godatingsnow.com Open in urlscan Pro
79.110.24.155  Malicious Activity! Public Scan

Submitted URL: http://trk.anchtrk.com/aff_c?offer_id=443&aff_id=1168
Effective URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Submission: On April 15 via manual from US

Summary

This website contacted 6 IPs in 4 countries across 9 domains to perform 20 HTTP transactions. The main IP is 79.110.24.155, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is godatingsnow.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 2nd 2020. Valid for: 3 months.
This is the only time godatingsnow.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 52.49.55.7 16509 (AMAZON-02)
1 3 99.198.106.197 32475 (SINGLEHOP...)
1 1 212.32.250.31 60781 (LEASEWEB-...)
2 88.208.60.53 39572 (ADVANCEDH...)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 1 138.68.123.185 14061 (DIGITALOC...)
1 1 35.159.5.116 16509 (AMAZON-02)
12 79.110.24.155 209813 (FASTCONTENT)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 6
Domain Requested by
12 godatingsnow.com rpket.pro
godatingsnow.com
3 mont.anchtrk.com 1 redirects mont.anchtrk.com
2 fonts.gstatic.com godatingsnow.com
2 rpket.pro mont.anchtrk.com
rpket.pro
1 fonts.googleapis.com godatingsnow.com
1 eardepth-prisists.com 1 redirects
1 alktr.com 1 redirects
1 nativesp.pro rpket.pro
1 rdtrck2.com 1 redirects
1 trk.anchtrk.com 1 redirects
20 10

This site contains no links.

Subject Issuer Validity Valid
mont.anchtrk.com
Let's Encrypt Authority X3
2020-04-03 -
2020-07-02
3 months crt.sh
rpket.pro
Let's Encrypt Authority X3
2020-02-19 -
2020-05-19
3 months crt.sh
nativesp.pro
Sectigo RSA Domain Validation Secure Server CA
2019-07-17 -
2020-07-16
a year crt.sh
godatingsnow.com
Let's Encrypt Authority X3
2020-04-02 -
2020-07-01
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-03-24 -
2020-06-16
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-03-24 -
2020-06-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Frame ID: 5841EF4DEF590004B839B1DA7A439011
Requests: 20 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://trk.anchtrk.com/aff_c?offer_id=443&aff_id=1168 HTTP 302
    https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2 Page URL
  2. https://mont.anchtrk.com/?utm_term=6815997813273395440&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  3. https://mont.anchtrk.com/proc.php?027877dea829462e1c9cfd83638e646c24868350 HTTP 302
    https://rdtrck2.com/5d5be16464fb8500013816c9?pid=15761-9e9276bz&partner_id=15761&ref_id=68159978... HTTP 302
    https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&... Page URL
  4. https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&cl... HTTP 302
    https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=LQq_Cq8QiA... HTTP 302
    https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

6
IPs

4
Countries

578 kB
Transfer

623 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trk.anchtrk.com/aff_c?offer_id=443&aff_id=1168 HTTP 302
    https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2 Page URL
  2. https://mont.anchtrk.com/?utm_term=6815997813273395440&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
  3. https://mont.anchtrk.com/proc.php?027877dea829462e1c9cfd83638e646c24868350 HTTP 302
    https://rdtrck2.com/5d5be16464fb8500013816c9?pid=15761-9e9276bz&partner_id=15761&ref_id=6815997813273395440&af=CH&subid4=desktopWIFI HTTP 302
    https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159 Page URL
  4. https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159 HTTP 302
    https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=LQq_Cq8QiA0Jd_jg HTTP 302
    https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://trk.anchtrk.com/aff_c?offer_id=443&aff_id=1168 HTTP 302
  • https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2
Request Chain 2
  • https://mont.anchtrk.com/proc.php?027877dea829462e1c9cfd83638e646c24868350 HTTP 302
  • https://rdtrck2.com/5d5be16464fb8500013816c9?pid=15761-9e9276bz&partner_id=15761&ref_id=6815997813273395440&af=CH&subid4=desktopWIFI HTTP 302
  • https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
mont.anchtrk.com/
Redirect Chain
  • http://trk.anchtrk.com/aff_c?offer_id=443&aff_id=1168
  • https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2
3 KB
2 KB
Document
General
Full URL
https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.106.197 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
2c3346864e02a673b87222f6c977e9310ca970132f8c9fc69f1bdfb99d9caf5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
mont.anchtrk.com
:scheme
https
:path
/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Wed, 15 Apr 2020 17:52:38 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=cebe9e2011a0720a51da4e16ba613e80; expires=Thu, 15-Apr-2021 17:52:38 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 15 Apr 2020 17:52:38 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
286
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
102b7a703fa9e40324faa0b3d18e9f
Location
https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2
Access-Control-Allow-Origin
*
X-Request-Id
8ea6b0e9f4bec24ed1e2c7093b5cf6cc
/
mont.anchtrk.com/
9 KB
3 KB
Document
General
Full URL
https://mont.anchtrk.com/?utm_term=6815997813273395440&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Requested by
Host: mont.anchtrk.com
URL: https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.106.197 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
50e7e3899cc339df942a9878a25332dd763bbd46f43f1d4e123f1ba4e1808ece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
mont.anchtrk.com
:scheme
https
:path
/?utm_term=6815997813273395440&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=cebe9e2011a0720a51da4e16ba613e80
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mont.anchtrk.com/?utm_medium=a6cdfb1814a36d78fe6cb7bf32ee12b660bada9d&utm_campaign=Global2

