baiser-chaud.com Open in urlscan Pro
18.158.163.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.sslsecuredlink.com/c/vZ/Xyb/xvfKWXhbKDLP3h2SlRBWS3/v/ooD3/F/6ba3b8ba
Effective URL:
https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaig...
Submission: On November 25 via api (November 25th 2021, 9:24:24 pm UTC) from BE — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 48 HTTP transactions. The main IP is 18.158.163.68, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is baiser-chaud.com.
TLS certificate: Issued by Amazon on April 9th 2021. Valid for: a year.

This is the only time baiser-chaud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.8.50.78 76.8.50.78	17185 (D102-PHL-1) (D102-PHL-1)
1 1	13.69.68.37 13.69.68.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
2 2	34.117.122.249 34.117.122.249	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:303... 2606:4700:3035::6815:252d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.57.94.90 52.57.94.90	16509 (AMAZON-02) (AMAZON-02)
1 5	18.158.163.68 18.158.163.68	16509 (AMAZON-02) (AMAZON-02)
15	2600:9000:21f... 2600:9000:21f3:ba00:6:74ba:b80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	3.65.163.54 3.65.163.54	16509 (AMAZON-02) (AMAZON-02)
10	3.120.52.136 3.120.52.136	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
48	11

1 76.8.50.78 (United States) 1 redirects

ASN17185 (D102-PHL-1, US)

links.sslsecuredlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.68.37 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.ar-mtch1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

umbalabob.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.122.249 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 249.122.117.34.bc.googleusercontent.com

adktrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:252d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

towertraffic.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.94.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-94-90.eu-central-1.compute.amazonaws.com

www.clicks.dating	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.158.163.68 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-163-68.eu-central-1.compute.amazonaws.com

baiser-chaud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:21f3:ba00:6:74ba:b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.cdn2reference.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.163.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-163-54.eu-central-1.compute.amazonaws.com

retargetcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.120.52.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com

pt-xb.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cdn2reference.com www.cdn2reference.com	328 KB
10	pt-xb.xyz pt-xb.xyz	27 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	322 KB
5	baiser-chaud.com baiser-chaud.com Failed	12 KB
4	google.com www.google.com	37 KB
3	clicks.dating www.clicks.dating	13 KB
2	retargetcore.com retargetcore.com	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	towertraffic.top 2 redirects towertraffic.top	1 KB
2	adktrack.com 2 redirects adktrack.com	1 KB
1	googletagmanager.com www.googletagmanager.com	42 KB
1	go2cloud.org 1 redirects umbalabob.go2cloud.org	2 KB
1	ar-mtch1.com 1 redirects r.ar-mtch1.com	351 B
1	sslsecuredlink.com 1 redirects links.sslsecuredlink.com	627 B
48	14

	Domain	Requested by
15	www.cdn2reference.com	baiser-chaud.com www.cdn2reference.com
10	pt-xb.xyz	retargetcore.com pt-xb.xyz
5	baiser-chaud.com	www.clicks.dating retargetcore.com baiser-chaud.com pt-xb.xyz
4	www.google.com	pt-xb.xyz www.gstatic.com
4	www.gstatic.com	pt-xb.xyz www.google.com
3	www.clicks.dating	www.clicks.dating
2	retargetcore.com	www.cdn2reference.com baiser-chaud.com
2	fonts.googleapis.com	www.cdn2reference.com
2	towertraffic.top	2 redirects
2	adktrack.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	baiser-chaud.com
1	umbalabob.go2cloud.org	1 redirects
1	r.ar-mtch1.com	1 redirects
1	links.sslsecuredlink.com	1 redirects
48	15

This site contains no links.

Subject Issuer	Validity	Valid
www.clicks.dating Amazon	`2021-08-24` - `2022-09-22`	a year	crt.sh
baiser-chaud.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
cdn2reference.com Amazon	`2021-11-10` - `2022-12-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
retargetcore.com Amazon	`2021-09-23` - `2022-10-22`	a year	crt.sh
pt-xb.xyz Amazon	`2021-08-27` - `2022-09-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Frame ID: 5C43B8677451038BB29191EEF6B1A5C7
Requests: 42 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b&co=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=mswrsspn5beb
Frame ID: 1358BAB8843C5C169934D64465F72A9C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.sslsecuredlink.com/c/vZ/Xyb/xvfKWXhbKDLP3h2SlRBWS3/v/ooD3/F/6ba3b8ba HTTP 302
https://r.ar-mtch1.com/Redirect?pid=ch&chid=k5&md5=1060a5ac5d890600c6254932c2c8dc4f&sha256=a4d80e94... HTTP 302
http://umbalabob.go2cloud.org/aff_ad?campaign_id=5&aff_id=185&aff_sub5=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t&af... HTTP 302
https://adktrack.com/campaign/?campaign_id=2657&keyword_id=10165&keyword_name=kmde&website_url=Z2... HTTP 307
https://adktrack.com/landing/?subcampaign_id=2950&banner_id=0&keyword_id=10165&keyword_name=kmde&... HTTP 307
https://towertraffic.top/www/delivery/afrm.php?zoneid=259&cb=15600 HTTP 302
https://towertraffic.top/www/delivery/cl.php?bannerid=1116&zoneid=259&sig=837d161a1226a5fc56674a6e263... HTTP 302
https://www.clicks.dating/a.php?slot=15068 Page URL
https://www.clicks.dating/a.php?slot=15068&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2... Page URL
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcz90ZHNJZD1... Page URL
https://baiser-chaud.com/tds?tdsId=s1043ale_r&tds_campaign=s1043ale&email=&utm_source=dda&utm_medium=... HTTP 302
https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-c... Page URL

Page Statistics

48
Requests

94 %
HTTPS

47 %
IPv6

14
Domains

15
Subdomains

11
IPs

4
Countries

782 kB
Transfer

1518 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.sslsecuredlink.com/c/vZ/Xyb/xvfKWXhbKDLP3h2SlRBWS3/v/ooD3/F/6ba3b8ba HTTP 302
https://r.ar-mtch1.com/Redirect?pid=ch&chid=k5&md5=1060a5ac5d890600c6254932c2c8dc4f&sha256=a4d80e94b0e9be97645478634ff544346b273b2f91d14554434df009bf2868e2&url=http%3a%2f%2fumbalabob.go2cloud.org%2faff_ad%3fcampaign_id%3d5%26aff_id%3d185%26aff_sub5%3dZ2lsc29uai5mcmVpc2FAZ21haWwuY29t%26aff_sub%3dexpertsender&type=c&list=FR&esp=F HTTP 302
http://umbalabob.go2cloud.org/aff_ad?campaign_id=5&aff_id=185&aff_sub5=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t&aff_sub=expertsender HTTP 302
https://adktrack.com/campaign/?campaign_id=2657&keyword_id=10165&keyword_name=kmde&website_url=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t&source=VrumeAdDating HTTP 307
https://adktrack.com/landing/?subcampaign_id=2950&banner_id=0&keyword_id=10165&keyword_name=kmde&country=DE&source=VrumeAdDating&zone_id=8&token1=0&pass_banner=0&website_url=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t HTTP 307
https://towertraffic.top/www/delivery/afrm.php?zoneid=259&cb=15600 HTTP 302
https://towertraffic.top/www/delivery/cl.php?bannerid=1116&zoneid=259&sig=837d161a1226a5fc56674a6e263cefffb45129f38188b25d83ec65e712609e76&oadest=https%3A%2F%2Fwww.clicks.dating%2Fa.php%3Fslot%3D15068&zoneid=259&cb=15600 HTTP 302
https://www.clicks.dating/a.php?slot=15068 Page URL
https://www.clicks.dating/a.php?slot=15068&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.45%20Safari/537.36|lng:de-DE,de;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:185.232.23.183&allowcookie=true&setreferrer= Page URL
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcz90ZHNJZD1zMTA0M2FsZV9yJnRkc19jYW1wYWlnbj1zMTA0M2FsZSZlbWFpbD0mdXRtX3NvdXJjZT1kZGEmdXRtX21lZGl1bT1tb2ImdXRtX2NhbXBhaWduPWF4X2VtJnV0bV90ZXJtPW1vYl93c3BfZGV1X2IzNzIwYWxlX2VtX3M4ZDA1NiZ1dG1fY29udGVudD0mcDE9MTUwNjgmczE9ZGQmdHI9ZVFPZ3RyZVlxMXlwUlRLUzBIQUJ4VWJWVFlJdlRxUVdoRmMxV2d5bTZMMXdGa3BwUk9Qb0lQa0NPUldJaU1FcCZ1dG1fc3ViPW9wbmZubCZwNT17cDV9&hash=b58e512fba9c9c4a86877364f743012b&ts=1637875473 Page URL
https://baiser-chaud.com/tds?tdsId=s1043ale_r&tds_campaign=s1043ale&email=&utm_source=dda&utm_medium=mob&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=&p1=15068&s1=dd&tr=eQOgtreYq1ypRTKS0HABxUbVTYIvTqQWhFc1Wgym6L1wFkppROPoIPkCORWIiMEp&utm_sub=opnfnl&p5={p5} HTTP 302
https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://links.sslsecuredlink.com/c/vZ/Xyb/xvfKWXhbKDLP3h2SlRBWS3/v/ooD3/F/6ba3b8ba HTTP 302
https://r.ar-mtch1.com/Redirect?pid=ch&chid=k5&md5=1060a5ac5d890600c6254932c2c8dc4f&sha256=a4d80e94b0e9be97645478634ff544346b273b2f91d14554434df009bf2868e2&url=http%3a%2f%2fumbalabob.go2cloud.org%2faff_ad%3fcampaign_id%3d5%26aff_id%3d185%26aff_sub5%3dZ2lsc29uai5mcmVpc2FAZ21haWwuY29t%26aff_sub%3dexpertsender&type=c&list=FR&esp=F HTTP 302
http://umbalabob.go2cloud.org/aff_ad?campaign_id=5&aff_id=185&aff_sub5=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t&aff_sub=expertsender HTTP 302
https://adktrack.com/campaign/?campaign_id=2657&keyword_id=10165&keyword_name=kmde&website_url=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t&source=VrumeAdDating HTTP 307
https://adktrack.com/landing/?subcampaign_id=2950&banner_id=0&keyword_id=10165&keyword_name=kmde&country=DE&source=VrumeAdDating&zone_id=8&token1=0&pass_banner=0&website_url=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t HTTP 307
https://towertraffic.top/www/delivery/afrm.php?zoneid=259&cb=15600 HTTP 302
https://towertraffic.top/www/delivery/cl.php?bannerid=1116&zoneid=259&sig=837d161a1226a5fc56674a6e263cefffb45129f38188b25d83ec65e712609e76&oadest=https%3A%2F%2Fwww.clicks.dating%2Fa.php%3Fslot%3D15068&zoneid=259&cb=15600 HTTP 302
https://www.clicks.dating/a.php?slot=15068

