date.xdates18.com Open in urlscan Pro
185.154.225.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://romancehit.com/MjY3MzcwZWY1NjY4YzExMGJiZGI0OGM0OGIyNTVjZGMuZ3Vlc3QucGtYYUphb1RGRFRFZFFkSFRQV1NzYk9xbGlCa0V0a1VF...
Effective URL:
https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f77...
Submission: On August 16 via api (August 16th 2020, 10:24:55 am UTC) from BE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 12 domains to perform 27 HTTP transactions. The main IP is 185.154.225.17, located in Netherlands and belongs to CQINT-NL, DE. The main domain is date.xdates18.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 28th 2020. Valid for: 3 months.

This is the only time date.xdates18.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	200.234.150.33 200.234.150.33	10704 (ML Telecom) (ML Telecom)
1 1	2606:4700:303... 2606:4700:3032::6812:2440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::681b:9d8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6818:782e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.155.57 13.226.155.57	16509 (AMAZON-02) (AMAZON-02)
2	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	18.195.71.253 18.195.71.253	16509 (AMAZON-02) (AMAZON-02)
1 1	156.67.36.11 156.67.36.11	25418 (CQINT-NL) (CQINT-NL)
1	185.154.225.17 185.154.225.17	25418 (CQINT-NL) (CQINT-NL)
20	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
27	6

2 200.234.150.33 (Brazil) 2 redirects

ASN10704 (ML Telecom, BR)
PTR: mail.romancehit.com

romancehit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6812:2440 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link443.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:9d8e (United States)

ASN13335 (CLOUDFLARENET, US)

ma.inboxmen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6818:782e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ma.inboxtalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-57.dus51.r.cloudfront.net

t.asldating.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.sloffer.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

ckstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.71.253 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-71-253.eu-central-1.compute.amazonaws.com

a.vfghe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.67.36.11 (Germany) 1 redirects

ASN25418 (CQINT-NL, DE)

o-2627.cloudtraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.154.225.17 (Netherlands)

ASN25418 (CQINT-NL, DE)

date.xdates18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

lpmedia.justservingfiles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	justservingfiles.net lpmedia.justservingfiles.net	648 KB
2	vfghe.com 2 redirects a.vfghe.com	2 KB
2	ckstatic.com ckstatic.com	14 KB
2	romancehit.com 2 redirects romancehit.com	1 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	xdates18.com date.xdates18.com	5 KB
1	cloudtraff.com 1 redirects o-2627.cloudtraff.com	615 B
1	sloffer.link s.sloffer.link	2 KB
1	asldating.link t.asldating.link	2 KB
1	inboxtalk.com 1 redirects ma.inboxtalk.com	572 B
1	inboxmen.com ma.inboxmen.com	738 B
1	link443.com 1 redirects link443.com	1023 B
27	12

	Domain	Requested by
20	lpmedia.justservingfiles.net	date.xdates18.com
2	a.vfghe.com	2 redirects
2	ckstatic.com	t.asldating.link s.sloffer.link
2	romancehit.com	2 redirects
1	ajax.googleapis.com	date.xdates18.com
1	date.xdates18.com	s.sloffer.link
1	o-2627.cloudtraff.com	1 redirects
1	s.sloffer.link	t.asldating.link
1	t.asldating.link	ma.inboxmen.com
1	ma.inboxtalk.com	1 redirects
1	ma.inboxmen.com
1	link443.com	1 redirects
27	12

This site contains no links.

Subject Issuer	Validity	Valid
*.ajrkm.link Amazon	`2020-07-29` - `2021-08-29`	a year	crt.sh
ckstatic.com Let's Encrypt Authority X3	`2020-06-15` - `2020-09-13`	3 months	crt.sh
date.xdates18.com Let's Encrypt Authority X3	`2020-06-28` - `2020-09-26`	3 months	crt.sh
*.justservingfiles.net Let's Encrypt Authority X3	`2020-06-20` - `2020-09-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Frame ID: DECA04986729F947FEAD54B304758D46
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://romancehit.com/MjY3MzcwZWY1NjY4YzExMGJiZGI0OGM0OGIyNTVjZGMuZ3Vlc3QucGtYYUphb1RGRFRFZFFkSFRQ... HTTP 302
http://romancehit.com/guest/267370ef5668c110bbdb48c48b255cdc HTTP 302
http://link443.com/ret/eml/?eml=4zorbke@gmail.com&comp=ee&mdi=267370ef5668c110bbdb48c48b255cdc&... HTTP 302
http://ma.inboxmen.com/red.html Page URL
http://ma.inboxtalk.com/green.php HTTP 302
https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=27... Page URL
https://a.vfghe.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=TRACKERHERE;&affiliateID=44542&s... HTTP 302
https://a.vfghe.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=TRACKERHERE%3B&affiliateID=44542... HTTP 302
https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81i... Page URL
https://o-2627.cloudtraff.com/51813aaa-a34b-43a4-9f0d-6e8c6af7bb4b?subPublisher=44542&source=52463&clickta... HTTP 302
https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

