1prize4u.com Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response 1prize4u.com/m_dating1/	8 KB 3 KB	188ms 128ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf6b733921054f0faa4105b96744a06529c912c5171d7fba0759c2c35279dc5a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 88fe3d157d504d97-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 07 Jun 2024 05:28:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3i1vPPiR1FUI%2BUQNpJ%2BMYXh2McqSm1q2vS4EhWObL%2Fsudb%2F53HfUfNA8A81U3yfaIgqvKoSYcR%2Bo04%2BQC%2F7ISnY8nRK834ZsRAdibOt918Fw07HOc1TAapVOKVGjfBU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H3	200	script.js Show response backunder.com/	911 B 890 B	122ms 49ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://backunder.com/script.js Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e05b5f6d873b1857e696af8883191ef454f3919e62df36805ad502ba6a0dbfb7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 283 cf-polished origSize=1228 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 23 Jan 2023 19:14:45 GMT server cloudflare etag W/"4cc-5f2f3364b2fe4-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfDudFpkLEdQqYlCLYBwSmRPBTe%2BELgfB5L1GEvUXaSd47wyQZscvfZFTB2fY3L1dU5Od2OgNwurStm97tOJSh9goRZ%2FjJ%2B5YhvhW70LyITfGGFpvRIHv%2Bh5eOG9lTni"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 88fe3d16e8c05d7b-FRA
GET H3	200	style.css 1prize4u.com/m_dating1/	7 KB 2 KB	179ms 176ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/m_dating1/style.css Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df72ad7033ec4e39d4cd75b51d6600837e5f46af3bb31fed01bb07aabb61cede Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"01485768598da1c3228928b5aea2fa35" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GERSf2k3l0BAFxqIWW69zRNipywaWEIo3c5OdnaUvPq9EUQSVIapAJ9lr1Hu1UOi%2FwofxX4ZklamP3N1rwexckau8Vz6y5QBSlceG517lntzPF%2BuSZiFZS5yZaeplQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 88fe3d167ed04d97-FRA alt-svc h3=":443"; ma=86400
GET H3	200	btn-green.css 1prize4u.com/m_dating1/	207 B 674 B	127ms 124ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/m_dating1/btn-green.css Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cddf3574a5afadfbd10f89f1b0c80e9b7fe9a89c0e69e8fc314ddddcba333f45 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status MISS etag W/"180e4663d86ca6daeefcd4c3f673a4ed" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOBtLnBtmzTlLiftM%2F4q4DHmQsGXd%2BgEQsBfax%2FkxFzyI3DV4I%2BU%2FDjvRNKgOkwZ%2BpW4TrEsnmCaOw3LAUXOGOZU5Ak2lupFRYQu7djmw0QDm9kthkhUruxkAx4u%2BZs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 88fe3d167ed34d97-FRA alt-svc h3=":443"; ma=86400
GET H3	200	android.css 1prize4u.com/m_dating1/	310 B 709 B	66ms 64ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/m_dating1/android.css Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5b90f12962167c6e81ef255d1de6ba159cdb4223fb7f5619eeaecae1de81183 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"cef8f46b7f351864213d0fd475788feb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWJqa4xRBdv1NtrjKQyKErjyqCfRqZ8mIadGvuc8H0vflCRm4xCgWDp96IY8FYgyktaBG16I19Pp%2BzS0nIvz0uSNFv5%2BW7mzVHIG2SuKDfAWeGDApL76fm1%2F%2FFhLFx4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 88fe3d167ed54d97-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bg-img-mini.css 1prize4u.com/m_dating1/	287 B 688 B	178ms 177ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/m_dating1/bg-img-mini.css Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 166b8bfb01fbde7bac2b83e67e9acb01104c9faf360079c964756bd12be7724d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"01ef74fce79bf682637729ef01a9e803" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIOsYq53AL7kWpCoPftLYeQ%2B%2F%2F9hu2BlJzt9PvlLNeIRVl%2BYcvJryYApkh5x8oU05OZjKDza%2FDJ1XyvcOvxTwcAB%2FwkdhopGQGxxkkqpogt76A1fVc%2F1%2BEG53AutAvk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 88fe3d167ed64d97-FRA alt-svc h3=":443"; ma=86400
GET H3	200	01261300091751.jpeg 1prize4u.com/m_dating1/	25 KB 26 KB	172ms 168ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/01261300091751.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d0fb76ce0c2f3151772e5d5fab538b829d017d0dcf89ab3ba5fb889e6da0e04 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 25882 referrer-policy strict-origin-when-cross-origin server cloudflare etag "8b90328b51bf87dd965ce83177bb822a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZFrE%2FOCyQuT%2F6iXru7OuzZpW8UNd1xa6T5hNbCDEGNV7DMSQyTJUc7oYfkZHBeFlMzIBwlBrzVIN90CWGRVgGn6rIc2K6F3lpZZfJTJyjdarXWAA8F8Mg4DfAgH1eE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d169efa4d97-FRA