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

a.php Show response
www.clicks.dating/
Redirect Chain

https://links.sslsecuredlink.com/c/vZ/Xyb/xvfKWXhbKDLP3h2SlRBWS3/v/ooD3/F/6ba3b8ba
https://r.ar-mtch1.com/Redirect?pid=ch&chid=k5&md5=1060a5ac5d890600c6254932c2c8dc4f&sha256=a4d80e94b0e9be97645478634ff544346b273b2f91d14554434df009bf2868e2&url=http%3a%2f%2fumbalabob.go2cloud.org%2...
http://umbalabob.go2cloud.org/aff_ad?campaign_id=5&aff_id=185&aff_sub5=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t&aff_sub=expertsender
https://adktrack.com/campaign/?campaign_id=2657&keyword_id=10165&keyword_name=kmde&website_url=Z2lsc29uai5mcmVpc2FAZ21haWwuY29t&source=VrumeAdDating
https://adktrack.com/landing/?subcampaign_id=2950&banner_id=0&keyword_id=10165&keyword_name=kmde&country=DE&source=VrumeAdDating&zone_id=8&token1=0&pass_banner=0&website_url=Z2lsc29uai5mcmVpc2FAZ21...
https://towertraffic.top/www/delivery/afrm.php?zoneid=259&cb=15600
https://towertraffic.top/www/delivery/cl.php?bannerid=1116&zoneid=259&sig=837d161a1226a5fc56674a6e263cefffb45129f38188b25d83ec65e712609e76&oadest=https%3A%2F%2Fwww.clicks.dating%2Fa.php%3Fslot%3D15...
https://www.clicks.dating/a.php?slot=15068

32 KB
11 KB

30ms
10ms

Document
text/html

52.57.94.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clicks.dating/a.php?slot=15068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.94.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-94-90.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: cb6c2a961e76c8843dcaa19d4fc583b1332836dfe46c4e50001a89c2a05ea679

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 25 Nov 2021 21:24:18 GMT
content-type: text/html; charset=UTF-8
content-length: 10791
server: Apache/2.4.10 (Debian)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

date: Thu, 25 Nov 2021 21:24:18 GMT
content-type: text/html; charset=UTF-8
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://www.clicks.dating/a.php?slot=15068
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwEKtg5lvBhclDWu1gfQLdBHH7QHGS0v6CTnvWopTDfHfxvxouYbnrngR0aiRXjBK%2B%2Bwr8M4t9N86V8iFmzVl9e7%2BOGwrHGMQEwQ5%2BBpkqTm6UlcSeUsZi0Auw2vIgly66vS8mnRZX%2F0DcsTCOwc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b3df16cf8cb0f9a-VIE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 a.php Show response
www.clicks.dating/ 1 KB
1 KB 335ms
334ms Document
text/html 52.57.94.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clicks.dating/a.php?slot=15068&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.45%20Safari/537.36|lng:de-DE,de;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:185.232.23.183&allowcookie=true&setreferrer=
Requested by: Host: www.clicks.dating
URL: https://www.clicks.dating/a.php?slot=15068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.94.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-94-90.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3088fff85a56f3ef0a21306ca024c1af6640aa087d0db161ba906e54b55e91eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clicks.dating/a.php?slot=15068

Response headers

date: Thu, 25 Nov 2021 21:24:18 GMT
content-type: text/html; charset=UTF-8
content-length: 710
server: Apache/2.4.10 (Debian)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache
adxsubid
adxcost: 0.56
adxzoneid: 15068
adxdomain
adxmaterialname
adxmaterialid: 42135
adxcid: eQOgtreYq1ypRTKS0HABxUbVTYIvTqQWhFc1Wgym6L1wFkppROPoIPkCORWIiMEp
adxcampaignid: 13997
vary: Accept-Encoding
content-encoding: gzip

GET redirect.php
www.clicks.dating/delivery/ 0
0

GET
H/1.1 200
OK redirect.php Show response
www.clicks.dating/delivery/ 856 B
660 B 84ms
79ms Document
text/html 52.57.94.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcz90ZHNJZD1zMTA0M2FsZV9yJnRkc19jYW1wYWlnbj1zMTA0M2FsZSZlbWFpbD0mdXRtX3NvdXJjZT1kZGEmdXRtX21lZGl1bT1tb2ImdXRtX2NhbXBhaWduPWF4X2VtJnV0bV90ZXJtPW1vYl93c3BfZGV1X2IzNzIwYWxlX2VtX3M4ZDA1NiZ1dG1fY29udGVudD0mcDE9MTUwNjgmczE9ZGQmdHI9ZVFPZ3RyZVlxMXlwUlRLUzBIQUJ4VWJWVFlJdlRxUVdoRmMxV2d5bTZMMXdGa3BwUk9Qb0lQa0NPUldJaU1FcCZ1dG1fc3ViPW9wbmZubCZwNT17cDV9&hash=b58e512fba9c9c4a86877364f743012b&ts=1637875473
Requested by: Host: www.clicks.dating
URL: https://www.clicks.dating/a.php?slot=15068&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.45%20Safari/537.36|lng:de-DE,de;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:185.232.23.183&allowcookie=true&setreferrer=
Protocol: HTTP/1.1
Server: 52.57.94.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-94-90.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9b01279271206cf5d2c87bdb4d505cd8e74c4c587b0da0d20fb4809ea5c252a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 25 Nov 2021 21:24:18 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 440
Connection: keep-alive
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip

GET tds
baiser-chaud.com/ 0
0

GET
H2

200

Primary Request jump Show response
baiser-chaud.com/
Redirect Chain

https://baiser-chaud.com/tds?tdsId=s1043ale_r&tds_campaign=s1043ale&email=&utm_source=dda&utm_medium=mob&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=&p1=15068&s1=dd&tr=eQ...
https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_e...