Response headers

status
200
server
nginx
date
Wed, 15 Apr 2020 17:52:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
play
rpket.pro/
Redirect Chain
  • https://mont.anchtrk.com/proc.php?027877dea829462e1c9cfd83638e646c24868350
  • https://rdtrck2.com/5d5be16464fb8500013816c9?pid=15761-9e9276bz&partner_id=15761&ref_id=6815997813273395440&af=CH&subid4=desktopWIFI
  • https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
19 KB
11 KB
Document
General
Full URL
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
Requested by
Host: mont.anchtrk.com
URL: https://mont.anchtrk.com/?utm_term=6815997813273395440&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
52241435ea098334df976eb79d81f85f2ed55a18ca832a6a49b35845e5af53ec

Request headers

:method
GET
:authority
rpket.pro
:scheme
https
:path
/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://mont.anchtrk.com/?utm_term=6815997813273395440&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mont.anchtrk.com/?utm_term=6815997813273395440&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d#

Response headers

status
200
server
nginx/1.17.3
date
Wed, 15 Apr 2020 17:52:41 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
truniq=1; expires=Thu, 16-Apr-2020 17:52:41 GMT; Max-Age=86400; path=/; domain=rpket.pro
x-zone
eu
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 15 Apr 2020 17:52:39 GMT
Content-Type
text/html; charset=utf-8
Content-Length
221
Connection
keep-alive
Location
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
Set-Cookie
redhash=NWU5NzQ5ZTdiZjUwNzAwMDAxN2QxZDJkfDB8NWQ1YmUxNjQ2NGZiODUwMDAxMzgxNmM5fHwwYjNjNjRlMi1mZTZlLTQ4ZGMtYWUxYi1mNjExZTRmODZhMmF8MTU4Njk3MzE1OQ==; Path=/; Domain=rdtrck2.com; Expires=Thu, 15 Apr 2021 17:52:39 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
rpe
nativesp.pro/
0
72 B
XHR
General
Full URL
https://nativesp.pro/rpe?a=1&s=1&act=7&src=2&p=1032494&st=1037736&wd=68830&d=rpket.pro&tpl=6&rnd=0.7750234680929917&sbid=15761&sbid2=
Requested by
Host: rpket.pro
URL: https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 15 Apr 2020 17:52:41 GMT
server
nginx/1.16.1
access-control-allow-origin
*
content-length
0
play.png
rpket.pro/images/play/
11 KB
11 KB
Image
General
Full URL
https://rpket.pro/images/play/play.png
Requested by
Host: rpket.pro
URL: https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861

Request headers

Referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 17:52:41 GMT
last-modified
Tue, 31 Mar 2020 15:20:49 GMT
server
nginx/1.17.3
etag
"5e835fd1-2b07"
content-type
image/png
status
200
accept-ranges
bytes
x-zone
eu3
content-length
11015
Primary Request Cookie set /
godatingsnow.com/
Redirect Chain
  • https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
  • https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=LQq_Cq8QiA0Jd_jg
  • https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
7 KB
8 KB
Document
General
Full URL
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Requested by
Host: rpket.pro
URL: https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e82092c7fd967bd71d35f2df789e50a4c1cae63ce391e2a7970195fef4a4fc45