27
Requests

96 %
HTTPS

36 %
IPv6

12
Domains

12
Subdomains

6
IPs

4
Countries

702 kB
Transfer

873 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://romancehit.com/MjY3MzcwZWY1NjY4YzExMGJiZGI0OGM0OGIyNTVjZGMuZ3Vlc3QucGtYYUphb1RGRFRFZFFkSFRQV1NzYk9xbGlCa0V0a1VFaVZuaWpoT01ic1FTd3lMbHZFRHd0VUlDdlNoUGNidWtXSXRnUGhUUUFKV2l1aUQ HTTP 302
http://romancehit.com/guest/267370ef5668c110bbdb48c48b255cdc HTTP 302
http://link443.com/ret/eml/?eml=4zorbke@gmail.com&comp=ee&mdi=267370ef5668c110bbdb48c48b255cdc&dom=noticesocial.com HTTP 302
http://ma.inboxmen.com/red.html Page URL
http://ma.inboxtalk.com/green.php HTTP 302
https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456 Page URL
https://a.vfghe.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=TRACKERHERE;&affiliateID=44542&source=102ac7e1b727db1090547580b211c0&subID2=52463&s2=102ac7e1b727db1090547580b211c0&s3=TRACKERHERE;&s4=52463&url=1&Target=Emails&affsub=TRACKERHERE&affsource= HTTP 302
https://a.vfghe.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=TRACKERHERE%3B&affiliateID=44542&source=102ac7e1b727db1090547580b211c0&subID2=52463&Target=Emails&Site=&Bnr=&cid=wsd8qc7v19f96a812a7t05cg HTTP 302
https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756 Page URL
https://o-2627.cloudtraff.com/51813aaa-a34b-43a4-9f0d-6e8c6af7bb4b?subPublisher=44542&source=52463&clicktag=102cffca189126bfab74740bd9b112 HTTP 302
https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://romancehit.com/MjY3MzcwZWY1NjY4YzExMGJiZGI0OGM0OGIyNTVjZGMuZ3Vlc3QucGtYYUphb1RGRFRFZFFkSFRQV1NzYk9xbGlCa0V0a1VFaVZuaWpoT01ic1FTd3lMbHZFRHd0VUlDdlNoUGNidWtXSXRnUGhUUUFKV2l1aUQ HTTP 302
http://romancehit.com/guest/267370ef5668c110bbdb48c48b255cdc HTTP 302
http://link443.com/ret/eml/?eml=4zorbke@gmail.com&comp=ee&mdi=267370ef5668c110bbdb48c48b255cdc&dom=noticesocial.com HTTP 302
http://ma.inboxmen.com/red.html

Request Chain 1

http://ma.inboxtalk.com/green.php HTTP 302
https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456

Request Chain 3

https://a.vfghe.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=TRACKERHERE;&affiliateID=44542&source=102ac7e1b727db1090547580b211c0&subID2=52463&s2=102ac7e1b727db1090547580b211c0&s3=TRACKERHERE;&s4=52463&url=1&Target=Emails&affsub=TRACKERHERE&affsource= HTTP 302
https://a.vfghe.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=TRACKERHERE%3B&affiliateID=44542&source=102ac7e1b727db1090547580b211c0&subID2=52463&Target=Emails&Site=&Bnr=&cid=wsd8qc7v19f96a812a7t05cg HTTP 302
https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set red.html Show response
ma.inboxmen.com/
Redirect Chain

http://romancehit.com/MjY3MzcwZWY1NjY4YzExMGJiZGI0OGM0OGIyNTVjZGMuZ3Vlc3QucGtYYUphb1RGRFRFZFFkSFRQV1NzYk9xbGlCa0V0a1VFaVZuaWpoT01ic1FTd3lMbHZFRHd0VUlDdlNoUGNidWtXSXRnUGhUUUFKV2l1aUQ
http://romancehit.com/guest/267370ef5668c110bbdb48c48b255cdc
http://link443.com/ret/eml/?eml=4zorbke@gmail.com&comp=ee&mdi=267370ef5668c110bbdb48c48b255cdc&dom=noticesocial.com
http://ma.inboxmen.com/red.html

