urlscan.io logo urlscan.io
SecurityTrails logo

ww38.clubdating3344.com Open in urlscan Pro
13.248.148.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://derocklist.lol/help/?1140160
Effective URL: http://ww38.clubdating3344.com/
Submission: On September 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 14 HTTP transactions. The main IP is 13.248.148.254, located in United States and belongs to AMAZON-02, US. The main domain is ww38.clubdating3344.com.
This is the only time ww38.clubdating3344.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 185.155.184.33 5398 (AS5398)
1 2 185.155.184.130 5398 (AS5398)
1 1 103.224.182.246 133618 (TRELLIAN-...)
4 13.248.148.254 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 185.53.178.30 61969 (TEAMINTER...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 8
1    2606:4700:3031::6815:43c1 (United States)

ASN13335 (CLOUDFLARENET, US)
derocklist.lol
1    2606:4700:3036::ac43:b421 (United States)

ASN13335 (CLOUDFLARENET, US)
derocklist.lol
2    185.155.184.33 (Switzerland)

ASN5398 (AS5398, CH)
terra-kuhni24.ru
2    185.155.184.130 (Switzerland)

ASN5398 (AS5398, CH)
126.heatodnut.live
1    103.224.182.246 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com
clubdating3344.com
4    13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com
ww38.clubdating3344.com
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    185.53.178.30 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
c.parkingcrew.net
1    2600:9000:2250:4600:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
Apex Domain
Subdomains		 Transfer
5 clubdating3344.com
clubdating3344.com
ww38.clubdating3344.com
9 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
111 KB
2 heatodnut.live
126.heatodnut.live
588 B
2 terra-kuhni24.ru
terra-kuhni24.ru
89 KB
2 derocklist.lol
derocklist.lol
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104
598 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
12 KB
1 parkingcrew.net
c.parkingcrew.net — Cisco Umbrella Rank: 134717
1005 B
14 8
Domain Requested by
4 ww38.clubdating3344.com 126.heatodnut.live
ww38.clubdating3344.com
3 www.google.com ww38.clubdating3344.com
www.google.com
2 126.heatodnut.live 1 redirects terra-kuhni24.ru
2 terra-kuhni24.ru derocklist.lol
terra-kuhni24.ru
2 derocklist.lol 1 redirects
1 partner.googleadservices.com www.google.com
1 d38psrni17bvxu.cloudfront.net ww38.clubdating3344.com
1 c.parkingcrew.net ww38.clubdating3344.com
1 clubdating3344.com 1 redirects
14 9

This site contains links to these domains. Also see Links.

Domain
www.above.com
Subject Issuer Validity Valid
derocklist.lol
GTS CA 1P5		 2023-07-26 -
2023-10-24		 3 months crt.sh
terra-kuhni24.ru
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
heatodnut.live
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://ww38.clubdating3344.com/
Frame ID: 57A9748391CE86A8C3B815B6E5DF6F0B
Requests: 11 HTTP requests in this frame

Frame: https://terra-kuhni24.ru/media/mainstream/cloud.html
Frame ID: 0AEC51FAC3B01BCD0C096B0A6FE6EE9A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2Fww38.clubdating3344.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGYxMmZkNDQ4NDIxfHx8MTY5MzUyODAyMC4zMDUyfDZkODU2ZDc2YjRhMjgxY2QyZjFhYWQ3NTkzMjJkZjBkNmI2MjZjMTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fGM1ZThiZDc1MzA3NzNhY2E1OTQwMzkzODJmM2ExNTY1OTY1Y2ZhYzR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&terms=Men%20Dating&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2631830028814560&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301318%2C17301320&format=r3%7Cs&nocache=5721693528020431&num=0&output=afd_ads&domain_name=ww38.clubdating3344.com&v=3&bsl=8&pac=0&u_his=3&u_tz=120&dt=1693528020432&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=560704565&uio=--&cont=tc&jsid=caf&jsv=560704565&rurl=http%3A%2F%2Fww38.clubdating3344.com%2F&adbw=master-1%3A530
Frame ID: 7254E5F64DAD921E7D1216AD3761E158
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

clubdating3344.com

Page URL History Show full URLs

  1. http://derocklist.lol/help/?1140160 HTTP 301
    https://derocklist.lol/help/?1140160 Page URL
  2. https://terra-kuhni24.ru/?u=%7A%74%32%6B%64%30%64&o=%74%37%6B%6D%35%34%37&m=1 Page URL
  3. https://126.heatodnut.live/pjmpyqbk/article126.doc?u=zt2kd0d&o=t7km547&m=1&f=1&sid=t2~graum2cf43tcwhepn... Page URL
  4. https://126.heatodnut.live/web/ HTTP 302
    https://clubdating3344.com/ HTTP 302
    http://ww38.clubdating3344.com/ Page URL

