCmMmyxkVB2sxLHKvPwI3WsSZej4RQjh8xd5jnRnavHixiFBmpIUy7CBql21YpLJ26P/gieQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
812712367477483
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812712367477483?v=2.9.160&r=stable&domain=nataliedate.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f1507ca36403eb95931732a8bbf1e75f901b9472b251d4f41605ed7e510c6179
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 22:17:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=65, mss=1297, tbw=63831, tp=-1, tpl=-1, uplat=107, ullat=0
pragma
public
x-fb-debug
kLOcFLF/KmfjQxZ3GiycptCf67/3Yd48n1rb42ZCnIJREYuLFVoY4rkyoB2NML8CNvEsC7wc1xymw7qRJbnV2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MWU2NDEzYzJiMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R4NAPURMH959SBQ0HG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
1cc896af
date
Thu, 04 Jul 2024 22:17:35 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407021144256F1799BCFBB1924158D2
x-tt-trace-id
00-2407021144256F1799BCFBB1924158D2-2A68EE747F66BE05-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0155149eb8bb872112bf4f9a3ee60e1190a5899c6a3ddd6a843d4f3fad847f450edbea98a5ddd1346d930bacf808aee2b727ccf5a136632833a999f4c511f68fdaf9f9e37e42efab140fb07e64dfea15fecc9811408c45c0aa9a26e769b8d9c873
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length
98473
js
www.googletagmanager.com/gtag/ 		241 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794501839
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=d778df55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fbaf51380c75cba8b6a8ac141417446ea974c2af8738d093be3d6c1b49932d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87562
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 22:17:35 GMT
ns.html
www.googletagmanager.com/ Frame 160A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=AW-794501839
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=d778df55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nataliedate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 22:17:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
tag.js
mc.yandex.ru/metrika/ 		200 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=d778df55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-112d7"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70359
expires
Thu, 04 Jul 2024 23:17:35 GMT
stat.js
www.clickcease.com/monitor/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=d778df55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:5600:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding
gzip
via
1.1 9fb36db353e7dfb35c91a417c6113f40.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 22:17:35 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop
CDG55-P1
age
5
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Sep 2023 09:05:15 GMT
server
AmazonS3
etag
W/"e112b8bf96f23bc2970347a3c98e37fc"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-id
EbrPmJYIrYOMOZB4MJg4SWcJ6kJk0Os65w3Pt_QfoKORI1q8jD6msg==
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 22:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 21:05:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 22:17:35 GMT
api.js
www.google.com/recaptcha/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onrecapLoadedCallback&render=explicit&hl=ru
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=d778df55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
b6690599d0afbb218c2c1d3cb4136cdaa9e926e4f7ebdf8e583a893defc3ca13
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 22:17:35 GMT
visits
nataliedate.com/api/track/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/api/track/visits
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=d778df55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
visit-token
37356f00-3a53-11ef-9fe7-6329d2f515c3
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:17:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3gSTmMeMJyewsYNTuUZ%2BynP9U6wUll7oG7%2F%2B7MZMdLmkBwHOoIHvGkR7AzsfszD8QQE6Dzeyr0yuc9K7vzVhq87rkoveBSzmMuubVBDmcllEAGW4gq7A5RdCdwIziqLNxI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://nataliedate.com
access-control-expose-headers
bk-rct,bk-rct-l,bk-rct-m,sentry-trace
cache-control
no-cache
cf-ray
89e27c7ccc6a2bb2-FRA
access-control-allow-headers
Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace,mm-client-app,SyncToken
alt-svc
h3=":443"; ma=86400
expires
-1
tr
www.facebook.com/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=812712367477483&ev=PageView&noscript=1
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2803, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 22:17:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1
mc.yandex.ru/watch/56799835/
Redirect Chain