437 B
738 B

27ms
21ms

Document
text/html

2606:4700:3033::681b:9d8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ma.inboxmen.com/red.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:9d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3915d763147c316d66d19b11599c44a6751c90a77cffff3531fc846fa02bb758

Request headers

Host: ma.inboxmen.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd2ef2d7612eb9bade94e9640c90936b51597573475; expires=Tue, 15-Sep-20 10:24:35 GMT; path=/; domain=.inboxmen.com; HttpOnly; SameSite=Lax
Last-Modified: Wed, 10 Jul 2019 07:49:30 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 049865c61800003258a8bd7200000001
Server: cloudflare
CF-RAY: 5c3a72502dac3258-FRA
Content-Encoding: gzip

Redirect headers

Date: Sun, 16 Aug 2020 10:24:35 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8bf1d4aa8f2ab82e0ee2685ac21de5711597573475; expires=Tue, 15-Sep-20 10:24:35 GMT; path=/; domain=.link443.com; HttpOnly; SameSite=Lax brls_sess=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ea66a5313230bafac22a2ea585611851%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22162.158.88.189%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1597573475%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D1d61ccafde31f7cf236a19967163e6f0; expires=Mon, 17-Aug-2020 10:24:35 GMT; Max-Age=86400; path=/
Location: http://ma.inboxmen.com/red.html
CF-Cache-Status: DYNAMIC
cf-request-id: 049865c5be000032589625c200000001
Server: cloudflare
CF-RAY: 5c3a724f9c8c3258-FRA

GET
H2

200

ih2537dg3k Show response
t.asldating.link/
Redirect Chain

http://ma.inboxtalk.com/green.php
https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456

2 KB
2 KB

477ms
307ms

Document
text/html

13.226.155.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456

Requested by

Host: ma.inboxmen.com
URL: http://ma.inboxmen.com/red.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.57 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-57.dus51.r.cloudfront.net

Software

nginx/1.17.10 / Express

Resource Hash

8c16edfd754db4d1d379317b83612c9e1e081842dfd6f127d6aa46a9ae5f44b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: t.asldating.link
:scheme: https
:path: /ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://ma.inboxmen.com/red.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ma.inboxmen.com/red.html

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx/1.17.10
date: Sun, 16 Aug 2020 10:24:36 GMT
vary: Accept-Encoding
x-powered-by: Express
set-cookie: aff_ran_url_3785=22386; Path=/; Expires=Mon, 17 Aug 2020 10:24:36 GMT; Secure enc_aff_session_3785=ENC0396fc211d29b30910d0e447d319d25558348336dc27e719e246fb5eb89d394ea97bc132df612d95eb2ae3d7a31fe08953a16d30100a81be7612ab920480835a5ed3d667f5db02f190dc532d630e9e8858b0a690c9d907206471e8aaaeb42fd81cecb4cac70bfe1cd8007d2281cf080101a4ea6af5de1b149bda8293e2c604d340aa7c2fedb35fb4e9088d2f92470b6f9775832a35bb3ad42cbbcf67b406ef16fd184b633c; Path=/; Expires=Tue, 16 Aug 2022 10:24:36 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 11 Jul 2023 21:04:36 GMT; Secure
tracking_id: 102ac7e1b727db1090547580b211c0
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: dRPkyXkhMwSdyrzjDhiIaxrB52YeshVkpWZjWvwbNbi2MydzUFNbIA==

Redirect headers

Date: Sun, 16 Aug 2020 10:24:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d5641cd61c1200b4960c9e0355105f6de1597573475; expires=Tue, 15-Sep-20 10:24:35 GMT; path=/; domain=.inboxtalk.com; HttpOnly; SameSite=Lax
Location: https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456
CF-Cache-Status: DYNAMIC
cf-request-id: 049865c644000016e6473c5200000001
Server: cloudflare
CF-RAY: 5c3a72506b3916e6-FRA