GET H3	200	0669571609554.jpeg 1prize4u.com/m_dating1/	31 KB 31 KB	222ms 219ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/0669571609554.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 370fe791a06f59c82fa518ef984b8fb282719fad49ce185294625ace39914f75 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 31480 referrer-policy strict-origin-when-cross-origin server cloudflare etag "5d0ea52c1a7c5d007cf27c7f68d6194f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KuIZ%2BHRZuWqmjGo8Qa6x3dHxI0kmQJSomisstmasAvq0ScVLy8h0a2DjDrv3DzFUtdqZkuvRPxC%2F0INCq7AUBjdLOVINdJwzkzOyPXT0C7WQ4R2aNlV6tkQbgr5tuQ0%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d169efe4d97-FRA
GET H3	200	01623157896108.jpeg 1prize4u.com/m_dating1/	23 KB 24 KB	165ms 131ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/01623157896108.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be32b303e8d41d73b76d61dabdfdc14a7456d6a086b13be807b8b31088fcb4a7 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 23619 referrer-policy strict-origin-when-cross-origin server cloudflare etag "7edea0f9dc64b5a5571f1739fc5c5305" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v78%2Fcjigee6yKh17HGoXXX%2F6G5LoWte6FnabkoXYBLUvoOkyd6vsXg9K5xtDLSjhnH7WzayqwrbgwCh1%2FfqzxM%2BfrunxS51xCDNnc5Jrya6LWtTtCCMChPahRe3QUt8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d17afdf4d97-FRA
GET H3	200	01314572001101.jpeg 1prize4u.com/m_dating1/	22 KB 23 KB	210ms 178ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/01314572001101.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71631d37ec944bb2fa220d64475f0e666c0ee73ea1a829232bb591ae96914c25 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 22827 referrer-policy strict-origin-when-cross-origin server cloudflare etag "5ef9a7eed93c253dda188024e908b950" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewzXZAtrAoU%2FsUS7mj79Va49z%2FTGZ3j2oPm2muOh%2FuGRPTkTL%2B42Rzn8jrNkCstU1SEH4%2FiVYD1XH3HgHC5yn1RgafYpge4wAdgE65ngxc0ePgDUgn6QL0cHE12fYhY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d17afe04d97-FRA
GET H3	200	044382413938.jpeg 1prize4u.com/m_dating1/	25 KB 25 KB	253ms 217ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/044382413938.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8f27b9f89a5cba7dd8e30b905f15fc27131ef8384261fa18d5d3f098c9b34a8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 25395 referrer-policy strict-origin-when-cross-origin server cloudflare etag "cdca32138615b0dd43ac3bf8b53c913d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VURq1VvWeBRnZXGrZGBTs%2BId%2BR%2BK8CN0P1Eqla%2BThx5zwYMzqs79Ap5acniCVE4h7rWO3mlsOEfLYOHT0g1bUJ6Nj4zJqp4crxk13ESkM%2FMw0g5rGSm%2BRl5UQchjWZM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d177fc54d97-FRA
GET H3	200	063832201551.jpeg 1prize4u.com/m_dating1/	21 KB 22 KB	326ms 289ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/063832201551.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e05f3576f8cccec8b8b9d03df055434ac3866d34b52880962aadfe0e06483c1 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 21926 referrer-policy strict-origin-when-cross-origin server cloudflare etag "a67b5c56fd5b56299c5133ec71003404" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zEPMVhaoDBfwvWSxlM4rrp%2FPoik3LHSM8I7rcqDEn%2BlKJJttvuAG84OEnVMeQw1kxB%2BfybzsZ074NnOyCtMN3FQy5QZWS8PrMwnhhiZZgM1z%2BOKG4EoNQa4N5IgthE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d17bfe54d97-FRA
GET H3	200	0510990695689.jpeg 1prize4u.com/m_dating1/	26 KB 26 KB	353ms 313ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/0510990695689.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f17595b3f6077f45588f6263c05018a61bfc87dcebd5733fc6fa1cedcf47be0 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 26402 referrer-policy strict-origin-when-cross-origin server cloudflare etag "39c232ee1815021014d5ecc88c33b508" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8JOEe8FpiFOfNZwcFUMHL6gKuqQP%2Bp3AYSTNEMOlQ%2BNlG7CXiHMtXiNaWbvwF6efCS5N07fSFB%2BK7Y34GwFiIIc%2B7stqMnt09SBIO2uUjslkAjU0hFgbMs4F1D64JQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d178fc94d97-FRA