  • https://mc.yandex.ru/watch/56799835
  • https://mc.yandex.ru/watch/56799835/1?redirnss=1
43 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56799835/1?redirnss=1
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nataliedate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:17:35 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 04-Jul-2024 22:17:35 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 22:17:35 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:17:35 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 04-Jul-2024 22:17:35 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/56799835/1?redirnss=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 22:17:35 GMT
stats
monitor.clickcease.com/stats/
Redirect Chain
  • https://monitor.clickcease.com/stats/stats.aspx
  • https://monitor.clickcease.com/stats/stats
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://monitor.clickcease.com/stats/stats
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Server
2a01:111:f100:a004::bfeb:8c20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6c1ee2bcc93d872529a14eb6b2a5b78bcdbd653f5f0e608af08a4f2e8f287899

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nataliedate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cache-control
private
vm
10.1.0.20
x-powered-by
ASP.NET
content-type
image/jpeg

Redirect headers

location
/stats/stats
date
Thu, 04 Jul 2024 22:17:35 GMT
vm
10.1.0.20
x-powered-by
ASP.NET
content-length
129
content-type
text/html; charset=utf-8
logo_w_300.png
nataliedate.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nataliedate.com/assets/img/logo_w_300.png
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4ff359c9b864b3cfb70daf88b40a10a9749ab87968eeebbf475061822e65bd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1220
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cg9T2cAV2jHtUB2l8kp%2FwC30tD7frhvsaB3BGSW6fFtxbuRBWFDQ228QEmknD55chaXXQT09M%2FvhoJvdqjmtKQzxgVxziRG7XACKagW3XUKqRC0muzJbn2p9SOENK4XNLB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7cdc7e2bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3684
enter.png
nataliedate.com/assets/img/ 		318 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nataliedate.com/assets/img/enter.png
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e8b220cb593531e4d6e711390bd9616345178ca075a51a27057f006737df54

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1220
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nc%2F86Nt9nMzba5W%2B%2Fl1inM9Q8yUpE3z1xy%2B4ghO8HBcg8uTQ8pDn1FJ%2FrBzg31%2Fh3s2GsTrGvXgTCunxvzdc%2BPDMbboTl28D2vx8n8dca1KRoEY7rhML0Ovc3rwJ%2BAteQ7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7cdc862bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
318
gif-image-man-new2.gif
nataliedate.com/assets/img/ 		701 KB
702 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nataliedate.com/assets/img/gif-image-man-new2.gif
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0aaea6781ef41ac65f788c9341d269690b58dd96320fe49857efac61e57e3a7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1220
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5K9iGPlsIZPow7ueqa91yayslA%2FEWJBRfnjWWeMakZRkT4SL4Srw2ycIlgSADoVvLZV9qZctk9lGMsdQhXwzhfgelTdgJAOikT9hWsakUuovkSARxm1UkKU4WsZ7nTwMIzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7cdc8d2bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
717848
wizard_bg_new.jpg
nataliedate.com/assets/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nataliedate.com/assets/img/wizard_bg_new.jpg
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=d778df55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a7e7968f899411b08cca26b0b071cbfc7048a738d629cbde527110dd243413

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/assets/css/styles.css?v=d778df55
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1220
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6FRf0nvHxgL3X2Br50G4KyLLpUdG1y8rkqft00nsl6XuyAKw242il61weUD6XH9nW8lxllMNkvQnm7cV7cIXGjdvRNIfoiIu97%2Fz7VEf7NqgKXaeF%2Bot%2BwbVuSj4mnPw1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7cdc932bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
1531504
open-sans-v17-latin_cyrillic-regular.woff2
nataliedate.com/assets/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/fonts/open-sans-v17-latin_cyrillic-regular.woff2
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=d778df55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ec7711567669ddcd7e7b165a1600d0e7a4b91eb18ac53d2428076fa9b2de0c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/assets/css/styles.css?v=d778df55
Origin
https://nataliedate.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1220
alt-svc
h3=":443"; ma=86400
content-length
19420
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