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ 23 KB
7 KB 88ms
21ms Script
text/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: t.asldating.link
URL: https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer: https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Dec 2014 21:06:56 GMT
ETag: "1417727216"
X-HW: 1597573476.dop209.pa1.t,1597573476.cds035.pa1.shn,1597573476.cds035.pa1.c
Content-Type: text/javascript
Cache-Control: max-age=41252
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H2

200

/ Show response
s.sloffer.link/44542/4625/
Redirect Chain

https://a.vfghe.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=TRACKERHERE;&affiliateID=44542&source=102ac7e1b727db1090547580b211c0&subID2=52463&s2=102ac7e1b727db1090547580b211c0&s3=TRACKERHERE;&s...
https://a.vfghe.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=TRACKERHERE%3B&affiliateID=44542&source=102ac7e1b727db1090547580b211c0&subID2=52463&Target=Emails&Site=&Bnr=&cid=wsd8qc7v19f96a812a7t...
https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756

2 KB
2 KB

422ms
421ms

Document
text/html

13.226.155.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756

Requested by

Host: t.asldating.link
URL: https://t.asldating.link/ih2537dg3k?url_id=22386&aff_id=52463&offer_id=3785&aff_sub=TRACKERHERE&bo=2753,2754,2755,2756&po=6456

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.57 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-57.dus51.r.cloudfront.net

Software

nginx/1.17.10 / Express

Resource Hash

094d0e152ce9d19c523889654add052e67ae10525cc458335e2625d07f6a4452

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s.sloffer.link
:scheme: https
:path: /44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.asldating.link/52463/2753?po=6456&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=TRACKERHERE
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://t.asldating.link/52463/2753?po=6456&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=TRACKERHERE

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx/1.17.10
date: Sun, 16 Aug 2020 10:24:37 GMT
vary: Accept-Encoding
x-powered-by: Express
set-cookie: aff_ran_url_7321=22663; Path=/; Expires=Mon, 17 Aug 2020 10:24:37 GMT; Secure enc_aff_session_7321=ENC031e0bacb595a554a08bcef89d0c99d24f9cd9fe2923c27237805ba85e4a7a1d2f5f1f93c4c2b44c2ccf73944000a5763d00f9b523c41b97b9213ed3c9be6132815b34fb99297ab24011aac326d4728f669870949b1f68cca07c1a8bf14c33354201acde6d3538ff4996a2f8e4e9aeb72fee88433c8e8d2fc4970aac6edd59b17af17ae18f4e984a0549eaf4b63d982c497daf93a53184c111f377c9c47d16df9fb3895c33fa8843e748a8ad5beffff27676e5cb2ae3158d92a90974876bbf04a93972dc126b80cddda42920d694b11486fddeaa484c658b41207892e88ae4abf3fae2683b22620b4012387c451c6dbb8207b053734b9853ab9a3b7f575dc3372961d3eed9e3b1fb74cfe15b8df79de7a6ac1a5dc5708a4df7b7857bd33c1f4b6431be6f27; Path=/; Expires=Fri, 05 Aug 2022 04:24:37 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 11 Jul 2023 21:04:37 GMT; Secure
tracking_id: 102cffca189126bfab74740bd9b112
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QpK7QO2IRXpqA81hp0DSgiIRmpWJ58Kc3PcaMLYpQDDV6uWwVVN0VQ==

Redirect headers

Server: nginx
Date: Sun, 16 Aug 2020 10:24:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756
Pragma: no-cache
Set-Cookie: 594d904a-0357-44c8-8f0f-a122ee52f3d8-v4=594d904a-0357-44c8-8f0f-a122ee52f3d8; Max-Age=86400; Expires=Mon, 17-Aug-2020 10:24:36 GMT; Domain=a.vfghe.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=F%2FByaaT7Rjcl5W1UCaQy8T%2Fzm1tCkoMkTsGnXs4nqTeWKretZXfY3a7xdmBRuGp3HQBvnm7Vn9Xc7M%2Ff1AXIsGzvuuEh0Oi5yxcITpHT6HkoDN4qlKgr84%2F5%2F4qSQa%2B5owcdqeN6L3uI%2BfF6iGBIOQ%3D%3D; Max-Age=31536000; Expires=Mon, 16-Aug-2021 10:24:36 GMT; Domain=a.vfghe.com; Path=/; Secure; HttpOnly;SameSite=None

