urlscan.io logo urlscan.io
SecurityTrails logo

es07.1ondate.com Open in urlscan Pro
2606:4700:3030::6815:2b95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tkr.1ondate.com/cool.php?key=j3rh2gypl9v3k0bsigpt&externalid={ACLID}&c1={BidValue}&c2={SiteName}&c3={AdID}&c4={B...
Effective URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Submission: On December 05 via manual from TW — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3030::6815:2b95, located in United States and belongs to CLOUDFLARENET, US. The main domain is es07.1ondate.com.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.
This is the only time es07.1ondate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 37.27.181.162 24940 (HETZNER-A...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
5 172.67.180.162 13335 (CLOUDFLAR...)
3 157.90.33.121 24940 (HETZNER-A...)
2 157.90.33.72 24940 (HETZNER-A...)
15 5
1    37.27.181.162 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.162.181.27.37.clients.your-server.de
tkr.1ondate.com
4    2606:4700:3030::6815:2b95 (United States)

ASN13335 (CLOUDFLARENET, US)
es07.1ondate.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
5    172.67.180.162 (United States)

ASN13335 (CLOUDFLARENET, US)
es07.1ondate.com
3    157.90.33.121 (Ismaning, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: sub4.1push.io
sdk4push.com
2    157.90.33.72 (Ismaning, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: sub2.1push.io
uidsync.net
Apex Domain
Subdomains		 Transfer
10 1ondate.com
tkr.1ondate.com
es07.1ondate.com
4 MB
3 sdk4push.com
sdk4push.com — Cisco Umbrella Rank: 177612
15 KB
2 uidsync.net
uidsync.net — Cisco Umbrella Rank: 54417
707 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
15 4
Domain Requested by
9 es07.1ondate.com es07.1ondate.com
3 sdk4push.com es07.1ondate.com
sdk4push.com
2 uidsync.net sdk4push.com
1 code.jquery.com es07.1ondate.com
1 tkr.1ondate.com 1 redirects
15 5

This site contains links to these domains. Also see Links.

Domain
tkr.1ondate.com
Subject Issuer Validity Valid
es07.1ondate.com
WE1		 2024-10-17 -
2025-01-15		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
sdk4push.com
R10		 2024-10-07 -
2025-01-05		 3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-30 -
2025-01-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Frame ID: DFBC04500AD0E1738094E8B62E65D13C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secret Flirt

Page URL History Show full URLs

  1. https://tkr.1ondate.com/cool.php?key=j3rh2gypl9v3k0bsigpt&externalid={ACLID}&c1={BidValue}&c2={SiteN... HTTP 302
    https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

4238 kB
Transfer

4338 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tkr.1ondate.com/cool.php?key=j3rh2gypl9v3k0bsigpt&externalid={ACLID}&c1={BidValue}&c2={SiteName}&c3={AdID}&c4={BanID}&c5={BanName}&c6={CampaignID}&c7={Location}&c8={SpotName}&c9={BidValue} HTTP 302
    https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
es07.1ondate.com/
Redirect Chain
  • https://tkr.1ondate.com/cool.php?key=j3rh2gypl9v3k0bsigpt&externalid={ACLID}&c1={BidValue}&c2={SiteName}&c3={AdID}&c4={BanID}&c5={BanName}&c6={CampaignID}&c7={Location}&c8={SpotName}&c9={BidValue}
  • https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a12d0d5c50992152450e6ea4cd2fc01939bdd235569355522331ec75b58ebf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ed512d8bff2ed98-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 05 Dec 2024 15:29:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jdltf24%2Fu%2FQkxLiPOjBvj9qDNODya8vsOHVvaN%2Bc0si79ObiAiQS3c6Zboz6G8K%2Btj7lsRAPoO5eCcfGmH2n%2BwCBjk6Dao9fzLQ6SYZC5XJWdbPoGfXM4Oo1CP5VhxZgV%2FShfCAcUeWAask0z4S"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=31117&min_rtt=30872&rtt_var=5069&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3980&recv_bytes=2405&delivery_rate=125779&cwnd=253&unsent_bytes=0&cid=86f32b8c11f218d0&ts=189&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Dec 2024 15:29:46 GMT
Location
https://es07.1ondate.com?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Server
nginx/1.26.2
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
main.css
es07.1ondate.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://es07.1ondate.com/css/main.css
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2dfb1dc017e6c6078c221bb71b93802b7256e7005c85d893f627d7ade5e528d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"2c9942ad3406a1664f796b2f662986a1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hs92G00wNydODLbkLPgk%2FIPfFGZQ1I5Xfe1y5FiH%2B%2BJpuO3TwrxBNPNMpmKGWmPTdk4izCQQovTmUqdH8GaACRbYfGOtRec1qaFStUx5d0WG9cLiSgGtTfg4UevVXUFzznPE"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=31123&min_rtt=30872&rtt_var=2861&sent=36&recv=16&lost=0&retrans=0&sent_bytes=26111&recv_bytes=2767&delivery_rate=166463&cwnd=257&unsent_bytes=0&cid=86f32b8c11f218d0&ts=263&x=0"
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512d9ebc6ed98-MXP
access-control-allow-origin
*
server
cloudflare
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
1935877
x-cache
HIT, HIT
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
437389, 37093
x-served-by
cache-lga21931-LGA, cache-mxp6982-MXP
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1733412587.615004,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
mujeres.png
es07.1ondate.com/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es07.1ondate.com/images/mujeres.png
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af11446d696a3e01e814554d3727996736a47896a4e371e1d14378f3a7476a13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

