check-your-dating3.com Open in urlscan Pro
79.110.24.86 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://youngslut.newtinder.space/
Effective URL:
https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Submission: On February 26 via automatic, source certstream-suspicious (February 26th 2020, 7:50:41 pm UTC)

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 14 domains to perform 30 HTTP transactions. The main IP is 79.110.24.86, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is check-your-dating3.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 25th 2020. Valid for: 3 months.

This is the only time check-your-dating3.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.70.184.56 217.70.184.56	29169 (GANDI-AS ...) (GANDI-AS Domain name registrar - http://www.gandi.net)
1 1	2a05:d018:244... 2a05:d018:244:5200::ab	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3037::681f:43e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.101.38 172.64.101.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.111.253.247 104.111.253.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.108.54.130 104.108.54.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
14	79.110.24.86 79.110.24.86	209813 (FASTCONTENT) (FASTCONTENT)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	185.50.248.253 185.50.248.253	209813 (FASTCONTENT) (FASTCONTENT)
30	11

1 217.70.184.56 (France) 1 redirects

ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR)
PTR: webredir.gandi.net

youngslut.newtinder.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:244:5200::ab (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

abgxb.adsb4track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::681f:43e9 (United States)

ASN13335 (CLOUDFLARENET, US)

golead.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.101.38 (United States)

ASN13335 (CLOUDFLARENET, US)

auth.bitbay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.253.247 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-253-247.deploy.static.akamaitechnologies.com

www.g2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.54.130 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-54-130.deploy.static.akamaitechnologies.com

www.gearbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 79.110.24.86 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

check-your-dating3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.50.248.253 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

tdsjsext3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	check-your-dating3.com check-your-dating3.com	637 KB
3	gstatic.com fonts.gstatic.com	35 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	golead.pl golead.pl	12 KB
2	g2a.com 1 redirects www.g2a.com	747 B
1	tdsjsext3.com tdsjsext3.com	877 B
1	googleapis.com fonts.googleapis.com	952 B
1	doubleclick.net stats.g.doubleclick.net	102 B
1	gearbest.com www.gearbest.com
1	bitbay.net auth.bitbay.net
1	adsb4track.com 1 redirects abgxb.adsb4track.com	1 KB
1	newtinder.space 1 redirects youngslut.newtinder.space	111 B
0	amazon.com Failed www.amazon.com Failed
0	aliexpress.com Failed sale.aliexpress.com Failed
30	14

	Domain	Requested by
14	check-your-dating3.com	golead.pl check-your-dating3.com
3	fonts.gstatic.com	check-your-dating3.com
3	www.google-analytics.com	1 redirects golead.pl www.google-analytics.com
3	golead.pl	golead.pl
2	www.g2a.com	1 redirects golead.pl
1	tdsjsext3.com	check-your-dating3.com
1	fonts.googleapis.com	check-your-dating3.com
1	stats.g.doubleclick.net	golead.pl
1	www.gearbest.com	golead.pl
1	auth.bitbay.net	golead.pl
1	abgxb.adsb4track.com	1 redirects
1	youngslut.newtinder.space	1 redirects
0	www.amazon.com Failed	golead.pl
0	sale.aliexpress.com Failed	golead.pl
30	14

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-09` - `2020-08-08`	a year	crt.sh
www.g2a.com DigiCert SHA2 Extended Validation Server CA	`2019-09-12` - `2021-10-11`	2 years	crt.sh
*.gearbest.com DigiCert SHA2 Secure Server CA	`2019-02-09` - `2020-05-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
check-your-dating3.com Let's Encrypt Authority X3	`2020-02-25` - `2020-05-25`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
tdsjsext3.com Let's Encrypt Authority X3	`2020-01-06` - `2020-04-05`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Frame ID: 17FE8EA910C63ACC811407AEE2BD00FB
Requests: 25 HTTP requests in this frame

Frame: https://auth.bitbay.net/ref/PjUbTG
Frame ID: A5EEBFD4A30863914C2BB11B84DE8445
Requests: 1 HTTP requests in this frame