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ 23 KB
7 KB 21ms
20ms Script
text/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: s.sloffer.link
URL: https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer: https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Dec 2014 21:06:56 GMT
ETag: "1417727216"
X-HW: 1597573476.dop209.pa1.t,1597573477.cds035.pa1.shn,1597573477.cds035.pa1.c
Content-Type: text/javascript
Cache-Control: max-age=41251
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H/1.1

200
OK

Primary Request gn8001 Show response
date.xdates18.com/landing/
Redirect Chain

https://o-2627.cloudtraff.com/51813aaa-a34b-43a4-9f0d-6e8c6af7bb4b?subPublisher=44542&source=52463&clicktag=102cffca189126bfab74740bd9b112
https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443...

31 KB
5 KB

166ms
126ms

Document
text/html

185.154.225.17
CQINT-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Requested by: Host: s.sloffer.link
URL: https://s.sloffer.link/44542/4625/?aff_sub=TRACKERHERE%3B&aff_sub2=52463&aff_sub3=wsd8qc7v19f96a81inmv4dbq&source=102ac7e1b727db1090547580b211c0&bo=2753,2754,2755,2756
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.154.225.17 , Netherlands, ASN25418 (CQINT-NL, DE),
Reverse DNS
Software: nginx /
Resource Hash: 68d722f515fd6cae37454932cc11ecc743061872b41173dc3c80b4c0f4ce6f38

Request headers

Host: date.xdates18.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://s.sloffer.link/44542/2753?aff_sub3=wsd8qc7v19f96a81inmv4dbq&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=TRACKERHERE%3B&aff_sub2=52463&source=102ac7e1b727db1090547580b211c0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.sloffer.link/44542/2753?aff_sub3=wsd8qc7v19f96a81inmv4dbq&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=TRACKERHERE%3B&aff_sub2=52463&source=102ac7e1b727db1090547580b211c0

Response headers

server: nginx
date: Sun, 16 Aug 2020 10:24:37 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: PHPSESSID=5a8ll08vu3p8cg7pp9lkin6qr9; path=/
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
pragma: no-cache
content-encoding: gzip

Redirect headers

status: 302
server: openresty/1.15.8.1
date: Sun, 16 Aug 2020 10:24:37 GMT
content-length: 0
location: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
set-cookie: attrk=yes;Version=1;Max-Age=86400 vcid=%7B%22id%22%3A%228bdcdad2-2f4a-42fa-80a6-8b6f29d96fe1%22%2C%22firstTime%22%3A%22Aug+16%2C+2020+10%3A24%3A37+AM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Aug+16%2C+2020+10%3A24%3A37+AM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D;Version=1;Domain=cloudtraff.com;Path=/;Max-Age=2147483647;Expires=Fri, 03 Sep 2088 13:38:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1 200
OK grid_layout.css
lpmedia.justservingfiles.net/style/layout/ 17 KB
3 KB 98ms
21ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/layout/grid_layout.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 0a799d5868aca297298e70253bf899cf889fb022659902f60545e808866cc01d

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-4559"
X-HW: 1597573477.dop025.pa1.t,1597573477.cds221.pa1.shn,1597573477.dop025.pa1.t,1597573477.cds229.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2241

GET
H/1.1 200
OK panel.css
lpmedia.justservingfiles.net/style/layout/ 366 B
634 B 321ms
242ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/layout/panel.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 6484fcdb6f40f352400919c3e1958acbf5f78949ac6a6f603abe3ca4989f46c8

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-16e"
X-HW: 1597573477.dop028.pa1.t,1597573477.cds219.pa1.shn,1597573477.dop028.pa1.t,1597573477.cds221.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 203

GET
H/1.1 200
OK button.css
lpmedia.justservingfiles.net/style/layout/ 3 KB
1 KB 104ms
23ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/layout/button.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 676d45c5c508634c3ba86c4ef579e918e04439bb0cf8a296d90c20ff1a78e295

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-af9"
X-HW: 1597573477.dop001.pa1.t,1597573477.cds032.pa1.shn,1597573477.dop001.pa1.t,1597573477.cds232.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 708