cf-cache-status
REVALIDATED
etag
"13cc708a6634577a4d6323c3da85867f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddMV8yzP2MCHJhAX5umXgL%2FZ9QeJnM6AOyuF01qtNhAnuSouceb5RWnWnX55yYcWVIjAUnzJLmGrO1HrEJuksNJXFQcZlI34DVgCqkqEkRB3ozN6dHvf809Tn%2ByhlT%2F1lDZx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=31123&min_rtt=30872&rtt_var=2861&sent=41&recv=16&lost=0&retrans=0&sent_bytes=28104&recv_bytes=2767&delivery_rate=166463&cwnd=257&unsent_bytes=0&cid=86f32b8c11f218d0&ts=268&x=0"
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512d9ebc9ed98-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
26012
server
cloudflare
lat1.jpg
es07.1ondate.com/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es07.1ondate.com/images/lat1.jpg
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
739656747678b0a133a1650f09cb07cfb13ed169130378d967e20ff956f25ee3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

cf-cache-status
REVALIDATED
etag
"2b6ab225177019029150224563c8d59f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1Mmdd%2BH8OYLk5RiFzmrbVks1A1mtl9OyFT0SC2YBdDUdaFeeAO6BO6zZQXB3a6AZImbEAlplt0%2B73B82hxz5CfuYiiI5x6famt1Mt9by8MpPiKTE7UU38qayu23oDcK3bi5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=31123&min_rtt=30872&rtt_var=2861&sent=15&recv=16&lost=0&retrans=0&sent_bytes=6321&recv_bytes=2767&delivery_rate=166463&cwnd=257&unsent_bytes=0&cid=86f32b8c11f218d0&ts=261&x=0"
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512d9ebcbed98-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
18916
server
cloudflare
lat2.jpg
es07.1ondate.com/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es07.1ondate.com/images/lat2.jpg
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7833c3d223a317dc5d4edb6f8a984b63b6a0048b56b83c6f096f782b9588c19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

cf-cache-status
MISS
etag
"b45c3be95efaf990948f432d38fec3d9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HHwOUP3BJE6Q%2F4jiZ4SKcplMJ6pn0plK9YVLJ1iv01pNgePLCfVO1h2jV1IEx5Wbt4P1O8XJcB92EMSKZWhvnlkdtGLPEo%2B2NB1u5nlFWfM%2BHssHwiV8%2Fws6GrkghFrxQbdB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51855&min_rtt=49603&rtt_var=11924&sent=25&recv=13&lost=0&retrans=0&sent_bytes=16275&recv_bytes=5640&delivery_rate=369&cwnd=12000&unsent_bytes=0&cid=8582ce09478c70dd&ts=394&x=1", cfHdrFlush;dur=18
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512da6bb0fba5-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
26674
server
cloudflare
lat3.jpg
es07.1ondate.com/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es07.1ondate.com/images/lat3.jpg
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6a72ec302c3b331f10c49c4f5d0205969b13831dfbfd6952208058bae32fac6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

cf-cache-status
MISS
etag
"2a4d674b1f7016940b4dea14b376d135"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmCzgWm1GENhUN%2FwyYAUmWQf%2BHJUECc4WswkikOUXfbhlPHuevSqplcs0vl1sxaPUQH8xSMwI5pe8cSPCxQdhhUKuDlDDw%2F6l2apwD%2Bb0UrHu2dt%2B4jduXSm4dY96j3Pwm5e"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51855&min_rtt=49603&rtt_var=11924&sent=16&recv=13&lost=0&retrans=0&sent_bytes=5886&recv_bytes=5640&delivery_rate=369&cwnd=12000&unsent_bytes=0&cid=8582ce09478c70dd&ts=367&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512da6bd1fba5-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
17749
server
cloudflare
image04.gif
es07.1ondate.com/images/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es07.1ondate.com/images/image04.gif
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7462a60a2212d1f31e3a25e9d86d054a0982532e5889d5678109064b924b2e46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