GET H3	200	0299505312749.jpeg 1prize4u.com/m_dating1/	22 KB 23 KB	404ms 361ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/0299505312749.jpeg Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c6d0c2059a64b522906209a10e0dda5d4a1819a89e1185ab0bc5c76c49b05b5 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 22787 referrer-policy strict-origin-when-cross-origin server cloudflare etag "929665fdd4c103ceedac635df68fb25f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YHwlRYeS2E%2FmsZwqmLMuMHE1XnKdHUCMoUV3O4XS1mHEiac5wlDaJ30ngmvoxq369HGYglAQzR3uMFFY1gUxLTCoMsgHUIBWgjw8rQP8Sb6qGrmULhPn65g4H6hN3A%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d178fcb4d97-FRA
GET H2	200	micro.tag.min.js Show response lemouwee.com/act/files/	36 KB 15 KB	119ms 19ms	Script application/javascript	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash fa0fd04b8bbbc8eb30502d08b14f7ef9bd959cc9775390918c56a35a30e7b3d4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 07 Jun 2024 05:28:25 GMT content-encoding gzip last-modified Tue, 04 Jun 2024 12:14:40 GMT server nginx etag W/"665f0530-91a6" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET H3	206	default.mp3 1prize4u.com/m_dating1/	7 KB 7 KB	305ms 303ms	Media audio/mpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/m_dating1/default.mp3 Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Encoding identity;q=1, *;q=0 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Referer https://1prize4u.com/m_dating1/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Range bytes 0-6711/6712 alt-svc h3=":443"; ma=86400 Content-Length 6712 referrer-policy strict-origin-when-cross-origin server cloudflare etag "2654fc1f02d7edbca1c59f8dcd9c8a35" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yJV7j74%2BfJXMf38uF99YhJOwIeZ9ZlDSVhDwb3B3A8ODFqR3jRKDsT%2BgD6TPt%2FGQGs8PtFi81TXIRw4gQge3EBM4HMcAN8l2FnyvQfzCooHPq2Snp0WxHE4nmMGwT4%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 88fe3d1828584d97-FRA
GET H3	200	061906112940.png 1prize4u.com/m_dating1/	2 KB 3 KB	303ms 302ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1prize4u.com/m_dating1/061906112940.png Requested by Host: 1prize4u.com URL: https://1prize4u.com/m_dating1/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27bbd8d374cc746b7892fa5c286b67efc5b891d91c2afb24b8ef8139da2be99a Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 2164 referrer-policy strict-origin-when-cross-origin server cloudflare etag "b3e935a85afd0311520c58ef2af2dd56" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BoyM8hNlRk%2FH4P%2Bc5GMZkguuL7p7tVYMSWaqB4gHQUtedUhensAegt2JvoJL4WAjF7bD3RJ5YzwXqM1SCNqONwhfFeKrsTFIk7V8MFrM0mbUe5SutLJzrmra1phdnUI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 88fe3d18082e4d97-FRA
POST H2	200	custom jouteetu.net/	0 0	249ms 21ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	sw-check-permissions-12e55.js 1prize4u.com/	0 823 B	43ms 42ms	Other text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/sw-check-permissions-12e55.js?var=null&ymid=null&zoneId=6516407 Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:26 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"aa97dc6cbe8730b035e88baeda3fff3c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ygiWit0HffGCmhjXKY2U61gfMl3Po4x92xxEj1Ml8zi9MYHZlr5fExPIPhxM2nRVNA1WXTFykEH3GHdVmow0AiZsf%2Ff1IG3CBI6HUNQuLNNNzH5nYUn%2BQkNXOvO9YA%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 88fe3d1a7acb4d97-FRA alt-svc h3=":443"; ma=86400
POST H2	200	custom jouteetu.net/	0 0	234ms 25ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	zone lemouwee.com/	0 333 B	58ms 22ms	Ping text/plain	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://lemouwee.com/zone?&pub=0&zone_id=6516407&is_mobile=false&domain=1prize4u.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.518&trace_id=65f1024d-cbab-4548-ab2a-fbde8da1dc70&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6Ik5vdC5BL0JyYW5kIiwidmVyc2lvbiI6IjI0LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9&drf= Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:25 GMT strict-transport-security max-age=1 x-content-type-options nosniff accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server nginx access-control-allow-origin https://1prize4u.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 0
POST H2	200	custom jouteetu.net/	0 0	221ms 23ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	custom jouteetu.net/	0 0	273ms 78ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	gid.js Show response my.rtmark.net/	65 B 542 B	376ms 36ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6516407&checkDuplicate=true&ymid=null&var=null&source=pusher Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 5fea118d1f4aa66841ecbe2c61ad6b387a16e714b9bcbfe99595064296bd73be Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:26 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://1prize4u.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
POST H2	200	custom jouteetu.net/	0 0	235ms 42ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	favicon.ico 1prize4u.com/	1 KB 959 B	120ms 90ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1prize4u.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3718eb90c244fdeec1ad344607398e5c2c339f4b12a05ab0dd17a78d76b9b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/m_dating1/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:26 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZ8Mjsi2uR6q81lOuk9tGT0GqPh8CbGKr%2FYhmfWkpm%2FbEpWHdWNRVC3Ek%2BFCFQyHKrWFNOml4T0ntkgzS2a0S1ugtO2zU3tw0rvMGSnwwjyS6khCEmXuIPmt3lG8S%2BM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400, must-revalidate cf-ray 88fe3d1b9c0f4d97-FRA alt-svc h3=":443"; ma=86400
POST H2	200	custom jouteetu.net/	0 0	65ms 46ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	custom jouteetu.net/	0 0	55ms 45ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	zone Show response lemouwee.com/	798 B 1 KB	132ms 0ms	Fetch application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://lemouwee.com/zone?&pub=0&zone_id=6516407&is_mobile=false&domain=1prize4u.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.518&trace_id=65f1024d-cbab-4548-ab2a-fbde8da1dc70&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6Ik5vdC5BL0JyYW5kIiwidmVyc2lvbiI6IjI0LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9 Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e2943a58e3d72bc206739f5a46206270c5ccd1b5023a41ffa538f6921e13aac2 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 05:28:26 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://1prize4u.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 798
POST H2	200	custom jouteetu.net/	0 0	37ms 30ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	custom jouteetu.net/	0 0	21ms 19ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: lemouwee.com URL: https://lemouwee.com/act/files/micro.tag.min.js?z=6516407&ymid=null&var=null&sw=/sw-check-permissions-12e55.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://1prize4u.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| back string| under object| url object| pci object| ppi object| s object| zfgformats

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-21 05:54:34	Name: ID Value: 018074e16e0142c3f99073785894edd7

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1prize4u.com/m_dating1/# Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1prize4u.com
backunder.com
jouteetu.net
lemouwee.com
my.rtmark.net
139.45.195.8
139.45.197.251
188.114.96.3
166b8bfb01fbde7bac2b83e67e9acb01104c9faf360079c964756bd12be7724d
27bbd8d374cc746b7892fa5c286b67efc5b891d91c2afb24b8ef8139da2be99a
370fe791a06f59c82fa518ef984b8fb282719fad49ce185294625ace39914f75
4d0fb76ce0c2f3151772e5d5fab538b829d017d0dcf89ab3ba5fb889e6da0e04
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
5f17595b3f6077f45588f6263c05018a61bfc87dcebd5733fc6fa1cedcf47be0
5fea118d1f4aa66841ecbe2c61ad6b387a16e714b9bcbfe99595064296bd73be
71631d37ec944bb2fa220d64475f0e666c0ee73ea1a829232bb591ae96914c25
7e05f3576f8cccec8b8b9d03df055434ac3866d34b52880962aadfe0e06483c1
9c6d0c2059a64b522906209a10e0dda5d4a1819a89e1185ab0bc5c76c49b05b5
be32b303e8d41d73b76d61dabdfdc14a7456d6a086b13be807b8b31088fcb4a7
c8f27b9f89a5cba7dd8e30b905f15fc27131ef8384261fa18d5d3f098c9b34a8
cddf3574a5afadfbd10f89f1b0c80e9b7fe9a89c0e69e8fc314ddddcba333f45
cf6b733921054f0faa4105b96744a06529c912c5171d7fba0759c2c35279dc5a
df72ad7033ec4e39d4cd75b51d6600837e5f46af3bb31fed01bb07aabb61cede
e05b5f6d873b1857e696af8883191ef454f3919e62df36805ad502ba6a0dbfb7
e2943a58e3d72bc206739f5a46206270c5ccd1b5023a41ffa538f6921e13aac2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b90f12962167c6e81ef255d1de6ba159cdb4223fb7f5619eeaecae1de81183
fa0fd04b8bbbc8eb30502d08b14f7ef9bd959cc9775390918c56a35a30e7b3d4
ff3718eb90c244fdeec1ad344607398e5c2c339f4b12a05ab0dd17a78d76b9b0