Page Statistics

14
Requests

50 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

222 kB
Transfer

416 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://derocklist.lol/help/?1140160 HTTP 301
    https://derocklist.lol/help/?1140160 Page URL
  2. https://terra-kuhni24.ru/?u=%7A%74%32%6B%64%30%64&o=%74%37%6B%6D%35%34%37&m=1 Page URL
  3. https://126.heatodnut.live/pjmpyqbk/article126.doc?u=zt2kd0d&o=t7km547&m=1&f=1&sid=t2~graum2cf43tcwhepnwl4h4tf&fp=PMG6ZthkHqyWaDr%2BjM2gnyYRZqIIMEJ%2BDQynGU%2B3gaSxkIYsdbhPaVIXNF2LWXP2a6cDxAkXs95%2BMe7X8ptBs%2F%2FYx%2FS1wzFqlH95dnf%2F%2Fs7Hxb2BB57OpJ26lCqViREGA2bEhEQSlkFI0wwwv9pHQbpR%2BOKBh3Bmht%2FaSNlpihF5cPPN%2BFqAoI2YnUHaIpKG%2BHiw9B99qXxJTkPhmk0724lNmELnL2Vbs%2F3aXMnWLKDOKcoVb8W1O5aHa7%2BVpD%2BWGWJmy69wezWZm6CSMqUj%2FvNcaza3EOsY18brmokNVFc6cnww6TRS4ea%2FwDXAfYwNRUs1RBchvnyKc%2B3lg%2FpuDE68gKtWITfyJ7R7LWxQZM4A%2FOhh8pgpdbXfOroCjUBli52JBTv%2F1SmaxHPEQc7%2BCoOhzeKZ%2BxiyEwWVhO2FYHAiizpuwfOe6zeu1gpyddiBmPlkHJ2BAxzd1tidJZ38TKFpewhD3dYNh392fkQ%2BMo4VuNNM2SR3xL%2B67HvA9XBi3gjB6iy0UXumXjrTIp7rh68Na9oksIZHwBa6CK1NBJ25hAZ6S6lJ9XtzWAxb7uL3zDAvDA3sa3PlYHlSbNSnbmw4U7COHmJhDgXHzp9LKsVsrbKRYyIJkkN54j6ZDzzEPQ0Ks9141IPuThdWTYL8QB7zEbDN8woJ2MOV6VEjH55cw7P4ts8NdYxjWp0pAHZnfqAw1OPJizuZW5tnVboHoXb0EUlzHCPzghGcbBqiqQSVJFTnRFCll05rLe%2B1DgHKwS3ymMlScy5eOrCvBsvWV8zUYkov9qTTss25mhF1MEHqvjEyYnSmL9fX2mlk%2B%2F2e2SV9eBPFIweV3Ohn3neNVClimnXeCArUhkhkhJBuDuuMDtdurwt082E0AvLJP9pu2lA0MMqaYCOeLB6VyF3UB8pZLwWtuv6uP0r06NE4ozTT3T3PiOqGQCxX1pnx5pKTSe42OA5f16MIcx7mi9alEJAcTwTr8WAknDhXCBoN04X7S4k9AJE116UgsrOUNHwc3EyKMTCCyh4L9zYPFcduboQ3y9vy0YNUXHuldln55DP47zYkGthjMYxgx9vleN4MbHT%2FuD3fzM7XqZ%2BZ0IXHzPgHOFPUfqQstWQAwuLx3tLcz9SGuo00V3bR6Cytr2AA6xKZXml0mwBeNPHW9Qlnc5Y0hahW%2FPXJx13tgGks4kOmbDXbRojuqQk9tabM0bHIIgic1LpdW4U%2FAm9YKOezwZJXgnpMUumD6yRrOEFrCfYzAEqm4fyRAkuk0iy3zjQ3k0SlQn6PeWnmsiVrhr80CiASW8Q%2Bg4lE6HQj1fT%2FZ9wDzc%2FD261AwYtUDp7TvO0C5cblyFXPX1ihy5NHCm07oEAPr6hTK%2FkhQRFKz46AMx5vmyNvM%2BqvyPBiFhiPndDnIbWasgcInCK%2BsgxgNcX94XXB9HabD%2Bvrj0cM1kZMV4HL63zBdvO%2FbZHqJ81DYPRFHFx8YDKCBMxIeMAfNMafHb4%2BHz8w6RCPqlKzAZbdWbsgpRAFypm%2F4FDX9y5QzKVErAonjnsiM37HoGNjRJhkmuvNR52rz7y2ZzOetv%2Fj2bAUnQi%2BRO8K%2BmU4rckQFjYzi1B66%2Bcl%2BbCVRHXGguB2ASTTLSFjckrGaQdODOQvUCSvEnuuLgmkpTe3LtSCJ%2BeBCcYM6LqRCeJXrxQsK5zzHhUp5lukX%2Fl38GEv%2BkNtA8FEfV9VQwQSjzkSVO4EHvAJrLNnbx7k5CpVdk%2FF8KOs9NJxl308a0PbwfcBRNLSd%2FMrhjwPXmiLRSVKuoWD1fmUw3HbehefHYduAKL2HMbKTcj0JuGL0XZogOM0%2FcbOIH8BkDp9Irc1zd1h5sxH54zY6ToFLHpVcqjC9%2FSK2uyimCjaOBqiBCK%2FtwHqabskmQPgiYN1a3Hs%2Bs5W3UyKVAhgjuUH8nGXfKA%2B6THQwacWXJQwDJCfOPHutsylyNrbY%2FtN5Xo%2Beczy5tNY7EycJom2VkNkGo2G1ZYGahbaZkjuBsdIWhWgf1YVY3D5JJWtot0%3D Page URL
  4. https://126.heatodnut.live/web/ HTTP 302
    https://clubdating3344.com/ HTTP 302
    http://ww38.clubdating3344.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://derocklist.lol/help/?1140160 HTTP 301
  • https://derocklist.lol/help/?1140160