7 KB
8 KB

225ms
225ms

Document
text/html

18.158.163.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Requested by: Host: www.clicks.dating
URL: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcz90ZHNJZD1zMTA0M2FsZV9yJnRkc19jYW1wYWlnbj1zMTA0M2FsZSZlbWFpbD0mdXRtX3NvdXJjZT1kZGEmdXRtX21lZGl1bT1tb2ImdXRtX2NhbXBhaWduPWF4X2VtJnV0bV90ZXJtPW1vYl93c3BfZGV1X2IzNzIwYWxlX2VtX3M4ZDA1NiZ1dG1fY29udGVudD0mcDE9MTUwNjgmczE9ZGQmdHI9ZVFPZ3RyZVlxMXlwUlRLUzBIQUJ4VWJWVFlJdlRxUVdoRmMxV2d5bTZMMXdGa3BwUk9Qb0lQa0NPUldJaU1FcCZ1dG1fc3ViPW9wbmZubCZwNT17cDV9&hash=b58e512fba9c9c4a86877364f743012b&ts=1637875473
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.163.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-163-68.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2aa6736584cf4e4ade33bfc92772cca57317c0b6999e2a3f26da307a3afd4a90

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcz90ZHNJZD1zMTA0M2FsZV9yJnRkc19jYW1wYWlnbj1zMTA0M2FsZSZlbWFpbD0mdXRtX3NvdXJjZT1kZGEmdXRtX21lZGl1bT1tb2ImdXRtX2NhbXBhaWduPWF4X2VtJnV0bV90ZXJtPW1vYl93c3BfZGV1X2IzNzIwYWxlX2VtX3M4ZDA1NiZ1dG1fY29udGVudD0mcDE9MTUwNjgmczE9ZGQmdHI9ZVFPZ3RyZVlxMXlwUlRLUzBIQUJ4VWJWVFlJdlRxUVdoRmMxV2d5bTZMMXdGa3BwUk9Qb0lQa0NPUldJaU1FcCZ1dG1fc3ViPW9wbmZubCZwNT17cDV9&hash=b58e512fba9c9c4a86877364f743012b&ts=1637875473

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-type: text/html; charset=UTF-8
content-length: 7597
server: nginx

Redirect headers

date: Thu, 25 Nov 2021 21:24:19 GMT
location: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
server: nginx
accept-ch: UA, Platform, Model, Mobile, Arch
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 webPushMotivationPopupSmall.css
www.cdn2reference.com/css/ 5 KB
2 KB 27ms
7ms Stylesheet
text/css 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn2reference.com/css/webPushMotivationPopupSmall.css?v=2
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 16:52:54 GMT
content-encoding: gzip
last-modified: Wed, 31 Oct 2018 08:31:29 GMT
server: nginx
age: 16285
etag: W/"1340-5798220f78880"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jAKIrdumDV094u9wKD-9tc2-DVumFNJRcCWhqKwm3UY9CDQVw2sV5Q==

GET
H2 200 c1822290ad6648679dfb87e60665a121.css
www.cdn2reference.com/landings/25429/css/ 3 KB
1 KB 29ms
9ms Stylesheet
text/css 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 38b097e26c8ee9ebe42639049f294b871fafaae6c1b58f666dd1dd0dc121253e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 09:03:03 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 14:02:07 GMT
server: nginx
age: 44476
etag: W/"a98-5ce3c685035c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: lL3AxWoEXR9buMro9puA2-GBQg1PXj98Pbu4ChUCqe0McohmYxr1Yg==

GET
H2 200 20dff8cf5ed8c45d47eca00751d44eb9.js Show response
www.cdn2reference.com/landings/25429/js/ 95 KB
33 KB 32ms
12ms Script
application/javascript 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn2reference.com/landings/25429/js/20dff8cf5ed8c45d47eca00751d44eb9.js
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aaf2bc75c60776c40df9015d7f99cde0e9adb2f81e859276ed30d7c431d6a720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 14:02:07 GMT
server: nginx
age: 13424
etag: W/"17b45-5ce3c685035c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: qvJkit99FffxBP_1JcS8VsyHu5Z3XZHZRXM6g0bo0Yy746Qi1JD3Tg==

GET
H2 200 logo1.svg
www.cdn2reference.com/landings/25429/images/ 7 KB
3 KB 11ms
10ms Image
image/svg+xml 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/logo1.svg
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e079697288b6413e5d725e35c9321982e40e28cc4a120f9e9d44da18498bd456

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 11:28:22 GMT
server: nginx
age: 13424
etag: W/"1ac6-5bd2cf6e58180"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: zMkCEKC3VIVc83yExX6_fREzPCm-MIFpSY8YFuH0zPcX-hoAL65YHA==

GET
H2 200 1-1.jpg
www.cdn2reference.com/landings/25429/images/ 27 KB
27 KB 13ms
12ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/1-1.jpg
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: afee828deb4f8539735da36032c0d3ecb40fa5251129ecc432af7a675b299bfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 10:26:09 GMT
server: nginx
age: 9451
etag: "6b12-5bd2c18647240"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 27410
x-amz-cf-id: xRB4YFkIhjb4vABjngplNvbAS2zAdC-M_l0IqPJyW7b8mRIzeGddlg==

GET
H2 200 1-2.jpg
www.cdn2reference.com/landings/25429/images/ 21 KB
21 KB 18ms
17ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/1-2.jpg
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 762d6a41d701d26adefa79edb51320a456b5394b50510a4dc1d70acbdbb24d0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:21:09 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 10:26:09 GMT
server: nginx
age: 68590
etag: "5475-5bd2c18647240"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 21621
x-amz-cf-id: a8QYN5b6LKKoYsM0PviBeQQ2cKcs6bQibdbub60pa1nv8vn0ObP7ww==

GET
H2 200 1-3.jpg
www.cdn2reference.com/landings/25429/images/ 20 KB
20 KB 20ms
19ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/1-3.jpg
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e60e6637e6525bd535b050fcceda17a970e00b7fd50bb8165f3e66ad2dd4f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 06:41:53 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 10:26:09 GMT
server: nginx
age: 52946
etag: "5070-5bd2c18647240"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 20592
x-amz-cf-id: 9DtaTlTlH0OlO_KRU8WVjSx5cYyk_kK3954Ino1sh8rNAsTdfjR2nw==

GET
H2 200 2-1.jpg
www.cdn2reference.com/landings/25429/images/ 28 KB
29 KB 26ms
25ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/2-1.jpg
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b3bdd197284dbd9df257cd9c5afc1b355791130ed158fddf7cbdd24bcc7211b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 06:53:12 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 10:26:09 GMT
server: nginx
age: 52267
etag: "70bb-5bd2c18647240"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 28859
x-amz-cf-id: IcgU56zFXwHU_6JgPnzxj4GLcw3b1RCGG_Fssy15LUY09jWvRxrA7A==

GET
H2 200 2-2.jpg
www.cdn2reference.com/landings/25429/images/ 31 KB
32 KB 23ms
22ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/2-2.jpg
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 770349c1793e9805dd4c1ee0f965bdd04997dba4beea08867cdae72fe191d5e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 10:26:09 GMT
server: nginx
age: 9451
etag: "7d5d-5bd2c18647240"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 32093
x-amz-cf-id: ROTnVm3YMUsUYdod-ucRtDT-yPRqfUvNk7Rnp5xkQ-pftqL5D5o_Og==

GET
H2 200 2-3.jpg
www.cdn2reference.com/landings/25429/images/ 27 KB
28 KB 25ms
24ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/2-3.jpg
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 57e92412a2113197019947b2ee0b8346207c303d7c4e64ebb847565be6e453c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 10:26:09 GMT
server: nginx
age: 8544
etag: "6d38-5bd2c18647240"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 27960
x-amz-cf-id: 9oZQ8PEb2wq8mENkH1efW80jmpWvGZgW0V951DiskUU_xCSu8KnqpQ==

GET
H2 200 webPushMotivationPopupSmall.js Show response
www.cdn2reference.com/js/ 9 KB
4 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn2reference.com/js/webPushMotivationPopupSmall.js?v=8
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 16:52:58 GMT
content-encoding: gzip
last-modified: Wed, 31 Oct 2018 08:31:29 GMT
server: nginx
age: 16281
etag: W/"22c1-5798220f7ced0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: rEk6TEnqlYgA3BwuA3NicTPsla_WVK60nuY8IeyQEj4hUVlEor9EoA==

GET
H2 200 dc_img.js Show response
www.cdn2reference.com/js/ 488 B
800 B 7ms
7ms Script
application/javascript 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn2reference.com/js/dc_img.js?v=8
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 21:28:27 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 09:19:39 GMT
server: nginx
age: 86152
etag: "1e8-5b2cbc78da216"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 488
x-amz-cf-id: bhteSvAqEGre-AuPFdLvWTxxMQ-h9lCciFJCzj-HSutxiMapn5YO-Q==

GET
H2 200 css
fonts.googleapis.com/ 1008 B
918 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant

Requested by

Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/css/webPushMotivationPopupSmall.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cdn2reference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 20:25:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 21:24:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 21:24:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
693 B 44ms
23ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cdn2reference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 19:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 21:24:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 21:24:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
42 KB 42ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

Requested by

Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf0e908b458a01732a4de6723790536d4290a8293b62c357dc0f54419f761fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42511
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Nov 2021 21:24:19 GMT

GET
H2 200 bgn1.jpg
www.cdn2reference.com/landings/25429/images/ 47 KB
47 KB 28ms
27ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/bgn1.jpg
Requested by: Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 58f27fa2574bd5340a7d846f7ff70f75a7fea46d1bc0869f4e6cb572fdb67467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 11:28:19 GMT
server: nginx
age: 9451
etag: "ba04-5bd2cf6b7bac0"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 47620
x-amz-cf-id: vllJOAYS2OMvo_MDJ_6HKu3oMCsG9_bGl1yUHBzOyoeuDWiHDHs7mQ==

GET
H2 200 bgn2.jpg
www.cdn2reference.com/landings/25429/images/ 42 KB
42 KB 30ms
29ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/bgn2.jpg
Requested by: Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fef0b42ea2afcd308cfebcf998c267cdc5060d42d30592fe57fda3adfbf48207

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 11:28:19 GMT
server: nginx
age: 9451
etag: "a619-5bd2cf6b7bac0"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 42521
x-amz-cf-id: 5KhYQ8q2miojiPzyr69j2-ntIRd1Ufeyd4R0j8AOvfsAUoBU6hk0Sw==

GET
H2 200 bgn3.jpg
www.cdn2reference.com/landings/25429/images/ 38 KB
39 KB 31ms
31ms Image
image/jpeg 2600:9000:21f3:ba00:6:74ba:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn2reference.com/landings/25429/images/bgn3.jpg
Requested by: Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2191f00c663a6e05629a909ef29e964ae6f5a44f9fde6774a007fb5e097a0a82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cdn2reference.com/landings/25429/css/c1822290ad6648679dfb87e60665a121.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:13 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 11:28:19 GMT
server: nginx
age: 9451
etag: "9988-5bd2cf6b7bac0"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 39304
x-amz-cf-id: LWUe_2FLQyTCTz-xWLEzFtCUtC0ZSQ7NaFD_fwPQR4m8U6bgKEqadA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://baiser-chaud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 546271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 fp_ec.js Show response
retargetcore.com/fp/ 1 KB
994 B 77ms
53ms Script
application/javascript 3.65.163.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://retargetcore.com/fp/fp_ec.js
Requested by: Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/js/dc_img.js?v=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.163.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-163-54.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 39f6585c09ef00d1ba4c49c049b9d359404d78ab5814d76cf4e482bdec00b6e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 13:37:37 GMT
server: nginx
etag: W/"50b-17d5750dce8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=6
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 main.js Show response
pt-xb.xyz/c_js/ 8 KB
3 KB 77ms
58ms Script
text/html 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/c_js/main.js?
Requested by: Host: retargetcore.com
URL: https://retargetcore.com/fp/fp_ec.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: d77e70de074e7aa92432f20bf0fda242f72b6c1f4f6915061e94bbc39a149569

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
etag: W/"205b-GNgMi/kyzVwKpiSHoYvA6/H4fww"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 mtu-integration-bridge.js Show response
baiser-chaud.com/ 739 B
969 B 54ms
53ms Script
application/javascript 18.158.163.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://baiser-chaud.com/mtu-integration-bridge.js?
Requested by: Host: retargetcore.com
URL: https://retargetcore.com/fp/fp_ec.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.163.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-163-68.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a554bc01c16e43dc6dd258c927b93cba7cd06f82e1b0cbe177232bdf955c0246

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
last-modified: Thu, 25 Nov 2021 13:37:37 GMT
server: nginx
etag: W/"2e3-17d5750dce8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=6
accept-ranges: bytes
x-robots-tag: noindex
content-length: 739

GET
H2 200 ac3fc68831981c704535980c826941a5
retargetcore.com/43fbb6270523e1760fa5f0d2579dea07/ 35 B
400 B 61ms
60ms Image
image/gif 3.65.163.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retargetcore.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&j_type=open&jump=25429&jump_name=
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.163.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-163-54.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Nov 2021 21:24:19 GMT
access-control-allow-credentials: true
accept-ch: UA, Platform, Model, Mobile, Arch
content-type: image/gif
server: nginx
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 mtu-integration.js Show response
baiser-chaud.com/ 4 KB
2 KB 53ms
53ms Script
application/javascript 18.158.163.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://baiser-chaud.com/mtu-integration.js
Requested by: Host: baiser-chaud.com
URL: https://baiser-chaud.com/mtu-integration-bridge.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.163.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-163-68.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d4f032371c512aea083e8f0542955c8f78bb86385cce8af5a61cd9c9b174c6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 13:37:37 GMT
server: nginx
etag: W/"edc-17d5750dce8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=6
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 rtr.js Show response
pt-xb.xyz/c_js/ 2 KB
1 KB 12ms
12ms Script
text/html 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/c_js/rtr.js?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%253A%252F%252Fbaiser-chaud.com%252Fjump%253Fid%253D25429%2526dci%253D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%2526tds_host%253Dbaiser-chaud.com%2526tds_campaign%253Db3720ale%2526utm_source%253Ddda%2526utm_campaign%253Dax_em%2526utm_term%253Dmob_wsp_deu_b3720ale_em_s8d056%2526utm_content%253D%25257Butm_content%25257D%2526s1%253Ddd%2526tds_id%253Db3720ale_jump_a_1592483705704%2526tds_oid%253D25429%2526tds_cid%253D3c20cc439a0580ea749c3541f45b7c69b8684833%2526tds_ac_id%253Ds1043ale%2526_tgUrl%253DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 8df671f9e63e36f71c284c621522ec61a7fd8199023d16af11453eaffafa458b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
etag: W/"788-XUpAOjfWt7Fj/DyM3ZUbjKR9UlA"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 webpush.js Show response
pt-xb.xyz/c_js/ 67 KB
18 KB 43ms
43ms Script
text/html 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/c_js/webpush.js?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%253A%252F%252Fbaiser-chaud.com%252Fjump%253Fid%253D25429%2526dci%253D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%2526tds_host%253Dbaiser-chaud.com%2526tds_campaign%253Db3720ale%2526utm_source%253Ddda%2526utm_campaign%253Dax_em%2526utm_term%253Dmob_wsp_deu_b3720ale_em_s8d056%2526utm_content%253D%25257Butm_content%25257D%2526s1%253Ddd%2526tds_id%253Db3720ale_jump_a_1592483705704%2526tds_oid%253D25429%2526tds_cid%253D3c20cc439a0580ea749c3541f45b7c69b8684833%2526tds_ac_id%253Ds1043ale%2526_tgUrl%253DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: e660f69a01d17353f1c5afef8cea76515f0d50a1a9929016f8ac3071859ea753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
etag: W/"10ac9-JpsE9DR/54+Gfe25pZVSL1t9vvs"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 ipp.js Show response
pt-xb.xyz/c_js/ 8 KB
2 KB 35ms
35ms Script
text/html 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/c_js/ipp.js?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%253A%252F%252Fbaiser-chaud.com%252Fjump%253Fid%253D25429%2526dci%253D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%2526tds_host%253Dbaiser-chaud.com%2526tds_campaign%253Db3720ale%2526utm_source%253Ddda%2526utm_campaign%253Dax_em%2526utm_term%253Dmob_wsp_deu_b3720ale_em_s8d056%2526utm_content%253D%25257Butm_content%25257D%2526s1%253Ddd%2526tds_id%253Db3720ale_jump_a_1592483705704%2526tds_oid%253D25429%2526tds_cid%253D3c20cc439a0580ea749c3541f45b7c69b8684833%2526tds_ac_id%253Ds1043ale%2526_tgUrl%253DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: a8a6ca1b16b8d308e8f5894ab18a7f5ee4dc3b3d5bfc866eb58870d0a3a8db21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
etag: W/"1e7f-MGF64Rb1ANVxPpIjsuLd7BOdqBc"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 recaptcha.js Show response
pt-xb.xyz/c_js/ 1 KB
1 KB 14ms
14ms Script
text/html 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/c_js/recaptcha.js?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%253A%252F%252Fbaiser-chaud.com%252Fjump%253Fid%253D25429%2526dci%253D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%2526tds_host%253Dbaiser-chaud.com%2526tds_campaign%253Db3720ale%2526utm_source%253Ddda%2526utm_campaign%253Dax_em%2526utm_term%253Dmob_wsp_deu_b3720ale_em_s8d056%2526utm_content%253D%25257Butm_content%25257D%2526s1%253Ddd%2526tds_id%253Db3720ale_jump_a_1592483705704%2526tds_oid%253D25429%2526tds_cid%253D3c20cc439a0580ea749c3541f45b7c69b8684833%2526tds_ac_id%253Ds1043ale%2526_tgUrl%253DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 5a42085a2debe8c251c6f2b230d276d24cef7bdb2f77a64e92baf514c935e483

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
etag: W/"5d7-wEQvDS10EyjA4+tcYD3kTFmjlHQ"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 rtr Show response
pt-xb.xyz/ 10 B
253 B 74ms
53ms XHR
application/json 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/rtr?referer=https%3A%2F%2Fbaiser-chaud.com%2Fjump%3Fid%3D25429%26dci%3D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%26tds_host%3Dbaiser-chaud.com%26tds_campaign%3Db3720ale%26utm_source%3Ddda%26utm_campaign%3Dax_em%26utm_term%3Dmob_wsp_deu_b3720ale_em_s8d056%26utm_content%3D%257Butm_content%257D%26s1%3Ddd%26tds_id%3Db3720ale_jump_a_1592483705704%26tds_oid%3D25429%26tds_cid%3D3c20cc439a0580ea749c3541f45b7c69b8684833%26tds_ac_id%3Ds1043ale%26_tgUrl%3DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%26tds_rt%3D%26tds_ao%3D1
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
etag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 10

GET
H2 200 baiser-chaud.com Show response
pt-xb.xyz/v1/recaptcha/inject/ 148 B
393 B 225ms
206ms XHR
application/json 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/v1/recaptcha/inject/baiser-chaud.com?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%3A%2F%2Fbaiser-chaud.com%2Fjump%3Fid%3D25429%26dci%3D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%26tds_host%3Dbaiser-chaud.com%26tds_campaign%3Db3720ale%26utm_source%3Ddda%26utm_campaign%3Dax_em%26utm_term%3Dmob_wsp_deu_b3720ale_em_s8d056%26utm_content%3D%257Butm_content%257D%26s1%3Ddd%26tds_id%3Db3720ale_jump_a_1592483705704%26tds_oid%3D25429%26tds_cid%3D3c20cc439a0580ea749c3541f45b7c69b8684833%26tds_ac_id%3Ds1043ale%26_tgUrl%3DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%26tds_rt%3D%26tds_ao%3D1
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 6fefeef7e53901118c4c64f8a069b0bdec839b67d0d932d88877eb8cbe9afec5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
etag: W/"94-DrUDJQfXWNnYP2AKUAtLYwG91fg"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 148

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.6.8/ 40 KB
11 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js

Requested by

Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/webpush.js?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%253A%252F%252Fbaiser-chaud.com%252Fjump%253Fid%253D25429%2526dci%253D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%2526tds_host%253Dbaiser-chaud.com%2526tds_campaign%253Db3720ale%2526utm_source%253Ddda%2526utm_campaign%253Dax_em%2526utm_term%253Dmob_wsp_deu_b3720ale_em_s8d056%2526utm_content%253D%25257Butm_content%25257D%2526s1%253Ddd%2526tds_id%253Db3720ale_jump_a_1592483705704%2526tds_oid%253D25429%2526tds_cid%253D3c20cc439a0580ea749c3541f45b7c69b8684833%2526tds_ac_id%253Ds1043ale%2526_tgUrl%253DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10869
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:11:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 19 Nov 2022 13:19:45 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 950 B
1 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b&onload=onRecaptchaLoadCallback