Frame: https://www.g2a.com/?reflink=user-5b2d088386a83
Frame ID: 2C368AAE16B97F4A627088E99C4AD7FB
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.com/country@null/__pc/newuser_zone.htm?tmLog=best_to_new_6181&aff_request_id=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&aff_platform=promotion&cpt=1582746624137&sk=_sOjNhm&aff_trace_key=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&terminal_id=cabc7a20500d4d69b0196dac799cad55
Frame ID: 60E1C0D2F581AC656F9BBA72B174EEB3
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=78540179
Frame ID: E9D37133E6708BE1C105532398EE539D
Requests: 1 HTTP requests in this frame

Frame: https://www.amazon.com/gp/new-releases/?ref_=assoc_tag_ph_1384415829758&_encoding=UTF8&camp=1789&creative=9325&linkCode=pf4&tag=kinoteka24-20&linkId=4a2af6cb7ab5697d5ade038e11ef661e
Frame ID: B4C530636CA150407404D8C426EF9C03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://youngslut.newtinder.space/ HTTP 301
http://abgxb.adsb4track.com/c/b27c3b1d94afab03 HTTP 302
https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584 Page URL
https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

30
Requests

93 %
HTTPS

50 %
IPv6

14
Domains

14
Subdomains

11
IPs

6
Countries

703 kB
Transfer

753 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://youngslut.newtinder.space/ HTTP 301
http://abgxb.adsb4track.com/c/b27c3b1d94afab03 HTTP 302
https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584 Page URL
https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://youngslut.newtinder.space/ HTTP 301
http://abgxb.adsb4track.com/c/b27c3b1d94afab03 HTTP 302
https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Request Chain 3

https://www.g2a.com/r/user-5b2d088386a83 HTTP 302
https://www.g2a.com/?reflink=user-5b2d088386a83

Request Chain 4

https://s.click.aliexpress.com/e/_sOjNhm HTTP 302
https://sale.aliexpress.com/new_user_channel.htm?tmLog=best_to_new_6181&aff_request_id=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&aff_platform=promotion&cpt=1582746624137&sk=_sOjNhm&aff_trace_key=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&terminal_id=cabc7a20500d4d69b0196dac799cad55 HTTP 302
https://sale.aliexpress.com/country@null/__pc/newuser_zone.htm?tmLog=best_to_new_6181&aff_request_id=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&aff_platform=promotion&cpt=1582746624137&sk=_sOjNhm&aff_trace_key=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&terminal_id=cabc7a20500d4d69b0196dac799cad55

Request Chain 6

https://amzn.to/3bSrX7f HTTP 301
https://www.amazon.com/gp/new-releases/?ref_=assoc_tag_ph_1384415829758&_encoding=UTF8&camp=1789&creative=9325&linkCode=pf4&tag=kinoteka24-20&linkId=4a2af6cb7ab5697d5ade038e11ef661e

Request Chain 9

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=178458371&t=pageview&_s=1&dl=https%3A%2F%2Fgolead.pl%2Fp%2F4e8g%2F1uIQ%2FYK57%3Ftid%3Dhyorr5e56cbffcf993656835584&ul=en-us&de=UTF-8&dt=golead.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1466115482&gjid=625458417&cid=368196635.1582746624&tid=UA-110090096-2&_gid=517212879.1582746624&_r=1&z=837679179 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=368196635.1582746624&jid=1466115482&_gid=517212879.1582746624&gjid=625458417&_v=j81&z=837679179

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

YK57 Show response
golead.pl/p/4e8g/1uIQ/
Redirect Chain

https://youngslut.newtinder.space/
http://abgxb.adsb4track.com/c/b27c3b1d94afab03
https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

2 KB
1 KB

148ms
113ms

Document
text/html

2606:4700:3037::681f:43e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9892f2151bb57a1df9b5b4c539002eb33f2d120e4eee33c875594d76b21e3bde