cf-cache-status
MISS
etag
"a24ad5dd05ea7e6f6e49df25c431a6fb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IvPV6VZV9YNOdVA9EB1YCYiSLeOPVZVs%2BYg0AQX3QcQSBoDUXnJtdhrZZ2hX3Y5hq5HZeMOn241BQRhXyGidCnLWi19Q%2BvnHpOU76%2FSJgtFUER6r%2B3zvzfer%2BEzZmw0C5FyU"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=60384&min_rtt=49603&rtt_var=11190&sent=59&recv=36&lost=0&retrans=0&sent_bytes=52747&recv_bytes=6636&delivery_rate=366458&cwnd=39600&unsent_bytes=0&cid=8582ce09478c70dd&ts=988&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 15:29:47 GMT
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512dabcd6fba5-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
4190474
server
cloudflare
main.js
es07.1ondate.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://es07.1ondate.com/js/main.js
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d300958eabc283ad7f0b34397805f72855811ef56b5d5a6d99762f0cbe8b57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"b1c18fd6bbe0901b8c41b48ae9714172"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7o7cF8NfY%2BQCcZdAE1wYutP%2FMfCK44oJiWm3sWjPTVIpFMOPzljSyMARELcb2wlGX0FZFZ3TDwO57xXid9vKcPyVdI2mXhYa19RV8xZRRs1Lpo4qCKdp8YVfH0x%2BmeW6o20r"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51855&min_rtt=49603&rtt_var=11924&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4275&recv_bytes=5640&delivery_rate=369&cwnd=12000&unsent_bytes=0&cid=8582ce09478c70dd&ts=361&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512dabcdafba5-AMS
access-control-allow-origin
*
server
cloudflare
sdk.js
sdk4push.com/f/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk4push.com/f/sdk.js?z=1238026
Requested by
Host: es07.1ondate.com
URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
sub4.1push.io
Software
Angie /
Resource Hash
f18030a4b480e7262dd6965cdeb5d1b5d9067bc9cc5e5cc2035dc52b4be2ac11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/

Response headers

cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
content-length
14488
content-encoding
gzip
date
Thu, 05 Dec 2024 15:29:46 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
Angie
event
sdk4push.com/ 		0
527 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk4push.com/event?z=1238026
Requested by
Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1238026
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
sub4.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://es07.1ondate.com/

Response headers

access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin
https://es07.1ondate.com
content-length
0
date
Thu, 05 Dec 2024 15:29:46 GMT
server
Angie
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
sync
uidsync.net/ 		62 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=rTT0IomaVb8Hzm2nE237gT
Requested by
Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1238026
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.72 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
sub2.1push.io
Software
Angie /
Resource Hash
c1ef11106acfb0dbfd1e7d642a4a1795ccf47c50ce47154fd35f1373c8e3f74c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://es07.1ondate.com/

Response headers

access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin
https://es07.1ondate.com
content-length
62
date
Thu, 05 Dec 2024 15:29:47 GMT
content-type
application/json; charset=utf-8
server
Angie
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
sync
uidsync.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=rTT0IomaVb8Hzm2nE237gT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.72 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
sub2.1push.io
Software
Angie /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://es07.1ondate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://es07.1ondate.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Thu, 05 Dec 2024 15:29:46 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
Angie
favicon.png
es07.1ondate.com/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://es07.1ondate.com/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a12d0d5c50992152450e6ea4cd2fc01939bdd235569355522331ec75b58ebf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba

Response headers

content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wg1NfnIHvr9m1KXgsYJ2qObHFv1hNTkNbR%2BWKWX6SpFdd2lhO4mTd46UJVELTvSWKVpOtttPsi4HLCm%2FtQoP%2FI2Espn4ZNgFmLhOClrvYLjEhmOiB2p2HS2HqWvVOuDNKbDH"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51832&min_rtt=49603&rtt_var=827&sent=3644&recv=416&lost=0&retrans=0&sent_bytes=4341245&recv_bytes=24401&delivery_rate=18339901&cwnd=2028000&unsent_bytes=0&cid=8582ce09478c70dd&ts=1948&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 15:29:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 05 Dec 2024 15:29:48 GMT
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed512e44f30fba5-AMS
access-control-allow-origin
*
server
cloudflare
event
sdk4push.com/ 		0
528 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk4push.com/event?z=1238026
Requested by
Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1238026
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
sub4.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://es07.1ondate.com/

Response headers

access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin
https://es07.1ondate.com
content-length
0
date
Thu, 05 Dec 2024 15:29:48 GMT
server
Angie
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getURLParameter function| imiBB

3 Cookies

Domain/Path Name / Value
tkr.1ondate.com/ Name: uclick
Value: ususa4fe
tkr.1ondate.com/ Name: uclickhash
Value: ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba
uidsync.net/ Name: rauid
Value: rTT0IomaVb8Hzm2nE237gT

1 Console Messages

Source Level URL
Text
rendering warning URL: https://es07.1ondate.com/?uclick=ususa4fe&uclickhash=ususa4fe-ususa4fe-us6o-0-520-h9a4-whdz-47ecba(Line 4)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff