vipdatinghere.life Open in urlscan Pro
46.161.31.241  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://v.ht/jPvb Page URL
2. https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	jPvb Show response v.ht/	3 KB 2 KB	529ms 105ms	Document text/html	69.61.26.123 GLOBALCOMPASS
General Check archive.org Show headers Download Go to Full URL https://v.ht/jPvb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.61.26.123 , United States, ASN22653 (GLOBALCOMPASS, US), Reverse DNS Software Hotcores.com / Resource Hash c99c89a38f65e731c78fb28100a46bbf8673356c6c8f22c1ff1aa1c9708d1f30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server Hotcores.com Date Sat, 01 Jan 2022 16:55:15 GMT Content-Type text/html; Charset=UTF-8;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Cache-Control no-cache, must-revalidate, max-age=0 Pragma no-cache X-Robots-Tag noindex, nofollow I-AM Gamma Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	78 KB 27 KB	50ms 15ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: v.ht URL: https://v.ht/jPvb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 16:55:15 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1088 / 444 of 1000 / last-modified: 1639397097" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26912 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 01 Jan 2022 16:55:15 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	36ms 15ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-31510493-3 Requested by Host: v.ht URL: https://v.ht/jPvb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b44042d2b9b2f82d20508caf4b93ae4541cfe8107c5e390c8542b2dbd1f7c123 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 16:55:15 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36213 x-xss-protection 0 last-modified Sat, 01 Jan 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 01 Jan 2022 16:55:15 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	28ms 7ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6850 date Sat, 01 Jan 2022 15:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 01 Jan 2022 17:01:06 GMT
GET H2	200	pubads_impl_2021120601.js Show response securepubads.g.doubleclick.net/gpt/	348 KB 117 KB	44ms 16ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software sffe / Resource Hash 2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 16:55:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119476 x-xss-protection 0 last-modified Mon, 06 Dec 2021 09:34:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 01 Jan 2022 16:55:16 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	39 B 687 B	41ms 14ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash cebca28d0bf4ea2515b9e1f50508840118c06fdea1941600e3749811fe048c97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 16:55:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51 x-xss-protection 0 expires Sat, 01 Jan 2022 16:55:16 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 198 B	14ms 13ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=460976113&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2FjPvb&ul=en-us&de=UTF-8&dt=jPvb&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=354681425&gjid=954724717&cid=1265035404.1641056115&tid=UA-31510493-3&_gid=684779948.1641056115&_r=1&gtm=2ouc10&z=599092237 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://v.ht/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 01 Jan 2022 16:55:16 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://v.ht cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	69ms 15ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=v.ht Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 16:55:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	51ms 16ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=v.ht Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 16:55:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	410 B 247 B	57ms 41ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=822343200198017&correlator=175453330869986&output=ldjh&impl=fif&eid=44755509&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220101&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1641056115&dt=1641056115483&dlt=1641056115239&idt=219&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=495576698&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fv.ht%2FjPvb&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x63&msz=0x0&ga_vid=1265035404.1641056115&ga_sid=1641056115&ga_hid=460976113&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash 96013a56cc3bd4ce3f26b44b8bb5279c883d9e380241185b5468815118012c2a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 16:55:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 217 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://v.ht cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response f70270b02952832b7a31777e56de80b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8590	6 KB 4 KB	77ms 15ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://f70270b02952832b7a31777e56de80b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Sat, 01 Jan 2022 16:55:16 GMT expires Sun, 01 Jan 2023 16:55:16 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	Primary Request / Show response vipdatinghere.life/	14 KB 14 KB	261ms 64ms	Document text/html	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Requested by Host: v.ht URL: https://v.ht/jPvb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash ab4e294da8373de95fa98e7a4c74744d9bf011df4d74b50608a21ba08a2a4d47 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ Response headers Server nginx Date Sat, 01 Jan 2022 16:55:16 GMT Content-Type text/html Content-Length 13996 Connection keep-alive Cache-Control private no-transform
GET H2	200	sodar pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	53ms 20ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 16:55:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8535 x-xss-protection 0
GET H2	200	sodar2.js tpc.googlesyndication.com/sodar/	17 KB 7 KB	54ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 16:55:16 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 expires Sat, 01 Jan 2022 16:55:16 GMT
GET H3	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36BF	13 KB 5 KB	25ms 7ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 date Sat, 01 Jan 2022 16:22:53 GMT expires Sun, 01 Jan 2023 16:22:53 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1943 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe www.google.com/recaptcha/api2/ Frame 2CC0	783 B 1 KB	40ms 17ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IAhGCpdHb8ss/AxKJfK6fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 01 Jan 2022 16:55:16 GMT date Sat, 01 Jan 2022 16:55:16 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-IAhGCpdHb8ss/AxKJfK6fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js pagead2.googlesyndication.com/bg/ Frame 36BF	35 KB 13 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 18:33:15 GMT content-encoding br x-content-type-options nosniff age 80521 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13577 x-xss-protection 0 last-modified Mon, 06 Dec 2021 19:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 31 Dec 2022 18:33:15 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 2CC0	0 0	48ms 47ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=822343200198017&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H/1.1	200 OK	stylesoutdoor.css vipdatinghere.life/media/d/radarnew/css/	10 KB 3 KB	25ms 21ms	Stylesheet text/css	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/css/stylesoutdoor.css Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 3aff9e59a46b2cdd488813c4874a7f9668f74761f94222ef32841fd4350ac8cc Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:13 GMT Server nginx ETag W/"60a5faed-26cb" Vary Accept-Encoding Content-Type text/css Cache-Control no-transform Connection close
GET H/1.1	200 OK	bootstrap.css vipdatinghere.life/media/d/radarnew/css/	108 KB 15 KB	74ms 21ms	Stylesheet text/css	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/css/bootstrap.css Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 37d237c2cfc632735d5a1c48184e7e7afc5358ffd8ab8d6bd9f90a16d1e2993f Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:13 GMT Server nginx ETag W/"60a5faed-1ae9f" Vary Accept-Encoding Content-Type text/css Cache-Control no-transform Connection close
GET H/1.1	200 OK	blue.css vipdatinghere.life/media/d/radarnew/css/	1 KB 624 B	72ms 20ms	Stylesheet text/css	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/css/blue.css Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 0ca1d39f999294e137c538278732cd5f2e0f6bd54617ec7e347773ac5b3d8272 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:12 GMT Server nginx ETag W/"60a5faec-5e1" Vary Accept-Encoding Content-Type text/css Cache-Control no-transform Connection close
GET H/1.1	200 OK	jquery.min.js Show response vipdatinghere.life/media/d/radarnew/js/	91 KB 32 KB	76ms 22ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/js/jquery.min.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:14 GMT Server nginx ETag W/"60a5faee-16cfb" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	trls.js Show response vipdatinghere.life/media/d/radarnew/js/	47 KB 14 KB	78ms 25ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/js/trls.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 3fc88d3968cd86f76bc3d071b1d3de64729f06840621ab9a39b93f7e2add6303 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:14 GMT Server nginx ETag W/"60a5faee-ba9a" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	bootstrap.min.js Show response vipdatinghere.life/media/d/radarnew/js/	28 KB 7 KB	111ms 20ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/js/bootstrap.min.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:13 GMT Server nginx ETag W/"60a5faed-71b6" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	bootstrap-slider.min.css vipdatinghere.life/media/d/radarnew/css/	7 KB 2 KB	74ms 21ms	Stylesheet text/css	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/css/bootstrap-slider.min.css Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash a27ecbe0f63af48cceb0dc93fb842d3161462ca44d16bae13ea4a85488a7a8ce Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:12 GMT Server nginx ETag W/"60a5faec-1c3b" Vary Accept-Encoding Content-Type text/css Cache-Control no-transform Connection close