Request headers

Host
godatingsnow.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo2ODgzMCwic3JjIjoyfQ==eyJ&clickid=5e9749e7bf507000017d1d2d&payout={payout}&si1=15761&si2=&rdtrckcbp=1586973159

Response headers

Server
nginx
Date
Wed, 15 Apr 2020 17:52:41 GMT
Content-Type
text/html
Content-Length
7564
Connection
keep-alive
Cache-Control
private no-transform
Set-Cookie
sid=54uqcd4jqjynffhvxotauzrn; path=/ sid=54uqcd4jqjynffhvxotauzrn; path=/ s1=typ0kn326ol6l57g; path=/
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Server
nginx
Date
Wed, 15 Apr 2020 17:52:41 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Pragma
no-cache
Set-Cookie
6340d1d7-0f9a-48a5-ac30-859e51d97270-v4=6340d1d7-0f9a-48a5-ac30-859e51d97270; Max-Age=86400; Expires=Thu, 16-Apr-2020 17:52:41 GMT; Domain=eardepth-prisists.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=sz3x5z3O76A4y19eh5LRxK4hplbq4PjntXSSfICsOCviUG7a6cjMy3MpVpLRe3R1%2FsjesV1PHBfPeLnBZ1W6XLllaHefOmU6bUxa744Ix4iYqYvd0tNO2vIMsrlt3N%2BNTcYc603IugzgANhPUrXnrw%3D%3D; Max-Age=31536000; Expires=Thu, 15-Apr-2021 17:52:41 GMT; Domain=eardepth-prisists.com; Path=/; Secure; HttpOnly;SameSite=None
animate.min.css
godatingsnow.com/media/dating/toon2/css/
52 KB
52 KB
Stylesheet
General
Full URL
https://godatingsnow.com/media/dating/toon2/css/animate.min.css
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:32 GMT
Server
nginx
ETag
"5def7bfc-ce35"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52789
style.css
godatingsnow.com/media/dating/toon2/css/
8 KB
9 KB
Stylesheet
General
Full URL
https://godatingsnow.com/media/dating/toon2/css/style.css
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
408885915473803c26419ec9081d1df03b88afbc52d44d4838ed57923dc3a1d2

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:32 GMT
Server
nginx
ETag
"5def7bfc-210c"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8460
js.cookie.js
godatingsnow.com/cookie/
4 KB
4 KB
Script
General
Full URL
https://godatingsnow.com/cookie/js.cookie.js
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:04:42 GMT
Server
nginx
ETag
"5def7bca-10a8"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4264
utils.js
godatingsnow.com/util/
7 KB
7 KB
Script
General
Full URL
https://godatingsnow.com/util/utils.js
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
49e444df8d1eb278bddad304cb37b542206a5300f991b44ca1189241ecabbc26

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 14 Apr 2020 12:20:05 GMT
Server
nginx
ETag
"5e95aa75-1a5a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6746
123.jpg
godatingsnow.com/media/dating/toon2/images/
175 KB
175 KB
Image
General
Full URL
https://godatingsnow.com/media/dating/toon2/images/123.jpg
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:32 GMT
Server
nginx
ETag
"5def7bfc-2bbe8"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
179176
jquery-2.2.4.min.js
godatingsnow.com/media/dating/toon2/js/
84 KB
84 KB
Script
General
Full URL
https://godatingsnow.com/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:32 GMT
Server
nginx
ETag
"5def7bfc-14e4a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85578
trls.js
godatingsnow.com/media/dating/toon2/js/
28 KB
29 KB
Script
General
Full URL
https://godatingsnow.com/media/dating/toon2/js/trls.js
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
71b3ccd070734cf41f0e6f5b75ad779985000aa62c90dd549bec10f3f9c9f1ee