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
derocklist.lol/help/
Redirect Chain
  • http://derocklist.lol/help/?1140160
  • https://derocklist.lol/help/?1140160
569 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://derocklist.lol/help/?1140160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f298f8496fc86addae9e930c373a22b001dbb6feea552c22a0d88a0825dce31d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ff96278ae3b30c4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 00:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FIV%2FDXDnxEt2I0QzGAbUqUTMWbDQzU0Pn%2Byn1QKwPuUbI%2B0%2Fd%2FqAT0SE%2BfDxq2A2ocoNvVuJ9pkdh%2FlN9edA75vQnqi4IiptEORUeFMBuLqsLAGvlUnteowZAEObJmKe4aHNkAzWOVI%2FsywEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
7ff962786faa1e62-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 01 Sep 2023 00:26:56 GMT
Expires
Fri, 01 Sep 2023 01:26:56 GMT
Location
https://derocklist.lol/help/?1140160
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcHnHihX34yfJiiKRfYvSqCRSp%2BWYpWP6eGLwk9Ei2dDtNZzgS3qL5MJkSEsvXm8jwnbtUsMqEIcmzPP0IcJc0cFUcgYMrluzi2xZnwfe2DmPcc8801FQgzY5hR96h1h%2BX6lBsgv0yXas9%2B9XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
/
terra-kuhni24.ru/ 		87 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://terra-kuhni24.ru/?u=%7A%74%32%6B%64%30%64&o=%74%37%6B%6D%35%34%37&m=1
Requested by
Host: derocklist.lol
URL: https://derocklist.lol/help/?1140160
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.33 , Switzerland, ASN5398 (AS5398, CH),
Reverse DNS
Software
nginx /
Resource Hash
b5ef47fa146c8c6b59eb3e70634960be7c8873dae3f2b2ab21986c22c06e150d