server
cloudflare
etag
"084c222eccdda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH
content-type
application/font-woff2
access-control-allow-origin
https://nataliedate.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgVHyFxtRiYcrTnICHV1JG%2BObt9nagJs%2FQI5f5ODqv%2Fy0%2B0k6TfH8ZzMEsnm4Hd1D%2FazhY6Neq367RUhewxb%2FLmw5Rv2o%2FSY%2BGGp7aG63mcpVA8lEpAUiyHP7yFJy0WcFgA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
bk-rct,bk-rct-l,bk-rct-m,sentry-trace
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7d0cc12bb2-FRA
access-control-allow-headers
Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace,mm-client-app,SyncToken
open-sans-v17-latin_cyrillic-600.woff2
nataliedate.com/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/fonts/open-sans-v17-latin_cyrillic-600.woff2
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=d778df55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01897222cb646d05ba2e985322e32cd3ffaad6e80c155e9beb300c62ea732706

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/assets/css/styles.css?v=d778df55
Origin
https://nataliedate.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1220
alt-svc
h3=":443"; ma=86400
content-length
20084
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
server
cloudflare
etag
"084c222eccdda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH
content-type
application/font-woff2
access-control-allow-origin
https://nataliedate.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7V4tdX%2FeNZVn2vZg5NA2cUhsfYfuooUE49kbKeJvCtPBEjFTBfwD5mXYZsjaPpisvyd8pJTMdw%2FCAlrmOCVBXiFwsiHDx3CTPyLdQ44D2QhG8D0o7H691m46X0Eo4%2B6Vnjc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
bk-rct,bk-rct-l,bk-rct-m,sentry-trace
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7d0cc22bb2-FRA
access-control-allow-headers
Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace,mm-client-app,SyncToken
PTSansRegularCyr.woff2
nataliedate.com/assets/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/fonts/PTSansRegularCyr.woff2
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=d778df55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d1e593286d963a1bb1f9ce468c35b1f3022dfb77c7b7f6de5fa3f5accc5eeb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/assets/css/styles.css?v=d778df55
Origin
https://nataliedate.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2554
alt-svc
h3=":443"; ma=86400
content-length
25420
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
server
cloudflare
etag
"084c222eccdda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH
content-type
application/font-woff2
access-control-allow-origin
https://nataliedate.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1Qrh%2BWhjpjGtGCRnJIWMDHH5kMk%2FFnyVMrhE1qsbG4tjr8A7tXWBTDrX2JOU%2BgLP0cwrYDOGRjGXZ0VauSwuj3hgsSpN1fAmWIOfvnLqKkyZKS4AqI0PF1BW21q5cCSN0A%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
bk-rct,bk-rct-l,bk-rct-m,sentry-trace
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7d0cc32bb2-FRA
access-control-allow-headers
Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace,mm-client-app,SyncToken
PTSansRegular.woff2
nataliedate.com/assets/fonts/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/fonts/PTSansRegular.woff2
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=d778df55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/assets/css/styles.css?v=d778df55
Origin
https://nataliedate.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2554
alt-svc
h3=":443"; ma=86400
content-length
45052
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
server
cloudflare
etag
"084c222eccdda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH
content-type
application/font-woff2
access-control-allow-origin
https://nataliedate.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgcokpULnFqNCi2GYz1BqENCegrJr%2FkL6kwaOeVpJXyDPTjP%2FlXnkmS%2F1uS%2BarNZRlpgDgwDDzJrplFLkf%2BgDE0epecgsFLhsw9SOuXGpvyy2XuDWCYBWKx3qoM3TwBINl4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
bk-rct,bk-rct-l,bk-rct-m,sentry-trace
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c7d0cc42bb2-FRA
access-control-allow-headers
Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace,mm-client-app,SyncToken
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812712367477483&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&rl=&if=false&ts=1720131455605&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720131455603.597248778821396659&ler=empty&cdl=API_unavailable&it=1720131454971&coo=false&rqm=GET
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2803, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 22:17:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=812712367477483&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&rl=&if=false&ts=1720131455605&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720131455603.597248778821396659&ler=empty&cdl=API_unavailable&it=1720131454971&coo=false&rqm=FGET