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:32 GMT
Server
nginx
ETag
"5def7bfc-719c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29084
bb.js
godatingsnow.com/media/
1 KB
2 KB
Script
General
Full URL
https://godatingsnow.com/media/bb.js
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Wed, 25 Mar 2020 14:28:22 GMT
Server
nginx
ETag
"5e7b6a86-533"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1331
exit-popup.css
godatingsnow.com/media/exit-new/
3 KB
3 KB
Stylesheet
General
Full URL
https://godatingsnow.com/media/exit-new/exit-popup.css
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:39 GMT
Server
nginx
ETag
"5def7c03-a64"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2660
exit1.js
godatingsnow.com/media/exit-new/
32 KB
33 KB
Script
General
Full URL
https://godatingsnow.com/media/exit-new/exit1.js
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:39 GMT
Server
nginx
ETag
"5def7c03-81ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33198
css
fonts.googleapis.com/
36 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a9775cbb52671d3930a4a3a28b473ed78f7eafae3132271743975bb6e977986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Apr 2020 17:52:41 GMT
server
ESF
date
Wed, 15 Apr 2020 17:52:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Apr 2020 17:52:41 GMT
bg.jpg
godatingsnow.com/media/dating/toon2/images/
117 KB
117 KB
Image
General
Full URL
https://godatingsnow.com/media/dating/toon2/images/bg.jpg
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
79.110.24.155 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

Referer
https://godatingsnow.com/media/dating/toon2/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 17:52:41 GMT
Last-Modified
Tue, 10 Dec 2019 11:05:32 GMT
Server
nginx
ETag
"5def7bfc-1d3ca"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119754
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://godatingsnow.com

Response headers

date
Wed, 01 Apr 2020 22:55:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
1191445
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Thu, 01 Apr 2021 22:55:16 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: godatingsnow.com
URL: https://godatingsnow.com/?u=dykkaek&o=vbpp49r&t=1032494&cid=w3sj0bb29ono59cu1ibsare0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://godatingsnow.com

Response headers

date
Sat, 04 Apr 2020 10:25:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
977229
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Sun, 04 Apr 2021 10:25:32 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getSessionId number| exDays boolean| validNavigation function| wireUpEvents function| Cookies function| docReady function| getParameterByName function| hideUnsub function| languageDetection function| writeLocation object| geoRefData function| showLocation function| appendPixels function| getCookie function| addSessionId undefined| randomNumber function| $ function| jQuery object| translation string| language function| replace_text function| translation_available function| detect_language function| translate object| _0x1b1f function| _0x2cf4 boolean| PreventBb function| getUrlParameter function| getUrlWithParam string| popup_style string| popup_glow string| thePopup string| current_href boolean| PreventExitSplash object| alert_lang function| trans_available function| detect_lang string| lang string| exitsplashpage string| exitsplashmessage function| appendHtml function| DisplayExitSplash function| addLoadEvent function| addClickEvent object| a function| disablelinksfunc function| disableformsfunc object| x

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://godatingsnow.com/media/dating/toon2/js/trls.js(Line 682)
Message:
translation not Found: dykkaek&o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alktr.com
eardepth-prisists.com
fonts.googleapis.com
fonts.gstatic.com
godatingsnow.com
mont.anchtrk.com
nativesp.pro
rdtrck2.com
rpket.pro
trk.anchtrk.com
138.68.123.185
212.32.250.31
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a02:b4a:1:7::9274:1
35.159.5.116
52.49.55.7
79.110.24.155
88.208.60.53
99.198.106.197
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
2c3346864e02a673b87222f6c977e9310ca970132f8c9fc69f1bdfb99d9caf5b
408885915473803c26419ec9081d1df03b88afbc52d44d4838ed57923dc3a1d2
49e444df8d1eb278bddad304cb37b542206a5300f991b44ca1189241ecabbc26
50e7e3899cc339df942a9878a25332dd763bbd46f43f1d4e123f1ba4e1808ece
52241435ea098334df976eb79d81f85f2ed55a18ca832a6a49b35845e5af53ec
5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214
6a9775cbb52671d3930a4a3a28b473ed78f7eafae3132271743975bb6e977986
71b3ccd070734cf41f0e6f5b75ad779985000aa62c90dd549bec10f3f9c9f1ee
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04
b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861
e82092c7fd967bd71d35f2df789e50a4c1cae63ce391e2a7970195fef4a4fc45
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57
f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29