Request headers

:method: GET
:authority: golead.pl
:scheme: https
:path: /p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 26 Feb 2020 19:50:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6fb09888ff87b71b54d1c0d6f9e56d791582746623; expires=Fri, 27-Mar-20 19:50:23 GMT; path=/; domain=.golead.pl; HttpOnly; SameSite=Lax; Secure 675c74d5f114ba25a49fb0f4cb02f70f=675c74d5f114ba25a49fb0f4cb02f70f; expires=Thu, 25-Feb-2021 19:50:24 GMT; Max-Age=31536000; path=/; httponly
vary: Accept-Encoding
cache-control: no-cache, no-store, private
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56b4729f7c48c2e0-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Wed, 26 Feb 2020 19:50:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
Set-Cookie: unique_2702846=unique_2702846; expires=Thu, 27-Feb-2020 19:50:23 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e56cbffcf997938047600; expires=Thu, 27-Feb-2020 19:50:23 GMT; Max-Age=86400; path=/; HttpOnly unique_2702846=unique_2702846; expires=Thu, 27-Feb-2020 19:50:23 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e56cbffcf997938047600; expires=Thu, 27-Feb-2020 19:50:23 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=507679; expires=Fri, 27-Mar-2020 19:50:23 GMT; Max-Age=2592000; path=/; HttpOnly unique_2702846=unique_2702846; expires=Thu, 27-Feb-2020 19:50:23 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e56cbffcf997938047600; expires=Thu, 27-Feb-2020 19:50:23 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=507679; expires=Fri, 27-Mar-2020 19:50:23 GMT; Max-Age=2592000; path=/; HttpOnly tid=hyorr5e56cbffcf993656835584; path=/; HttpOnly
Status: 302 Found
X-Powered-By: PHP/7.0.32

GET
H2 200 24022020.min.js Show response
golead.pl/js/ 32 KB
11 KB 15ms
15ms Script
application/javascript 2606:4700:3037::681f:43e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/js/24022020.min.js
Requested by: Host: golead.pl
URL: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d72d7892710ee8f1a4f04bb6103de44139c40d28ef20f12909c504b08318e2

Request headers

Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 19:50:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2020 11:34:56 GMT
server: cloudflare
age: 648
etag: W/"5e53b4e0-7f4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 56b472a03e5bc2e0-FRA

GET
H2 200 PjUbTG
auth.bitbay.net/ref/ Frame A5EE 0
0 110ms
65ms Document
text/html 172.64.101.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/ref/PjUbTG

Requested by

Host: golead.pl
URL: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.101.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com google.com gstatic.com .gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src .bitbay.net; frame-src 'self' google.com *.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: auth.bitbay.net
:scheme: https
:path: /ref/PjUbTG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Response headers

status: 200
date: Wed, 26 Feb 2020 19:50:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbb9fbdba11b3ac7cce783b0363e29c511582746624; expires=Fri, 27-Mar-20 19:50:24 GMT; path=/; domain=.bitbay.net; HttpOnly; SameSite=Lax
vary: Accept-Encoding Accept-Encoding
last-modified: Mon, 24 Feb 2020 04:05:13 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com gstatic.com *.gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src *.bitbay.net; frame-src 'self' google.com *.google.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56b472a08ae2ee64-CDG
content-encoding: br

GET
H2

200

/
www.g2a.com/ Frame 2C36
Redirect Chain

https://www.g2a.com/r/user-5b2d088386a83
https://www.g2a.com/?reflink=user-5b2d088386a83

0
0

169ms
169ms

Document
text/html

104.111.253.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.g2a.com/?reflink=user-5b2d088386a83