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1312c2aa7e29db75","source_keys":["1","2"]},{"key_piece":"0xe77b4f828ca1053b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 22:17:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387908344337815946", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3153, tp=-1, tpl=-1, uplat=165, ullat=0
pragma
no-cache
x-fb-debug
knLuwvJhR0UrE+HrLYdj2fbSyMYjVFDYkcmalgvmpN+GilibZ6YXGkCJgfRi0njAQcmEcqaJepJMVZlF0bQJJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387908344337815946"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
1cc8a2ac
date
Thu, 04 Jul 2024 22:17:35 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400009F19F3F262ADB0F2F94C
x-tt-trace-id
00-2405211400009F19F3F262ADB0F2F94C-4777DC948454243B-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0164d4df9127cd0260f8a4d34aa07b9aa9f371a909ebd4d6ca565c8a7d59062b9761b58c53aeab233271348eb425c6f751b243a09cac72fa7be95a444412353403240d0302b3219e337457d9570807f6b4cbc7dfa2f3740b0370a3b91e10e7b7f6
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39700
pixel
analytics.tiktok.com/api/v2/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
29172364.1cc8a2f3
date
Thu, 04 Jul 2024 22:17:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240704221735046594FEE24B993CFBEC-516FD0D36080E796-00
x-cache
TCP_MISS from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
118,23.213.160.219
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=32, inner; dur=28
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240704221735046594FEE24B993CFBEC
x-cache-remote
TCP_MISS from a23-48-200-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
32,23.48.200.10
x-tt-trace-host
0158f08db0c9b8b93ec75a84be63d23d36eec41a60aaa14b3196e39ff9ead46d34674c9f3cd0ba7ac0dd114f59fdee6cc5d1fe1db3be640fd5f4e390e8b4bbaec29863781ed09d6cf254a51be74d59ea00b4a0246b45e050bf15f25124f1141545248c76d1f9343391f535bd3d8969918f
access-control-allow-headers
Authorization,*
expires
Thu, 04 Jul 2024 22:17:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://nataliedate.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:37:33 GMT
x-content-type-options
nosniff
age
45602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 09:37:33 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://nataliedate.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:04:42 GMT
x-content-type-options
nosniff
age
198773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26736
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:04:42 GMT
recaptcha__ru.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		564 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__ru.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onrecapLoadedCallback&render=explicit&hl=ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eeebec8674a4a87ba03cb60b55f67e6d856c5978efd27321c3a17ad8133b86b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Origin
https://nataliedate.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
220072
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 09:27:05 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
846 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6c151b2c.1cc8a6ca
date
Thu, 04 Jul 2024 22:17:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240704221735D2C75FDD5EB64E414488-4A9DB80992B92834-00
x-cache
TCP_MISS from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
295,23.213.160.219
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=208, inner; dur=204
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240704221735D2C75FDD5EB64E414488
x-cache-remote
TCP_MISS from a23-218-222-21.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
208,23.218.222.21
x-tt-trace-host
0158f08db0c9b8b93ec75a84be63d23d36eec41a60aaa14b3196e39ff9ead46d3463e94eec1086358907e5ebeb4fc2384ec55cd4a190922c61f9423cc9a82e6c03e47919630ef96e2c18f63ce705ee16147ae1d6cf9ee68f1bc85531eac869722ad7edd7b32a8d8c0eeb4a57e18fca14ee
access-control-allow-headers
Authorization,*
expires
Thu, 04 Jul 2024 22:17:36 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10420.WfTbrS7OtcvK3AL0e-Lx96kwrirJ0C_BUNgB7XU5UFonYCaNpigPOHIaygNiaHo6.3AaBXnSLj_PRrCqzzafbIOAlnaA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10420.CpAqvtgAjrArHneyli5wGepW8gJi9TrAKsnPlEzga3iWCDzp9z_kNFLTar848uWxUIEj7aWtK9lci0-0wX5ppbN2iB0awqgS2AZxXe1MCEo2PzDKEG8ANUqhVI16iaNsmH0uVITjoO...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10420.dDJvfCi3m0aHDYtXtUUzIBAQ27I-PSWYIUcdIoXnyb3Mg6vfYB2LK3wgujzyNNub0G-y2SgRUnt3coTH2iYu3PvPd7u-zXaEF0GMb_w8dl60q...