Request headers

Referer
https://derocklist.lol/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
89490
Content-Type
text/html
Date
Fri, 01 Sep 2023 00:26:57 GMT
Server
nginx
cache-control
private
cloud.html
terra-kuhni24.ru/media/mainstream/ Frame 0AEC 		39 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://terra-kuhni24.ru/media/mainstream/cloud.html
Requested by
Host: terra-kuhni24.ru
URL: https://terra-kuhni24.ru/?u=%7A%74%32%6B%64%30%64&o=%74%37%6B%6D%35%34%37&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.33 , Switzerland, ASN5398 (AS5398, CH),
Reverse DNS
Software
nginx /
Resource Hash
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://terra-kuhni24.ru/?u=%7A%74%32%6B%64%30%64&o=%74%37%6B%6D%35%34%37&m=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=31536000 no-transform
Connection
keep-alive
Content-Length
39
Content-Security-Policy
block-all-mixed-content
Content-Type
text/html
Date
Fri, 01 Sep 2023 00:26:57 GMT
ETag
"086707e4369f60afedcafb16050a7618"
Expires
Sat, 31 Aug 2024 00:26:57 GMT
Last-Modified
Sun, 13 Aug 2023 20:44:50 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Accept-Encoding
X-Amz-Request-Id
17809DC6C6619A8E
X-Content-Type-Options
nosniff
X-Xss-Protection
1; mode=block
x-amz-meta-mc-attrs
atime:1691959490#8576945/gid:0/gname:root/mode:33188/mtime:1691959490#8576945/uid:0/uname:root
x-amz-meta-mm-source-mtime
2023-08-13T20:44:50.035Z
article126.doc
126.heatodnut.live/pjmpyqbk/ 		140 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://126.heatodnut.live/pjmpyqbk/article126.doc?u=zt2kd0d&o=t7km547&m=1&f=1&sid=t2~graum2cf43tcwhepnwl4h4tf&fp=PMG6ZthkHqyWaDr%2BjM2gnyYRZqIIMEJ%2BDQynGU%2B3gaSxkIYsdbhPaVIXNF2LWXP2a6cDxAkXs95%2BMe7X8ptBs%2F%2FYx%2FS1wzFqlH95dnf%2F%2Fs7Hxb2BB57OpJ26lCqViREGA2bEhEQSlkFI0wwwv9pHQbpR%2BOKBh3Bmht%2FaSNlpihF5cPPN%2BFqAoI2YnUHaIpKG%2BHiw9B99qXxJTkPhmk0724lNmELnL2Vbs%2F3aXMnWLKDOKcoVb8W1O5aHa7%2BVpD%2BWGWJmy69wezWZm6CSMqUj%2FvNcaza3EOsY18brmokNVFc6cnww6TRS4ea%2FwDXAfYwNRUs1RBchvnyKc%2B3lg%2FpuDE68gKtWITfyJ7R7LWxQZM4A%2FOhh8pgpdbXfOroCjUBli52JBTv%2F1SmaxHPEQc7%2BCoOhzeKZ%2BxiyEwWVhO2FYHAiizpuwfOe6zeu1gpyddiBmPlkHJ2BAxzd1tidJZ38TKFpewhD3dYNh392fkQ%2BMo4VuNNM2SR3xL%2B67HvA9XBi3gjB6iy0UXumXjrTIp7rh68Na9oksIZHwBa6CK1NBJ25hAZ6S6lJ9XtzWAxb7uL3zDAvDA3sa3PlYHlSbNSnbmw4U7COHmJhDgXHzp9LKsVsrbKRYyIJkkN54j6ZDzzEPQ0Ks9141IPuThdWTYL8QB7zEbDN8woJ2MOV6VEjH55cw7P4ts8NdYxjWp0pAHZnfqAw1OPJizuZW5tnVboHoXb0EUlzHCPzghGcbBqiqQSVJFTnRFCll05rLe%2B1DgHKwS3ymMlScy5eOrCvBsvWV8zUYkov9qTTss25mhF1MEHqvjEyYnSmL9fX2mlk%2B%2F2e2SV9eBPFIweV3Ohn3neNVClimnXeCArUhkhkhJBuDuuMDtdurwt082E0AvLJP9pu2lA0MMqaYCOeLB6VyF3UB8pZLwWtuv6uP0r06NE4ozTT3T3PiOqGQCxX1pnx5pKTSe42OA5f16MIcx7mi9alEJAcTwTr8WAknDhXCBoN04X7S4k9AJE116UgsrOUNHwc3EyKMTCCyh4L9zYPFcduboQ3y9vy0YNUXHuldln55DP47zYkGthjMYxgx9vleN4MbHT%2FuD3fzM7XqZ%2BZ0IXHzPgHOFPUfqQstWQAwuLx3tLcz9SGuo00V3bR6Cytr2AA6xKZXml0mwBeNPHW9Qlnc5Y0hahW%2FPXJx13tgGks4kOmbDXbRojuqQk9tabM0bHIIgic1LpdW4U%2FAm9YKOezwZJXgnpMUumD6yRrOEFrCfYzAEqm4fyRAkuk0iy3zjQ3k0SlQn6PeWnmsiVrhr80CiASW8Q%2Bg4lE6HQj1fT%2FZ9wDzc%2FD261AwYtUDp7TvO0C5cblyFXPX1ihy5NHCm07oEAPr6hTK%2FkhQRFKz46AMx5vmyNvM%2BqvyPBiFhiPndDnIbWasgcInCK%2BsgxgNcX94XXB9HabD%2Bvrj0cM1kZMV4HL63zBdvO%2FbZHqJ81DYPRFHFx8YDKCBMxIeMAfNMafHb4%2BHz8w6RCPqlKzAZbdWbsgpRAFypm%2F4FDX9y5QzKVErAonjnsiM37HoGNjRJhkmuvNR52rz7y2ZzOetv%2Fj2bAUnQi%2BRO8K%2BmU4rckQFjYzi1B66%2Bcl%2BbCVRHXGguB2ASTTLSFjckrGaQdODOQvUCSvEnuuLgmkpTe3LtSCJ%2BeBCcYM6LqRCeJXrxQsK5zzHhUp5lukX%2Fl38GEv%2BkNtA8FEfV9VQwQSjzkSVO4EHvAJrLNnbx7k5CpVdk%2FF8KOs9NJxl308a0PbwfcBRNLSd%2FMrhjwPXmiLRSVKuoWD1fmUw3HbehefHYduAKL2HMbKTcj0JuGL0XZogOM0%2FcbOIH8BkDp9Irc1zd1h5sxH54zY6ToFLHpVcqjC9%2FSK2uyimCjaOBqiBCK%2FtwHqabskmQPgiYN1a3Hs%2Bs5W3UyKVAhgjuUH8nGXfKA%2B6THQwacWXJQwDJCfOPHutsylyNrbY%2FtN5Xo%2Beczy5tNY7EycJom2VkNkGo2G1ZYGahbaZkjuBsdIWhWgf1YVY3D5JJWtot0%3D