Requested by

Host: golead.pl
URL: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.253.247 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-253-247.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.g2a.com
:scheme: https
:path: /?reflink=user-5b2d088386a83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: store=german; G2ACOM=a8hbfp1uq6gi89jktqothfs0n3; currency=EUR; ref_reference=8134923; xyz=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
vary: Accept-Encoding User-Agent
x-dns-prefetch-control: off
x-download-options: noopen
x-xss-protection: 1; mode=block
cache-control: no-store, must-revalidate, max-age=0
g2a-dbg: 1
etag: W/"5f278-keuGigW2ySJB792PPy4lzRatL5U"
content-encoding: gzip
x-backend: new-layout-one
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
g2a-server: am4-min01
content-length: 60340
date: Wed, 26 Feb 2020 19:50:24 GMT
set-cookie: skc=af2d4f07-0931-41bc-a6e2-c3449aab81d9-1582746624; Expires=Sat, 01 Jan 2050 00:00:00 GMT; Domain=.g2a.com; Path=/; Secure; HttpOnly cart-v2=false; Expires=Sat, 01 Jan 2050 00:00:00 GMT; Domain=.g2a.com; Path=/

Redirect headers

status: 302
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://www.g2a.com/?reflink=user-5b2d088386a83
x-robots-tag: noindex
link: <https://www.g2a.com/>; rel="canonical"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
g2a-server: am4-min01
content-length: 0
date: Wed, 26 Feb 2020 19:50:24 GMT
set-cookie: store=german; expires=Sat, 25-Jul-2020 19:50:24 GMT; Max-Age=12960000; path=/; domain=www.g2a.com; HttpOnly G2ACOM=a8hbfp1uq6gi89jktqothfs0n3; expires=Wed, 26-Feb-2020 20:50:24 GMT; Max-Age=3600; path=/; domain=www.g2a.com; secure; HttpOnly currency=EUR; expires=Fri, 27-Mar-2020 19:50:24 GMT; Max-Age=2592000; path=/; domain=www.g2a.com; secure; HttpOnly ref_reference=8134923; expires=Fri, 27-Mar-2020 19:50:24 GMT; Max-Age=2592000; path=/; domain=www.g2a.com; secure; HttpOnly xyz=9; expires=Thu, 27-Feb-2020 19:50:24 GMT; Max-Age=86400; path=/; domain=www.g2a.com; secure

GET

newuser_zone.htm
sale.aliexpress.com/country@null/__pc/ Frame 60E1
Redirect Chain

https://s.click.aliexpress.com/e/_sOjNhm
https://sale.aliexpress.com/new_user_channel.htm?tmLog=best_to_new_6181&aff_request_id=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&aff_platform=promotion&cpt=1582746624137&sk=_sOjN...
https://sale.aliexpress.com/country@null/__pc/newuser_zone.htm?tmLog=best_to_new_6181&aff_request_id=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&aff_platform=promotion&cpt=15827466...

0
0

GET
H2 200 /
www.gearbest.com/ Frame E9D3 0
0 37ms
19ms Document
text/html 104.108.54.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gearbest.com/?lkid=78540179
Requested by: Host: golead.pl
URL: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.54.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-54-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.gearbest.com
:scheme: https
:path: /?lkid=78540179
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Response headers

status: 200
content-type: text/html; charset=utf-8
x-amz-id-2: /xXvXw3Ebm3wzCSx1hWH0z2UBEfih9taRyNDwZkmSudUrhmivllZMcvbyzonPIJ3dazBE/pWGuU=
x-amz-request-id: 1CDF1E4E24DD1A05
last-modified: Wed, 26 Feb 2020 19:41:44 GMT
etag: W/"2ce1732d442405ec42b18ab3f9d92871"
access-control-allow-origin: *
access-control-allow-methods: GET, POST
ng-cache: HIT
content-encoding: gzip
content-length: 34750
cache-control: max-age=60
expires: Wed, 26 Feb 2020 19:51:24 GMT
date: Wed, 26 Feb 2020 19:50:24 GMT
vary: Accept-Encoding User-Agent
set-cookie: AKAM_CLIENTID=ea08b27a8daff01dbd726ee0a2a942e2; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Wed, 26-Feb-2020 20:50:24 GMT; path=/; domain=gearbest.com; secure; HttpOnly

GET

/
www.amazon.com/gp/new-releases/ Frame B4C5
Redirect Chain

https://amzn.to/3bSrX7f
https://www.amazon.com/gp/new-releases/?ref_=assoc_tag_ph_1384415829758&_encoding=UTF8&camp=1789&creative=9325&linkCode=pf4&tag=kinoteka24-20&linkId=4a2af6cb7ab5697d5ade038e11ef661e

0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: golead.pl
URL: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 7093
date: Wed, 26 Feb 2020 17:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 26 Feb 2020 19:52:11 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
125 B 13ms
13ms Other
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
Origin: https://golead.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 19:50:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://golead.pl
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=178458371&t=pageview&_s=1&dl=https%3A%2F%2Fgolead.pl%2Fp%2F4e8g%2F1uIQ%2FYK57%3Ftid%3Dhyorr5e56cbffcf993656835584&ul=en-us&de=UTF-8&dt=golead...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=368196635.1582746624&jid=1466115482&_gid=517212879.1582746624&gjid=625458417&_v=j81&z=837679179

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=368196635.1582746624&jid=1466115482&_gid=517212879.1582746624&gjid=625458417&_v=j81&z=837679179

Requested by

Host: golead.pl
URL: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 26 Feb 2020 19:50:24 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 19:50:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=368196635.1582746624&jid=1466115482&_gid=517212879.1582746624&gjid=625458417&_v=j81&z=837679179
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 finger
golead.pl/ 20 B
104 B 202ms
202ms XHR
application/json 2606:4700:3037::681f:43e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/finger
Requested by: Host: golead.pl
URL: https://golead.pl/js/24022020.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
Origin: https://golead.pl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Feb 2020 19:50:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-cache, private
cf-ray: 56b472a0f83ec2e0-FRA

GET
H/1.1 200
OK Primary Request Cookie set / Show response
check-your-dating3.com/ 7 KB
7 KB 117ms
25ms Document
text/html 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Requested by: Host: golead.pl
URL: https://golead.pl/js/24022020.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: ba6598bf6fa4836b2f85647d2c8cea3785642c6d3f9bfd93ccfa29ae79003078

Request headers

Host: check-your-dating3.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://golead.pl/p/4e8g/1uIQ/YK57?tid=hyorr5e56cbffcf993656835584

Response headers

Server: nginx
Date: Wed, 26 Feb 2020 19:50:24 GMT
Content-Type: text/html
Content-Length: 7214
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=cwy5awkbltcbt5dc4umgsn3n; path=/; HttpOnly ASP.NET_SessionId=cwy5awkbltcbt5dc4umgsn3n; path=/; HttpOnly s1=fxhx1puah84eah6w; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 7 KB
952 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Requested by

Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582a0dfde185c7d1741caaaeeada9050a794db2857b565602eb0dfc3ca2f7e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 19:50:24 GMT
server: ESF
date: Wed, 26 Feb 2020 19:50:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Feb 2020 19:50:24 GMT

GET
H/1.1 200
OK style.css
check-your-dating3.com/media/dating/dirtytinder/css/ 15 KB
16 KB 22ms
19ms Stylesheet
text/css 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/media/dating/dirtytinder/css/style.css
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1f12854c80afd1c18ade0a7c26f00cac5cdb917cb6ddee36bba33f00dfc50814

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:07 GMT
Server: nginx
ETag: "5def7be3-3ded"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15853

GET
H/1.1 200
OK flag-icon.css
check-your-dating3.com/util/flag-icon/css/ 40 KB
40 KB 42ms
20ms Stylesheet
text/css 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/util/flag-icon/css/flag-icon.css
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Wed, 18 Dec 2019 14:34:10 GMT
Server: nginx
ETag: "5dfa38e2-9eb3"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40627

GET
H/1.1 200
OK utils.js Show response
check-your-dating3.com/util/ 6 KB
6 KB 43ms
14ms Script
application/javascript 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/util/utils.js
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6553b488fe1ad441d7d725f9d5c17ef50a655e82fa746184c9bda4bc838dfedf