43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10420.dDJvfCi3m0aHDYtXtUUzIBAQ27I-PSWYIUcdIoXnyb3Mg6vfYB2LK3wgujzyNNub0G-y2SgRUnt3coTH2iYu3PvPd7u-zXaEF0GMb_w8dl60qTZ7eY2HxKUMmfHAPDttQ4eSnyV11c-MSV38WRk0PzblAONwNktu-Q_OJp8AH90_uKIO5-pnKQvF8bbRXVbyoWXmj_-Pk0puyRkmRxjFnA%2C%2C.49vbC3-ahAvWucAVHj7p4AiVsOY%2C
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nataliedate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 22:17:36 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10420.dDJvfCi3m0aHDYtXtUUzIBAQ27I-PSWYIUcdIoXnyb3Mg6vfYB2LK3wgujzyNNub0G-y2SgRUnt3coTH2iYu3PvPd7u-zXaEF0GMb_w8dl60qTZ7eY2HxKUMmfHAPDttQ4eSnyV11c-MSV38WRk0PzblAONwNktu-Q_OJp8AH90_uKIO5-pnKQvF8bbRXVbyoWXmj_-Pk0puyRkmRxjFnA%2C%2C.49vbC3-ahAvWucAVHj7p4AiVsOY%2C
date
Thu, 04 Jul 2024 22:17:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:35 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 04 Jul 2024 23:17:35 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame B3F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nataliedate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Thu, 04 Jul 2024 22:17:36 GMT
etag
"6684fede-418"
expires
Thu, 04 Jul 2024 23:17:36 GMT
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812712367477483&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%23!%2Fhistory&rl=&if=false&ts=1720131456886&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720131455603.597248778821396659&ler=empty&cdl=API_unavailable&it=1720131454971&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=6449, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 22:17:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=812712367477483&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%23!%2Fhistory&rl=&if=false&ts=1720131456886&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720131455603.597248778821396659&ler=empty&cdl=API_unavailable&it=1720131454971&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1312c2aa7e29db75","source_keys":["1","2"]},{"key_piece":"0xe77b4f828ca1053b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 22:17:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387908349910850245", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=6743, tp=-1, tpl=-1, uplat=37, ullat=0
pragma
no-cache
x-fb-debug
4hMUr4nlJ+B+wYxYUmEa3nmiqvm+1WhN0MH6nALABhnuwiTuW5+siP95gJkCBHvmM8VOJyeuIxaDcR8esDpMWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387908349910850245"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812712367477483&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&rl=&if=false&ts=1720131456887&sw=1600&sh=1200&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.1.1720131455603.597248778821396659&ler=empty&cdl=API_unavailable&it=1720131454971&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=6587, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 22:17:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=812712367477483&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&rl=&if=false&ts=1720131456887&sw=1600&sh=1200&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.1.1720131455603.597248778821396659&ler=empty&cdl=API_unavailable&it=1720131454971&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1312c2aa7e29db75","source_keys":["1","2"]},{"key_piece":"0xe77b4f828ca1053b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 22:17:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387908348815344750", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=7785, tp=-1, tpl=-1, uplat=37, ullat=0
pragma
no-cache
x-fb-debug
iJVNaWMkQDo4KrleHEqF6RNH1R75UD6NUJeB06hZzI4Cukthksn+ID1yvZL9cj8yvxLWSEjI44ixya9/V31YUA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387908348815344750"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
1
mc.yandex.com/watch/56799835/
Redirect Chain
  • https://mc.yandex.com/watch/56799835?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_sourc...