GET
H/1.1 200
OK animation.css
lpmedia.justservingfiles.net/style/layout/ 2 KB
954 B 104ms
23ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/layout/animation.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 04ba31993919023c1305651ccb3e9e5c0de988d8e9591770077c424dfdc2b9ad

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-910"
X-HW: 1597573477.dop029.pa1.t,1597573477.cds016.pa1.shn,1597573477.dop029.pa1.t,1597573477.cds229.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 523

GET
H/1.1 200
OK login_form.css
lpmedia.justservingfiles.net/widgets/loginFormBuilder/ 1 KB
813 B 105ms
23ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/loginFormBuilder/login_form.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 4eabf80bb8137daf3c28a7051991840525ccbb12e92a3ccfd5732fd312576372

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-426"
X-HW: 1597573477.dop002.pa1.t,1597573477.cds034.pa1.shn,1597573477.dop002.pa1.t,1597573477.cds232.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 382

GET
H/1.1 200
OK registration.css
lpmedia.justservingfiles.net/widgets/mb_registration/ 6 KB
2 KB 110ms
21ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/mb_registration/registration.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 70ff8791b964891b85f96f91804ad6b4f69b474374db607de36dc747eb745140

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-16f3"
X-HW: 1597573477.dop006.pa1.t,1597573477.cds039.pa1.shn,1597573477.dop006.pa1.t,1597573477.cds212.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1408

GET
H/1.1 200
OK progress-bar.css
lpmedia.justservingfiles.net/widgets/mb_registration/ 1 KB
812 B 119ms
21ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/mb_registration/progress-bar.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: a9bcb05cd390e3d71e61e9761bdf17d5354ad02fbd1655fc31bd6ff18f0bb091

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-441"
X-HW: 1597573477.dop025.pa1.t,1597573477.cds221.pa1.shn,1597573477.dop025.pa1.t,1597573477.cds230.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 381

GET
H/1.1 200
OK corner.css
lpmedia.justservingfiles.net/widgets/corner/ 246 B
631 B 127ms
22ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/corner/corner.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-f6"
X-HW: 1597573477.dop001.pa1.t,1597573477.cds032.pa1.shn,1597573477.dop001.pa1.t,1597573477.cds220.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 201

GET
H/1.1 200
OK style.css
lpmedia.justservingfiles.net/style/templates/GetNaughty/ 18 KB
4 KB 127ms
22ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/GetNaughty/style.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: df931722a6319f8e0005a86d10ccef60e3a81e79f9055eb45f341cac71c9cd9d

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-4916"
X-HW: 1597573477.dop029.pa1.t,1597573477.cds016.pa1.shn,1597573477.dop029.pa1.t,1597573477.cds231.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3430

GET
H/1.1 200
OK GetNaughty--default.css
lpmedia.justservingfiles.net/style/templates/GetNaughty/ 2 KB
912 B 128ms
23ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/GetNaughty/GetNaughty--default.css?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: d2678a8f5a6b32045f22b0a2926f43f976333eaff12a5e207407a39ef91c27d6

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-8c8"
X-HW: 1597573477.dop002.pa1.t,1597573477.cds034.pa1.shn,1597573477.dop002.pa1.t,1597573477.cds041.pa1.c
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 481

GET
H/1.1 200
OK xdates18_com_w.png
lpmedia.justservingfiles.net/img/_logos/ 4 KB
5 KB 22ms
22ms Image
image/png 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_logos/xdates18_com_w.png?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: c52e4f3d44c5afc9c45cefedb6675f286a19164d6eae0770977e62a808aff57a

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Last-Modified: Thu, 13 Aug 2020 08:14:36 GMT
server: nginx
etag: "5f34f66c-1171"
X-HW: 1597573477.dop001.pa1.t,1597573477.cds032.pa1.shn,1597573477.dop001.pa1.t,1597573477.cds223.pa1.c
Content-Type: image/png
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4465

GET
H/1.1 200
OK gn1.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 64 KB
64 KB 23ms
22ms Image
image/jpeg 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/gn1.jpg?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 88f7e268c7c6234fc124a614b5641661f42781ef49cc246f8c060bf5cd4a163d