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Thu, 20 Feb 2020 15:29:50 GMT
Server: nginx
ETag: "5e4ea5ee-17df"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6111

GET
H/1.1 200
OK logo2.png
check-your-dating3.com/media/dating/dirtytinder/images/ 18 KB
18 KB 78ms
35ms Image
image/png 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check-your-dating3.com/media/dating/dirtytinder/images/logo2.png
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 67f75d375f0b2c4bedd6eb322aed8287f4af1f79ebc0b437083f719ca1b7a4a2

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:07 GMT
Server: nginx
ETag: "5def7be3-48e9"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18665

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
check-your-dating3.com/media/dating/dirtytinder/js/ 84 KB
84 KB 67ms
30ms Script
application/javascript 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/media/dating/dirtytinder/js/jquery-2.2.4.min.js
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:07 GMT
Server: nginx
ETag: "5def7be3-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85578

GET
H/1.1 200
OK trls.js Show response
check-your-dating3.com/media/dating/dirtytinder/js/ 17 KB
18 KB 19ms
19ms Script
application/javascript 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/media/dating/dirtytinder/js/trls.js
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: a600a39f1aa836e327c60dc5e25d569740a3bd10f8accc89ec2c313f74c81ed8

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:07 GMT
Server: nginx
ETag: "5def7be3-45a4"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17828

GET
H/1.1 200
OK bb.js Show response
check-your-dating3.com/media/ 1 KB
2 KB 14ms
14ms Script
application/javascript 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/media/bb.js
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:04:47 GMT
Server: nginx
ETag: "5def7bcf-533"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1331

GET
H/1.1 200
OK exit-popup.css
check-your-dating3.com/media/exit-new/ 3 KB
3 KB 46ms
18ms Stylesheet
text/css 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/media/exit-new/exit-popup.css
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:39 GMT
Server: nginx
ETag: "5def7c03-a64"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2660

GET
H/1.1 200
OK exit1.js Show response
check-your-dating3.com/media/exit-new/ 32 KB
33 KB 66ms
20ms Script
application/javascript 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-your-dating3.com/media/exit-new/exit1.js
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:39 GMT
Server: nginx
ETag: "5def7c03-81ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33198

GET
H/1.1 200
OK 1.jpg
check-your-dating3.com/media/dating/dirtytinder/images/ 142 KB
142 KB 28ms
22ms Image
image/jpeg 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check-your-dating3.com/media/dating/dirtytinder/images/1.jpg
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:07 GMT
Server: nginx
ETag: "5def7be3-23667"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144999

GET
H/1.1 200
OK 2.jpg
check-your-dating3.com/media/dating/dirtytinder/images/ 121 KB
122 KB 30ms
18ms Image
image/jpeg 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check-your-dating3.com/media/dating/dirtytinder/images/2.jpg
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:07 GMT
Server: nginx
ETag: "5def7be3-1e5f9"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124409

GET
H/1.1 200
OK 3.jpg
check-your-dating3.com/media/dating/dirtytinder/images/ 146 KB
146 KB 40ms
22ms Image
image/jpeg 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check-your-dating3.com/media/dating/dirtytinder/images/3.jpg
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:05:07 GMT
Server: nginx
ETag: "5def7be3-24781"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149377

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
Origin: https://check-your-dating3.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2972289
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
Origin: https://check-your-dating3.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:07:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 3436954
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:07:50 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: check-your-dating3.com
URL: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
Origin: https://check-your-dating3.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 00:44:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 155172
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13228
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:44:12 GMT

GET
H/1.1 200
OK getextparams Show response
tdsjsext3.com/ExtService.svc/ 578 B
877 B 153ms
102ms XHR
application/json 185.50.248.253
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://tdsjsext3.com/ExtService.svc/getextparams
Requested by: Host: check-your-dating3.com
URL: https://check-your-dating3.com/util/utils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.50.248.253 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 34c5dc7c3b602ed92ec707aae820c70bc8c0f70cdea8657cc4630b7ce48582ca