  • https://mc.yandex.com/watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_sou...
459 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&nohit=1&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1007652602521%3Ahid%3A720872481%3Az%3A120%3Ai%3A20240705001735%3Aet%3A1720131456%3Ac%3A1%3Arn%3A1072032864%3Au%3A1720131456441932586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1720131452961%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720131457%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%2823134724%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
53f3ee2b59be4d889f02d64811ffca831ab8647dd470fccd0c79069d58e98722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nataliedate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:17:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 04-Jul-2024 22:17:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nataliedate.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
459
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 22:17:37 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:17:36 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 04-Jul-2024 22:17:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&nohit=1&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1007652602521%3Ahid%3A720872481%3Az%3A120%3Ai%3A20240705001735%3Aet%3A1720131456%3Ac%3A1%3Arn%3A1072032864%3Au%3A1720131456441932586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1720131452961%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720131457%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%2823134724%29ti%281%29
access-control-allow-origin
https://nataliedate.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 22:17:36 GMT
favicon.png
nataliedate.com/assets/img/favicons/ 		377 B
829 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/img/favicons/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa2f47031d61bd3e2214d90d91a91c63c088a9f0f16b88783b5a490e75c705f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:36 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
738
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFOcDkyj7a7sip3CAK3j9Rd6MeGf1wJWGTvXFEw82Yk0qkR6TP%2FraxXdBTGTZuhp5fjKppemCDgZnwNxesxBaLt1T9VzvnxR0Ot1cRPRG6%2Bh2oATxnk%2Fka1fVvaNTWUaMMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c85ad022bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
377
favicon.png
nataliedate.com/assets/img/favicons/ 		377 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/img/favicons/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa2f47031d61bd3e2214d90d91a91c63c088a9f0f16b88783b5a490e75c705f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:36 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
738
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFOcDkyj7a7sip3CAK3j9Rd6MeGf1wJWGTvXFEw82Yk0qkR6TP%2FraxXdBTGTZuhp5fjKppemCDgZnwNxesxBaLt1T9VzvnxR0Ot1cRPRG6%2Bh2oATxnk%2Fka1fVvaNTWUaMMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c85ad022bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
377
favicon-32x32.png
nataliedate.com/assets/img/favicons/ 		683 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nataliedate.com/assets/img/favicons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b4a94e4a8fba97aededdc0743120c93b70d37239bcddf06915057ec48ba9eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/wizard-man?clickid=a7d112f766871f7e74928119499929&web_id=10552&geo=DE&sub_id=128934&utm_source=Advertise_man&linkid=35768
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:36 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 08:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2137
etag
"084c222eccdda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ygDB%2BHdMdCYNzLBgI52p6UX9yFQovkPl0WvKxIyOSdLlX1oDgPHRJhnVFUHDwc8tHBxAh1uT73PS%2FRxJAeG8RMcTGNKTcOgfQdi%2F0JJxAQ%2B4tKl14Ft754fKM8SZ9u1YRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
89e27c861d692bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
683
56799835
mc.yandex.com/watch/ 		43 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56799835?page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Fclickid%3Da7d112f766871f7e74928119499929%26web_id%3D10552%26geo%3DDE%26sub_id%3D128934%26utm_source%3DAdvertise_man%26linkid%3D35768&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&hittoken=1720131457_35246bb8a1f83911dd164ddc0a196a113164a7cb9df5bec76b24f0d7ce0988ce&browser-info=pv%3A1%3Aar%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A1%3Als%3A1007652602521%3Ahid%3A720872481%3Az%3A120%3Ai%3A20240705001737%3Aet%3A1720131457%3Ac%3A1%3Arn%3A770706132%3Arqn%3A1%3Au%3A1720131456441932586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2574%3Awv%3A2%3Ads%3A10%2C49%2C147%2C1%2C1543%2C0%2C%2C312%2C0%2C3924%2C3924%2C4%2C2515%3Aco%3A0%3Acpf%3A1%3Ans%3A1720131452961%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720131457%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C!&t=gdpr(14)mc(h-1)clc(0-0-0)rqnt(1)lt(53000)aw(1)rcm(1)cdl(na)eco(23134724)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nataliedate.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:17:37 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 04-Jul-2024 22:17:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://nataliedate.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 22:17:37 GMT
anchor
www.google.com/recaptcha/api2/ Frame C9E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=%3C%25%3D%20htmlWebpackPlugin.options.googleRecaptchaKey%20%25%3E&co=aHR0cHM6Ly9uYXRhbGllZGF0ZS5jb206NDQz&hl=ru&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=sewd0mboeo40
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__ru.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ssye9Fioi22M02fMn9T7Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nataliedate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ssye9Fioi22M02fMn9T7Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 22:17:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| detectMob function| getLinkId function| winLoad function| fingerprint undefined| p object| webpackChunk object| dataLayer function| gtag function| ym object| __SENTRY__ function| SwiperElementRegisterParams object| core function| addVisibilityChangeEventListener function| onAppEvent function| onGoogleApiRequestEvent function| onrecapLoadedCallback function| _onReCaptchaChange function| _onReCaptchaExpired object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| google_tag_manager object| google_tag_data object| regeneratorRuntime object| ccConsole function| getBrowserFingerprint boolean| ccinstalled object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Ya object| yaCounter56799835 object| recaptcha object| closure_lm_24811

37 Cookies

Domain/Path Name / Value
pploading.ru/ Name: ceb6b355c65c1ee318991aead0f652e4
Value: ceb6b355c65c1ee318991aead0f652e4
pploading.ru/ Name: ce1ae764c9e18e1834327d4000da5e21
Value: 2c17c6393771ee3_25d0deaa576f0f9ea41ece6467aba96f
flclicks.ru/ Name: PHPSESSID
Value: 8b61b8620b254415b1ebf3c6a0147557
flclicks.ru/ Name: csid3
Value: 8b61b8620b254415b1ebf3c6a0147557
o2.connectivity.ru/ Name: uclick
Value: zwbgb7d5
o2.connectivity.ru/ Name: uclickhash
Value: zwbgb7d5-zwbgb7d5-8r-k2ej-7suo-oc8p-ocxo-9a8716
.storader.com/ Name: uid
Value: a7d112f766871f7e74928119499929
.tiktok.com/ Name: _ttp
Value: 2infqiYUIUjeJaV4lz2BqR73ib4
.nataliedate.com/ Name: _fbp
Value: fb.1.1720131455603.597248778821396659
mc.yandex.ru/ Name: yabs-sid
Value: 2601401701720131455
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.nataliedate.com/ Name: _tt_enable_cookie
Value: 1
.nataliedate.com/ Name: _ttp
Value: mjUqfOoP6_eBMQWF3kVwVRO9BtJ
.yandex.ru/ Name: yashr