Requested by
Host: terra-kuhni24.ru
URL: https://terra-kuhni24.ru/?u=%7A%74%32%6B%64%30%64&o=%74%37%6B%6D%35%34%37&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.130 , Switzerland, ASN5398 (AS5398, CH),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://terra-kuhni24.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
140
Content-Type
text/html
Date
Fri, 01 Sep 2023 00:26:58 GMT
Server
openresty
cache-control
private
Primary Request /
ww38.clubdating3344.com/
Redirect Chain
  • https://126.heatodnut.live/web/
  • https://clubdating3344.com/
  • http://ww38.clubdating3344.com/
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww38.clubdating3344.com/
Requested by
Host: 126.heatodnut.live
URL: https://126.heatodnut.live/pjmpyqbk/article126.doc?u=zt2kd0d&o=t7km547&m=1&f=1&sid=t2~graum2cf43tcwhepnwl4h4tf&fp=PMG6ZthkHqyWaDr%2BjM2gnyYRZqIIMEJ%2BDQynGU%2B3gaSxkIYsdbhPaVIXNF2LWXP2a6cDxAkXs95%2BMe7X8ptBs%2F%2FYx%2FS1wzFqlH95dnf%2F%2Fs7Hxb2BB57OpJ26lCqViREGA2bEhEQSlkFI0wwwv9pHQbpR%2BOKBh3Bmht%2FaSNlpihF5cPPN%2BFqAoI2YnUHaIpKG%2BHiw9B99qXxJTkPhmk0724lNmELnL2Vbs%2F3aXMnWLKDOKcoVb8W1O5aHa7%2BVpD%2BWGWJmy69wezWZm6CSMqUj%2FvNcaza3EOsY18brmokNVFc6cnww6TRS4ea%2FwDXAfYwNRUs1RBchvnyKc%2B3lg%2FpuDE68gKtWITfyJ7R7LWxQZM4A%2FOhh8pgpdbXfOroCjUBli52JBTv%2F1SmaxHPEQc7%2BCoOhzeKZ%2BxiyEwWVhO2FYHAiizpuwfOe6zeu1gpyddiBmPlkHJ2BAxzd1tidJZ38TKFpewhD3dYNh392fkQ%2BMo4VuNNM2SR3xL%2B67HvA9XBi3gjB6iy0UXumXjrTIp7rh68Na9oksIZHwBa6CK1NBJ25hAZ6S6lJ9XtzWAxb7uL3zDAvDA3sa3PlYHlSbNSnbmw4U7COHmJhDgXHzp9LKsVsrbKRYyIJkkN54j6ZDzzEPQ0Ks9141IPuThdWTYL8QB7zEbDN8woJ2MOV6VEjH55cw7P4ts8NdYxjWp0pAHZnfqAw1OPJizuZW5tnVboHoXb0EUlzHCPzghGcbBqiqQSVJFTnRFCll05rLe%2B1DgHKwS3ymMlScy5eOrCvBsvWV8zUYkov9qTTss25mhF1MEHqvjEyYnSmL9fX2mlk%2B%2F2e2SV9eBPFIweV3Ohn3neNVClimnXeCArUhkhkhJBuDuuMDtdurwt082E0AvLJP9pu2lA0MMqaYCOeLB6VyF3UB8pZLwWtuv6uP0r06NE4ozTT3T3PiOqGQCxX1pnx5pKTSe42OA5f16MIcx7mi9alEJAcTwTr8WAknDhXCBoN04X7S4k9AJE116UgsrOUNHwc3EyKMTCCyh4L9zYPFcduboQ3y9vy0YNUXHuldln55DP47zYkGthjMYxgx9vleN4MbHT%2FuD3fzM7XqZ%2BZ0IXHzPgHOFPUfqQstWQAwuLx3tLcz9SGuo00V3bR6Cytr2AA6xKZXml0mwBeNPHW9Qlnc5Y0hahW%2FPXJx13tgGks4kOmbDXbRojuqQk9tabM0bHIIgic1LpdW4U%2FAm9YKOezwZJXgnpMUumD6yRrOEFrCfYzAEqm4fyRAkuk0iy3zjQ3k0SlQn6PeWnmsiVrhr80CiASW8Q%2Bg4lE6HQj1fT%2FZ9wDzc%2FD261AwYtUDp7TvO0C5cblyFXPX1ihy5NHCm07oEAPr6hTK%2FkhQRFKz46AMx5vmyNvM%2BqvyPBiFhiPndDnIbWasgcInCK%2BsgxgNcX94XXB9HabD%2Bvrj0cM1kZMV4HL63zBdvO%2FbZHqJ81DYPRFHFx8YDKCBMxIeMAfNMafHb4%2BHz8w6RCPqlKzAZbdWbsgpRAFypm%2F4FDX9y5QzKVErAonjnsiM37HoGNjRJhkmuvNR52rz7y2ZzOetv%2Fj2bAUnQi%2BRO8K%2BmU4rckQFjYzi1B66%2Bcl%2BbCVRHXGguB2ASTTLSFjckrGaQdODOQvUCSvEnuuLgmkpTe3LtSCJ%2BeBCcYM6LqRCeJXrxQsK5zzHhUp5lukX%2Fl38GEv%2BkNtA8FEfV9VQwQSjzkSVO4EHvAJrLNnbx7k5CpVdk%2FF8KOs9NJxl308a0PbwfcBRNLSd%2FMrhjwPXmiLRSVKuoWD1fmUw3HbehefHYduAKL2HMbKTcj0JuGL0XZogOM0%2FcbOIH8BkDp9Irc1zd1h5sxH54zY6ToFLHpVcqjC9%2FSK2uyimCjaOBqiBCK%2FtwHqabskmQPgiYN1a3Hs%2Bs5W3UyKVAhgjuUH8nGXfKA%2B6THQwacWXJQwDJCfOPHutsylyNrbY%2FtN5Xo%2Beczy5tNY7EycJom2VkNkGo2G1ZYGahbaZkjuBsdIWhWgf1YVY3D5JJWtot0%3D
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
3d3eb250346bdc1a1a1e6d09e32e50a23c931cc1c221afaff1ccdd8f1ca9bff5

Request headers

Referer
https://126.heatodnut.live/pjmpyqbk/article126.doc?u=zt2kd0d&o=t7km547&m=1&f=1&sid=t2~graum2cf43tcwhepnwl4h4tf&fp=PMG6ZthkHqyWaDr%2BjM2gnyYRZqIIMEJ%2BDQynGU%2B3gaSxkIYsdbhPaVIXNF2LWXP2a6cDxAkXs95%2BMe7X8ptBs%2F%2FYx%2FS1wzFqlH95dnf%2F%2Fs7Hxb2BB57OpJ26lCqViREGA2bEhEQSlkFI0wwwv9pHQbpR%2BOKBh3Bmht%2FaSNlpihF5cPPN%2BFqAoI2YnUHaIpKG%2BHiw9B99qXxJTkPhmk0724lNmELnL2Vbs%2F3aXMnWLKDOKcoVb8W1O5aHa7%2BVpD%2BWGWJmy69wezWZm6CSMqUj%2FvNcaza3EOsY18brmokNVFc6cnww6TRS4ea%2FwDXAfYwNRUs1RBchvnyKc%2B3lg%2FpuDE68gKtWITfyJ7R7LWxQZM4A%2FOhh8pgpdbXfOroCjUBli52JBTv%2F1SmaxHPEQc7%2BCoOhzeKZ%2BxiyEwWVhO2FYHAiizpuwfOe6zeu1gpyddiBmPlkHJ2BAxzd1tidJZ38TKFpewhD3dYNh392fkQ%2BMo4VuNNM2SR3xL%2B67HvA9XBi3gjB6iy0UXumXjrTIp7rh68Na9oksIZHwBa6CK1NBJ25hAZ6S6lJ9XtzWAxb7uL3zDAvDA3sa3PlYHlSbNSnbmw4U7COHmJhDgXHzp9LKsVsrbKRYyIJkkN54j6ZDzzEPQ0Ks9141IPuThdWTYL8QB7zEbDN8woJ2MOV6VEjH55cw7P4ts8NdYxjWp0pAHZnfqAw1OPJizuZW5tnVboHoXb0EUlzHCPzghGcbBqiqQSVJFTnRFCll05rLe%2B1DgHKwS3ymMlScy5eOrCvBsvWV8zUYkov9qTTss25mhF1MEHqvjEyYnSmL9fX2mlk%2B%2F2e2SV9eBPFIweV3Ohn3neNVClimnXeCArUhkhkhJBuDuuMDtdurwt082E0AvLJP9pu2lA0MMqaYCOeLB6VyF3UB8pZLwWtuv6uP0r06NE4ozTT3T3PiOqGQCxX1pnx5pKTSe42OA5f16MIcx7mi9alEJAcTwTr8WAknDhXCBoN04X7S4k9AJE116UgsrOUNHwc3EyKMTCCyh4L9zYPFcduboQ3y9vy0YNUXHuldln55DP47zYkGthjMYxgx9vleN4MbHT%2FuD3fzM7XqZ%2BZ0IXHzPgHOFPUfqQstWQAwuLx3tLcz9SGuo00V3bR6Cytr2AA6xKZXml0mwBeNPHW9Qlnc5Y0hahW%2FPXJx13tgGks4kOmbDXbRojuqQk9tabM0bHIIgic1LpdW4U%2FAm9YKOezwZJXgnpMUumD6yRrOEFrCfYzAEqm4fyRAkuk0iy3zjQ3k0SlQn6PeWnmsiVrhr80CiASW8Q%2Bg4lE6HQj1fT%2FZ9wDzc%2FD261AwYtUDp7TvO0C5cblyFXPX1ihy5NHCm07oEAPr6hTK%2FkhQRFKz46AMx5vmyNvM%2BqvyPBiFhiPndDnIbWasgcInCK%2BsgxgNcX94XXB9HabD%2Bvrj0cM1kZMV4HL63zBdvO%2FbZHqJ81DYPRFHFx8YDKCBMxIeMAfNMafHb4%2BHz8w6RCPqlKzAZbdWbsgpRAFypm%2F4FDX9y5QzKVErAonjnsiM37HoGNjRJhkmuvNR52rz7y2ZzOetv%2Fj2bAUnQi%2BRO8K%2BmU4rckQFjYzi1B66%2Bcl%2BbCVRHXGguB2ASTTLSFjckrGaQdODOQvUCSvEnuuLgmkpTe3LtSCJ%2BeBCcYM6LqRCeJXrxQsK5zzHhUp5lukX%2Fl38GEv%2BkNtA8FEfV9VQwQSjzkSVO4EHvAJrLNnbx7k5CpVdk%2FF8KOs9NJxl308a0PbwfcBRNLSd%2FMrhjwPXmiLRSVKuoWD1fmUw3HbehefHYduAKL2HMbKTcj0JuGL0XZogOM0%2FcbOIH8BkDp9Irc1zd1h5sxH54zY6ToFLHpVcqjC9%2FSK2uyimCjaOBqiBCK%2FtwHqabskmQPgiYN1a3Hs%2Bs5W3UyKVAhgjuUH8nGXfKA%2B6THQwacWXJQwDJCfOPHutsylyNrbY%2FtN5Xo%2Beczy5tNY7EycJom2VkNkGo2G1ZYGahbaZkjuBsdIWhWgf1YVY3D5JJWtot0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Sep 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_P1/ucJiJNYpn6LpZIoA0pOzYiF2JmP/q7yrpoKevBAvloRt8YOQLXAAKf6TmodmMUXjrPX8WpgOHGrKLc2smPw==
X-Buckets
bucket003
X-Domain
clubdating3344.com
X-Language
german
X-Subdomain
ww38
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 00:26:59 GMT
location
http://ww38.clubdating3344.com/
server
Apache
caf.js
www.google.com/adsense/domains/ 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js?abp=1
Requested by
Host: ww38.clubdating3344.com
URL: http://ww38.clubdating3344.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b76f0a191c4a8301e235efacf7baa9e3fa3421a6dd02504dc9dbaa8fc0fa093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww38.clubdating3344.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 00:27:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"12984632727276979744"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Expires
Fri, 01 Sep 2023 00:27:00 GMT
sale_form.js
c.parkingcrew.net/scripts/ 		761 B
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
http://c.parkingcrew.net/scripts/sale_form.js
Requested by
Host: ww38.clubdating3344.com
URL: http://ww38.clubdating3344.com/
Protocol
HTTP/1.1
Server