Request headers

Referer: https://check-your-dating3.com/?u=kcdweky&o=ca0pazm&cid=mlClick-jMrzsLvi&t=31394
Origin: https://check-your-dating3.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Server: nginx
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 578

GET
H/1.1 200
OK de.svg
check-your-dating3.com/util/flag-icon/flags/4x3/ 225 B
459 B 23ms
22ms Image
image/svg+xml 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check-your-dating3.com/util/flag-icon/flags/4x3/de.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: c4809b853e66ec703dddbfad86d0ef9f742e3a48c68ba520c5a9f39897a7284b

Request headers

Referer: https://check-your-dating3.com/util/flag-icon/css/flag-icon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 19:50:24 GMT
Last-Modified: Tue, 10 Dec 2019 11:04:48 GMT
Server: nginx
ETag: "5def7bd0-e1"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 225

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sale.aliexpress.com
URL: https://sale.aliexpress.com/country@null/__pc/newuser_zone.htm?tmLog=best_to_new_6181&aff_request_id=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&aff_platform=promotion&cpt=1582746624137&sk=_sOjNhm&aff_trace_key=ed062880b4a7419ca0b24127dda692d0-1582746624137-00748-_sOjNhm&terminal_id=cabc7a20500d4d69b0196dac799cad55

Domain: www.amazon.com
URL: https://www.amazon.com/gp/new-releases/?ref_=assoc_tag_ph_1384415829758&_encoding=UTF8&camp=1789&creative=9325&linkCode=pf4&tag=kinoteka24-20&linkId=4a2af6cb7ab5697d5ade038e11ef661e

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			check-your-dating3.com/	1969-12-31 23:59:59	Name: s1 Value: fxhx1puah84eah6w
			check-your-dating3.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: cwy5awkbltcbt5dc4umgsn3n

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abgxb.adsb4track.com
auth.bitbay.net
check-your-dating3.com
fonts.googleapis.com
fonts.gstatic.com
golead.pl
sale.aliexpress.com
stats.g.doubleclick.net
tdsjsext3.com
www.amazon.com
www.g2a.com
www.gearbest.com
www.google-analytics.com
youngslut.newtinder.space
sale.aliexpress.com
www.amazon.com
104.108.54.130
104.111.253.247
172.64.101.38
185.50.248.253
217.70.184.56
2606:4700:3037::681f:43e9
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c06::9a
2a05:d018:244:5200::ab
79.110.24.86
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1f12854c80afd1c18ade0a7c26f00cac5cdb917cb6ddee36bba33f00dfc50814
2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740
34c5dc7c3b602ed92ec707aae820c70bc8c0f70cdea8657cc4630b7ce48582ca
37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d
582a0dfde185c7d1741caaaeeada9050a794db2857b565602eb0dfc3ca2f7e89
5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
6553b488fe1ad441d7d725f9d5c17ef50a655e82fa746184c9bda4bc838dfedf
67f75d375f0b2c4bedd6eb322aed8287f4af1f79ebc0b437083f719ca1b7a4a2
73d72d7892710ee8f1a4f04bb6103de44139c40d28ef20f12909c504b08318e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9892f2151bb57a1df9b5b4c539002eb33f2d120e4eee33c875594d76b21e3bde
a600a39f1aa836e327c60dc5e25d569740a3bd10f8accc89ec2c313f74c81ed8
b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04
ba6598bf6fa4836b2f85647d2c8cea3785642c6d3f9bfd93ccfa29ae79003078
c4809b853e66ec703dddbfad86d0ef9f742e3a48c68ba520c5a9f39897a7284b
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29

check-your-dating3.com Open in urlscan Pro 79.110.24.86 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

50 %IPv6

14 Domains

14 Subdomains

11 IPs

6 Countries

703 kBTransfer

753 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

check-your-dating3.com Open in urlscan Pro
79.110.24.86 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

50 %
IPv6

14
Domains

14
Subdomains

11
IPs

6
Countries

703 kB
Transfer

753 kB
Size

2
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!