GET H/1.1	200 OK	bootstrap-slider.min.js Show response vipdatinghere.life/media/d/radarnew/js/	26 KB 6 KB	153ms 20ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/js/bootstrap-slider.min.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:13 GMT Server nginx ETag W/"60a5faed-6647" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	utils.js Show response vipdatinghere.life/util/	7 KB 3 KB	155ms 20ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/util/utils.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Mon, 21 Jun 2021 15:49:14 GMT Server nginx ETag W/"60d0b4fa-1d57" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	radar.gif vipdatinghere.life/media/d/radarnew/images/	172 KB 123 KB	73ms 19ms	Image image/gif	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://vipdatinghere.life/media/d/radarnew/images/radar.gif Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:13 GMT Server nginx ETag W/"60a5faed-2aeaf" Vary Accept-Encoding Content-Type image/gif Cache-Control no-transform Connection close
GET H/1.1	200 OK	main.js Show response vipdatinghere.life/media/d/radarnew/js/	1 KB 556 B	72ms 19ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/d/radarnew/js/main.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash ebd7a92af4d051891df2bbad59bbf1b2a36fc68f1108b15504d12550d656f566 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:14 GMT Server nginx ETag W/"60a5faee-5a6" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	bbradar.js Show response vipdatinghere.life/media/	639 B 642 B	72ms 19ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/bbradar.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 05:56:44 GMT Server nginx ETag W/"60a5fa1c-27f" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	exit1.js Show response vipdatinghere.life/media/exit-new/	3 KB 1 KB	72ms 20ms	Script application/javascript	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://vipdatinghere.life/media/exit-new/exit1.js Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/?u=uvqp806&o=6w9kk8l&m=1&t=444@moni--127 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Mon, 31 May 2021 11:57:41 GMT Server nginx ETag W/"60b4cf35-d91" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	outdoor.jpg vipdatinghere.life/media/d/radarnew/images/	217 KB 217 KB	80ms 27ms	Image image/jpeg	46.161.31.241 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://vipdatinghere.life/media/d/radarnew/images/outdoor.jpg Requested by Host: vipdatinghere.life URL: https://vipdatinghere.life/media/d/radarnew/css/stylesoutdoor.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 46.161.31.241 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash b0b9b668729dc630f2ff79478f74bdaa7d6eb53a5b8ae665a3144c5cf7629351 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vipdatinghere.life/media/d/radarnew/css/stylesoutdoor.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 16:55:16 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 06:00:13 GMT Server nginx ETag W/"60a5faed-363bd" Vary Accept-Encoding Content-Type image/jpeg Cache-Control no-transform Connection close

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| requestLink object| geoData string| ip function| $ function| jQuery object| translation function| getParameterByName function| detect_language string| language string| browserLang function| replace_text function| translation_available function| translate object| jQuery18207351014089008194 function| Slider function| hideUnsub function| languageDetection function| writeLocation object| geoRefData function| showLocation function| appendPixels function| getCookie function| getBackendParamsByName function| addSessionId undefined| randomNumber function| docReady boolean| PreventBb function| getUrlParameter function| getUrlWithParam boolean| PreventExitSplash string| exitsplashpage function| DisplayExitSplash function| addLoadEvent function| addClickEvent function| disablelinksfunc function| disableformsfunc object| x

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.v.ht/	1970-01-20 17:22:08	Name: _ga Value: GA1.2.1265035404.1641056115
			.v.ht/	1970-01-19 23:52:22	Name: _gid Value: GA1.2.684779948.1641056115
			.v.ht/	1970-01-19 23:50:56	Name: _gat_gtag_UA_31510493_3 Value: 1
			.doubleclick.net/	1970-01-19 23:50:57	Name: test_cookie Value: CheckForPermission
			.v.ht/	1970-01-20 09:12:32	Name: __gads Value: ID=057b605f07cd8583-22a446cf12cd00e0:T=1641056116:S=ALNI_MbtAhQwr2meRFrdWo47PPM2WATXXg
			vipdatinghere.life/	1969-12-31 23:59:59	Name: sid Value: t4~cacxbtlyhycwobjfywehfwyp

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
f70270b02952832b7a31777e56de80b9.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
v.ht
vipdatinghere.life
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
216.58.212.162
2a00:1450:4001:802::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:830::200e
46.161.31.241
69.61.26.123
0ca1d39f999294e137c538278732cd5f2e0f6bd54617ec7e347773ac5b3d8272
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
37d237c2cfc632735d5a1c48184e7e7afc5358ffd8ab8d6bd9f90a16d1e2993f
3aff9e59a46b2cdd488813c4874a7f9668f74761f94222ef32841fd4350ac8cc
3fc88d3968cd86f76bc3d071b1d3de64729f06840621ab9a39b93f7e2add6303
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6
96013a56cc3bd4ce3f26b44b8bb5279c883d9e380241185b5468815118012c2a
9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27ecbe0f63af48cceb0dc93fb842d3161462ca44d16bae13ea4a85488a7a8ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab4e294da8373de95fa98e7a4c74744d9bf011df4d74b50608a21ba08a2a4d47
b0b9b668729dc630f2ff79478f74bdaa7d6eb53a5b8ae665a3144c5cf7629351
b44042d2b9b2f82d20508caf4b93ae4541cfe8107c5e390c8542b2dbd1f7c123
c99c89a38f65e731c78fb28100a46bbf8673356c6c8f22c1ff1aa1c9708d1f30
cebca28d0bf4ea2515b9e1f50508840118c06fdea1941600e3749811fe048c97
ebd7a92af4d051891df2bbad59bbf1b2a36fc68f1108b15504d12550d656f566
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729