185.53.178.30 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww38.clubdating3344.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 00:27:00 GMT
Last-Modified
Tue, 12 May 2020 14:25:52 GMT
Server
nginx
ETag
"5ebab1f0-2f9"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
761
track.php
ww38.clubdating3344.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.clubdating3344.com/track.php?domain=clubdating3344.com&toggle=browserjs&uid=MTY5MzUyODAyMC4yOTY6MjQyOTNmMDcwMjU1MDcyOGM3MThjMzczNGM2MzI2Y2I2OTllY2JkYjQ4M2ExYzY4YWM0OWUxNTlkN2MyODc1ZDo2NGYxMmZkNDQ4NDNl
Requested by
Host: ww38.clubdating3344.com
URL: http://ww38.clubdating3344.com/
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww38.clubdating3344.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 00:27:00 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by
Host: ww38.clubdating3344.com
URL: http://ww38.clubdating3344.com/
Protocol
HTTP/1.1
Server
2600:9000:2250:4600:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww38.clubdating3344.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 17:25:28 GMT
Via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Jun 2022 10:44:43 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
25292
ETag
"62b4441b-2c6f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11375
X-Amz-Cf-Id
ofklomw17XImxK7hQ5ggmUOg1L4PGiYO42v_XNCb0wXlVUWts1Er-w==
ls.php
ww38.clubdating3344.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.clubdating3344.com/ls.php?t=64f12fd4&token=c5e8bd7530773aca594039382f3a1565965cfac4
Requested by
Host: ww38.clubdating3344.com
URL: http://ww38.clubdating3344.com/
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww38.clubdating3344.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 00:27:00 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_jNNOWTbnNvdnVSevkDR8o52bwR/BEh6d5fVixOVAfgBFI8jToilq779WgRS++Er4jUcCAHGEfslt04bb/47cBg==
Connection
keep-alive
X-Log-Success
64f12fd4b14cd30e9f7f7ea2
cookie.js
partner.googleadservices.com/gampad/ 		390 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww38.clubdating3344.com&client=dp-teaminternet04_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f19b53b6155caeb925c5dbacda1922de78903053f5fecbe73ba147c2889f5f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww38.clubdating3344.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 00:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
ads
www.google.com/afs/ Frame 7254 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2Fww38.clubdating3344.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGYxMmZkNDQ4NDIxfHx8MTY5MzUyODAyMC4zMDUyfDZkODU2ZDc2YjRhMjgxY2QyZjFhYWQ3NTkzMjJkZjBkNmI2MjZjMTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fGM1ZThiZDc1MzA3NzNhY2E1OTQwMzkzODJmM2ExNTY1OTY1Y2ZhYzR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&terms=Men%20Dating&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2631830028814560&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301318%2C17301320&format=r3%7Cs&nocache=5721693528020431&num=0&output=afd_ads&domain_name=ww38.clubdating3344.com&v=3&bsl=8&pac=0&u_his=3&u_tz=120&dt=1693528020432&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=560704565&uio=--&cont=tc&jsid=caf&jsv=560704565&rurl=http%3A%2F%2Fww38.clubdating3344.com%2F&adbw=master-1%3A530
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
4ba0172e17d9ac92253d198f84454514eb2ede0e00fce4a0e45930807c8f26bd
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-d3W7lTe5i9NAV-BIHppk5w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://ww38.clubdating3344.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