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Last-Modified: Thu, 13 Aug 2020 08:14:46 GMT
server: nginx
etag: "5f34f676-1002f"
X-HW: 1597573477.dop006.pa1.t,1597573477.cds039.pa1.shn,1597573477.dop006.pa1.t,1597573477.cds220.pa1.c
Content-Type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 65583

GET
H/1.1 200
OK gn2.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 65 KB
65 KB 22ms
21ms Image
image/jpeg 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/gn2.jpg?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 356c5f78ee17bb4b1272eceb665f11a6bcfa4f8d0a868ceb58e617b7df51663a

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Last-Modified: Thu, 13 Aug 2020 08:14:46 GMT
server: nginx
etag: "5f34f676-1043a"
X-HW: 1597573477.dop025.pa1.t,1597573477.cds221.pa1.shn,1597573477.dop025.pa1.t,1597573477.cds043.pa1.c
Content-Type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 66618

GET
H/1.1 200
OK gn3.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 80 KB
81 KB 23ms
22ms Image
image/jpeg 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/gn3.jpg?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: a0c4c35f57fc780ac537bd7a9773d91318313ead6c3215b7a180ce4fd27826b0

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Last-Modified: Thu, 13 Aug 2020 08:14:46 GMT
server: nginx
etag: "5f34f676-14077"
X-HW: 1597573477.dop001.pa1.t,1597573477.cds032.pa1.shn,1597573477.dop001.pa1.t,1597573477.cds039.pa1.c
Content-Type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 82039

GET
H/1.1 200
OK gn4.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 76 KB
77 KB 24ms
23ms Image
image/jpeg 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/gn4.jpg?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: bbc07f75390b2dd4311d935bdf2873198dd82c403a5e1276d972add65146a361

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Last-Modified: Thu, 13 Aug 2020 08:14:46 GMT
server: nginx
etag: "5f34f676-13195"
X-HW: 1597573477.dop029.pa1.t,1597573477.cds016.pa1.shn,1597573477.dop029.pa1.t,1597573477.cds013.pa1.c
Content-Type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 78229

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 22:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475347
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Aug 2021 22:22:10 GMT

GET
H/1.1 200
OK login_form_v2.js Show response
lpmedia.justservingfiles.net/widgets/loginFormBuilder/ 6 KB
2 KB 25ms
25ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/loginFormBuilder/login_form_v2.js?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: bb2328f44237cacba8280ad813f09e3a193235da9bc85aec0998543ef34df7e3

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-180a"
X-HW: 1597573477.dop006.pa1.t,1597573477.cds039.pa1.shn,1597573477.dop006.pa1.t,1597573477.cds045.pa1.c
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1660

GET
H/1.1 200
OK validation.js Show response
lpmedia.justservingfiles.net/js/helpers/ 10 KB
3 KB 25ms
24ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/helpers/validation.js?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 04f000dceb61d3efb7c65749e369004cbc0212a9dbcceb6105d326cb16388cb3

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:49 GMT
server: nginx
etag: W/"5f34f679-26af"
X-HW: 1597573477.dop025.pa1.t,1597573477.cds221.pa1.shn,1597573477.dop025.pa1.t,1597573477.cds225.pa1.c
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3127

GET
H/1.1 200
OK registration.js Show response
lpmedia.justservingfiles.net/js/ 18 KB
4 KB 24ms
23ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/registration.js?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f29f65e40541e7390a5b93fd9e87a060713dae9aaa8e586d9854fda5b2888db7

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-4990"
X-HW: 1597573477.dop002.pa1.t,1597573477.cds034.pa1.shn,1597573477.dop002.pa1.t,1597573477.cds038.pa1.c
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3914

GET
H/1.1 200
OK popwin.js Show response
lpmedia.justservingfiles.net/js/ 1 KB
970 B 23ms
22ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/popwin.js?582834
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 08:14:50 GMT
server: nginx
etag: W/"5f34f67a-499"
X-HW: 1597573477.dop029.pa1.t,1597573477.cds016.pa1.shn,1597573477.dop029.pa1.t,1597573477.cds025.pa1.c
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 525

GET
H/1.1 200
OK orange-tiles-mix.jpg
lpmedia.justservingfiles.net/img/_patterns/ 331 KB
331 KB 24ms
23ms Image
image/jpeg 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_patterns/orange-tiles-mix.jpg
Requested by: Host: date.xdates18.com
URL: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: fe61727d311280aa6d4186114b0d219e2a41d989f1c69fcf250af58d2f52a45d