Value: 5284851911720131455
.nataliedate.com/ Name: _ym_uid
Value: 1720131456441932586
.nataliedate.com/ Name: _ym_d
Value: 1720131456
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2105952667fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.yandex.com/ Name: i
Value: qWuMwveq3UER5vJlQAFCuOfAnuWv6RyjvxpwzMHggo3RBzmWiAD0hV38n2lwG3SmJqZ+six39jKW2nBdsjufQ8iIX4Q=
.yandex.com/ Name: yandexuid
Value: 5737924681720131455
.yandex.com/ Name: yashr
Value: 454467841720131455
.nataliedate.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2847867597fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 5737924681720131455
.yandex.ru/ Name: yuidss
Value: 5737924681720131455
.yandex.ru/ Name: i
Value: qWuMwveq3UER5vJlQAFCuOfAnuWv6RyjvxpwzMHggo3RBzmWiAD0hV38n2lwG3SmJqZ+six39jKW2nBdsjufQ8iIX4Q=
.yandex.ru/ Name: yp
Value: 1720217856.yu.8034658061720131455
.yandex.ru/ Name: ymex
Value: 1722723456.oyu.8034658061720131455#1751667455.yrts.1720131455#1751667455.yrtsi.1720131455
mc.yandex.com/ Name: yabs-sid
Value: 274284101720131456
.yandex.com/ Name: yuidss
Value: 5737924681720131455
.yandex.com/ Name: ymex
Value: 1751667456.yrts.1720131456
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjEyNiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTI2IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMjYiIg==
.nataliedate.com/ Name: _ym_visorc
Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afclick.ru
analytics.tiktok.com
connect.facebook.net
dscdn.azureedge.net
flclicks.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
monitor.clickcease.com
nataliedate.com
o2.connectivity.ru
pploading.ru
storader.com
www.clickcease.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.185.132
172.67.136.137
188.114.96.3
23.213.161.219
2600:9000:2662:5600:15:a0d3:77c0:93a1
2620:1ec:bdf::60
2a00:1450:4001:811::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a01:111:f100:a004::bfeb:8c20
2a02:6b8::1:119
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
31.133.223.170
5.200.60.24
78.47.114.118
01897222cb646d05ba2e985322e32cd3ffaad6e80c155e9beb300c62ea732706
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1
1e4ff359c9b864b3cfb70daf88b40a10a9749ab87968eeebbf475061822e65bd
1eeebec8674a4a87ba03cb60b55f67e6d856c5978efd27321c3a17ad8133b86b
205824ea5ce46798e73b097ae38ad38d3b933593ee73cc8b982fd36807028ad1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
53f3ee2b59be4d889f02d64811ffca831ab8647dd470fccd0c79069d58e98722
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
66b479013795b56ddb0748d33cdd729f7b421afac6067d62fcad1ba262b0ae52
6a982d74decb15e76c0638a1e5324c0a2c9868111de38257e9ce06518e916d36
6c1ee2bcc93d872529a14eb6b2a5b78bcdbd653f5f0e608af08a4f2e8f287899
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
83a7e7968f899411b08cca26b0b071cbfc7048a738d629cbde527110dd243413
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
99e8b220cb593531e4d6e711390bd9616345178ca075a51a27057f006737df54
a2d1e593286d963a1bb1f9ce468c35b1f3022dfb77c7b7f6de5fa3f5accc5eeb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaa2f47031d61bd3e2214d90d91a91c63c088a9f0f16b88783b5a490e75c705f
b0aaea6781ef41ac65f788c9341d269690b58dd96320fe49857efac61e57e3a7
b63097a6cbae56a39e86dbe271edf6caaafd1ae5159e94e69da883d9002ecce7
b6690599d0afbb218c2c1d3cb4136cdaa9e926e4f7ebdf8e583a893defc3ca13
c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a
c2b4a94e4a8fba97aededdc0743120c93b70d37239bcddf06915057ec48ba9eb
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dd1b00c897d1d189c81a26e69e4be530b7719fd96948d70a55e8dc49868cff78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9835c2f3dbe0524c497fd4f8f22b496ca20416367bafa293fea0e24eda8312c
f1507ca36403eb95931732a8bbf1e75f901b9472b251d4f41605ed7e510c6179
f8ec7711567669ddcd7e7b165a1600d0e7a4b91eb18ac53d2428076fa9b2de0c
fbaf51380c75cba8b6a8ac141417446ea974c2af8738d093be3d6c1b49932d0e