1464
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-d3W7lTe5i9NAV-BIHppk5w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Fri, 01 Sep 2023 00:27:00 GMT
expires
Fri, 01 Sep 2023 00:27:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
caf.js
www.google.com/adsense/domains/ Frame 7254 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2Fww38.clubdating3344.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGYxMmZkNDQ4NDIxfHx8MTY5MzUyODAyMC4zMDUyfDZkODU2ZDc2YjRhMjgxY2QyZjFhYWQ3NTkzMjJkZjBkNmI2MjZjMTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fGM1ZThiZDc1MzA3NzNhY2E1OTQwMzkzODJmM2ExNTY1OTY1Y2ZhYzR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&terms=Men%20Dating&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2631830028814560&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301318%2C17301320&format=r3%7Cs&nocache=5721693528020431&num=0&output=afd_ads&domain_name=ww38.clubdating3344.com&v=3&bsl=8&pac=0&u_his=3&u_tz=120&dt=1693528020432&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=560704565&uio=--&cont=tc&jsid=caf&jsv=560704565&rurl=http%3A%2F%2Fww38.clubdating3344.com%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fc87ef7ccc4e6ef81783eda58a2dd5cca0f7ba63c6490085c380a5090b4333a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 00:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"16187962316882473904"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Fri, 01 Sep 2023 00:27:00 GMT
track.php
ww38.clubdating3344.com/ 		0
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.clubdating3344.com/track.php?domain=clubdating3344.com&caf=1&toggle=answercheck&answer=yes&uid=MTY5MzUyODAyMC4yOTY6MjQyOTNmMDcwMjU1MDcyOGM3MThjMzczNGM2MzI2Y2I2OTllY2JkYjQ4M2ExYzY4YWM0OWUxNTlkN2MyODc1ZDo2NGYxMmZkNDQ4NDNl
Requested by
Host: ww38.clubdating3344.com
URL: http://ww38.clubdating3344.com/
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww38.clubdating3344.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 00:27:00 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
answercheck
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| googleNDT_ number| googleAltLoader object| google function| tlink object| tcblock object| searchboxBlock boolean| isAdult object| containerNames string| uniqueTrackingID string| search string| themedata string| domain string| scriptPath string| adtest boolean| pageLoadedCallbackTriggered boolean| fallbackTriggered boolean| formerCalledArguments object| pageOptions function| x function| getXMLhttp function| ajaxQuery function| ajaxBackfill number| waitTime number| timeout number| waitStep function| listenFor1TierResponse object| xmlHttp function| loadFeed function| relatedCallback function| relatedFallback function| ls function| __sasCookie number| experimentId_

7 Cookies

Domain/Path Name / Value
derocklist.lol/ Name: 49f37c89b4c399e31962121fde8ea696
Value: 0
terra-kuhni24.ru/ Name: sid
Value: t2~graum2cf43tcwhepnwl4h4tf
terra-kuhni24.ru/ Name: p1
Value: https://heatodnut.live/pjmpyqbk/
terra-kuhni24.ru/ Name: s1
Value: 0tsdqsabshhn47ma
126.heatodnut.live/ Name: sid
Value: t4~jnog3wi1ohf0igqsvyzdvvuc
clubdating3344.com/ Name: __tad
Value: 1693528019.5026834
.clubdating3344.com/ Name: __gsas
Value: ID=7e79a9b56934ed77:T=1693528020:RT=1693528020:S=ALNI_MY51xZ9Ujt5pDO8zTUsfcp89UiVYQ

1 Console Messages

Source Level URL
Text
other warning URL: http://www.google.com/adsense/domains/caf.js?abp=1(Line 220)
Message:
Unrecognized feature: 'attribution-reporting'.