Request headers

Referer: https://date.xdates18.com/landing/gn8001?zz=true&isAffiliate=true&sub=1415&spub_id=44542&tag=d7a22443-edc7-44c0-9cbd-24f772b13d96&hit_id=d7a22443-edc7-44c0-9cbd-24f772b13d96&tp_redirect_id=d7a22443-edc7-44c0-9cbd-24f772b13d96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 10:24:37 GMT
Last-Modified: Thu, 13 Aug 2020 08:14:37 GMT
server: nginx
etag: "5f34f66d-52b3a"
X-HW: 1597573477.dop028.pa1.t,1597573477.cds219.pa1.shn,1597573477.dop028.pa1.t,1597573477.cds224.pa1.c
Content-Type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 338746

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			date.xdates18.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5a8ll08vu3p8cg7pp9lkin6qr9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vfghe.com
ajax.googleapis.com
ckstatic.com
date.xdates18.com
link443.com
lpmedia.justservingfiles.net
ma.inboxmen.com
ma.inboxtalk.com
o-2627.cloudtraff.com
romancehit.com
s.sloffer.link
t.asldating.link
13.226.155.57
156.67.36.11
18.195.71.253
185.154.225.17
200.234.150.33
205.185.216.10
2606:4700:3032::6812:2440
2606:4700:3032::6818:782e
2606:4700:3033::681b:9d8e
2a00:1450:4001:815::200a
69.16.175.42
04ba31993919023c1305651ccb3e9e5c0de988d8e9591770077c424dfdc2b9ad
04f000dceb61d3efb7c65749e369004cbc0212a9dbcceb6105d326cb16388cb3
094d0e152ce9d19c523889654add052e67ae10525cc458335e2625d07f6a4452
0a799d5868aca297298e70253bf899cf889fb022659902f60545e808866cc01d
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
356c5f78ee17bb4b1272eceb665f11a6bcfa4f8d0a868ceb58e617b7df51663a
3915d763147c316d66d19b11599c44a6751c90a77cffff3531fc846fa02bb758
4eabf80bb8137daf3c28a7051991840525ccbb12e92a3ccfd5732fd312576372
6484fcdb6f40f352400919c3e1958acbf5f78949ac6a6f603abe3ca4989f46c8
676d45c5c508634c3ba86c4ef579e918e04439bb0cf8a296d90c20ff1a78e295
68d722f515fd6cae37454932cc11ecc743061872b41173dc3c80b4c0f4ce6f38
70ff8791b964891b85f96f91804ad6b4f69b474374db607de36dc747eb745140
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88f7e268c7c6234fc124a614b5641661f42781ef49cc246f8c060bf5cd4a163d
8c16edfd754db4d1d379317b83612c9e1e081842dfd6f127d6aa46a9ae5f44b7
a0c4c35f57fc780ac537bd7a9773d91318313ead6c3215b7a180ce4fd27826b0
a9bcb05cd390e3d71e61e9761bdf17d5354ad02fbd1655fc31bd6ff18f0bb091
bb2328f44237cacba8280ad813f09e3a193235da9bc85aec0998543ef34df7e3
bbc07f75390b2dd4311d935bdf2873198dd82c403a5e1276d972add65146a361
c52e4f3d44c5afc9c45cefedb6675f286a19164d6eae0770977e62a808aff57a
d2678a8f5a6b32045f22b0a2926f43f976333eaff12a5e207407a39ef91c27d6
df931722a6319f8e0005a86d10ccef60e3a81e79f9055eb45f341cac71c9cd9d
f29f65e40541e7390a5b93fd9e87a060713dae9aaa8e586d9854fda5b2888db7
fe61727d311280aa6d4186114b0d219e2a41d989f1c69fcf250af58d2f52a45d

date.xdates18.com Open in urlscan Pro 185.154.225.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

96 %HTTPS

36 %IPv6

12 Domains

12 Subdomains

6 IPs

4 Countries

702 kBTransfer

873 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

date.xdates18.com Open in urlscan Pro
185.154.225.17 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

96 %
HTTPS

36 %
IPv6

12
Domains

12
Subdomains

6
IPs

4
Countries

702 kB
Transfer

873 kB
Size

1
Cookies

27 HTTP transactions
0 data transactions