Requested by

Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

637d33e989bd628e363568b0c42159214e769ad93050dedcfe4b1dbd9b2c822a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 613
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 21:24:19 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
135 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b&onload=onRecaptchaLoadCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiser-chaud.com/
Origin: https://baiser-chaud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 25 Nov 2022 21:23:55 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1358 39 KB
20 KB 48ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b&co=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=mswrsspn5beb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3f471e23a6461f61722b70ba6d0ba7f94e61a70bba3186047a3ce3c598dfeba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gdmQKhnYUrzewmsh0tv2CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Nov 2021 21:24:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-gdmQKhnYUrzewmsh0tv2CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20169
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 1358 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b&co=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=mswrsspn5beb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 16:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 25 Nov 2022 16:15:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 1358 347 KB
135 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 25 Nov 2022 21:23:55 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1358 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b&co=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=mswrsspn5beb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 21:24:20 GMT

POST
H2 200 track Show response
pt-xb.xyz/v1/webpush/ 29 B
292 B 19ms
18ms XHR
application/json 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/v1/webpush/track?uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&networkGroup=
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/webpush.js?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%253A%252F%252Fbaiser-chaud.com%252Fjump%253Fid%253D25429%2526dci%253D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%2526tds_host%253Dbaiser-chaud.com%2526tds_campaign%253Db3720ale%2526utm_source%253Ddda%2526utm_campaign%253Dax_em%2526utm_term%253Dmob_wsp_deu_b3720ale_em_s8d056%2526utm_content%253D%25257Butm_content%25257D%2526s1%253Ddd%2526tds_id%253Db3720ale_jump_a_1592483705704%2526tds_oid%253D25429%2526tds_cid%253D3c20cc439a0580ea749c3541f45b7c69b8684833%2526tds_ac_id%253Ds1043ale%2526_tgUrl%253DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 2c2368eebd9058c07d6a0c3528143b1394c1f882ba07d994eac19651451c0353

Request headers

Referer: https://baiser-chaud.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 21:24:20 GMT
server: nginx
x-powered-by: Express
etag: W/"1d-pYINBXKYZGtRmLaYqub55TYgN7w"
vary: X-HTTP-Method-Override, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 29

OPTIONS
H2 200 track
pt-xb.xyz/v1/webpush/ Frame 0
0 54ms
54ms Preflight
text/html 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/v1/webpush/track?uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&networkGroup=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://baiser-chaud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Nov 2021 21:24:20 GMT
content-type: text/html; charset=utf-8
content-length: 4
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: POST
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
vary: Accept-Encoding

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1358 29 KB
16 KB 50ms
49ms XHR
application/json 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2054089a2e2234728cb8d06a0f0774c2d0fab015c1523eac1d9009e123923f39

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHW_wUAAAAAIHnTAw0sXkIuhgqd7l7M29KgO7b&co=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=mswrsspn5beb
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 25 Nov 2021 21:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16419
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 21:24:20 GMT

GET
H2 200 619fff03f30bb4003259c935 Show response
pt-xb.xyz/v1/recaptcha/token/baiser-chaud.com/03AGdBq265UCW3BLIvTFGKN_XQ7wpGObLEPCAa5Tnl_4LddjtQLfYLYioLsmcdOJVz-WzXZoZW3axXUyJSDu5C85zkIrZ6QrrUAC4LZOAgtI_hl7HTXReTLOrPQAABjMDj0u1hBD92zFCv4u9J6-AGI... 14 B
258 B 207ms
207ms XHR
application/json 3.120.52.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-xb.xyz/v1/recaptcha/token/baiser-chaud.com/03AGdBq265UCW3BLIvTFGKN_XQ7wpGObLEPCAa5Tnl_4LddjtQLfYLYioLsmcdOJVz-WzXZoZW3axXUyJSDu5C85zkIrZ6QrrUAC4LZOAgtI_hl7HTXReTLOrPQAABjMDj0u1hBD92zFCv4u9J6-AGIBvpV-RnwctQJG0cfX0HTvHVmaq_gQECRWaRKermGMu59DsQjU8bEtldFg7N08ZSzzvKnCLHWkyEX2DSyna1VnmnGQTX85qM7CPTIPtfwAVu9C2qMqwJ6huVJAeXdzvrT7O6m3j0kn1482_Ohzew63SK58TN199Zlp_VxJnqnur5dT3KL2AGcRJw66Y5CxpxOdykzyjb8y8ZZoc1k0ckZqbhHUrElLKGb-HBzkfHI6iyV4HrVcPYfh11uWwYaPxwB_iMqU0zYPNrrBC_0eR6fYYjH4RdDjyIVTrToCLI5fabv8TLiLkznLWaHZi5RMwkUhF-YBWbke66jQ/619fff03f30bb4003259c935
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-136.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 357f69585305a6013b423ca75a63c1535a3bcdfc0b81f46f1af4896cb6f5b34c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:20 GMT
etag: W/"e-xwGBYk5OtPbVFdhE+ZmS3dlbUWk"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 14

GET
H2 200 manifest.json
baiser-chaud.com/ 759 B
1005 B 90ms
75ms Manifest
application/json 18.158.163.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://baiser-chaud.com/manifest.json
Requested by: Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/webpush.js?placement=default&referer=http%3A%2F%2Fwww.clicks.dating%2F&doc_location=https%253A%252F%252Fbaiser-chaud.com%252Fjump%253Fid%253D25429%2526dci%253D92b0c845fbb6cc9f340b9bf572f32f7f34c16b77%2526tds_host%253Dbaiser-chaud.com%2526tds_campaign%253Db3720ale%2526utm_source%253Ddda%2526utm_campaign%253Dax_em%2526utm_term%253Dmob_wsp_deu_b3720ale_em_s8d056%2526utm_content%253D%25257Butm_content%25257D%2526s1%253Ddd%2526tds_id%253Db3720ale_jump_a_1592483705704%2526tds_oid%253D25429%2526tds_cid%253D3c20cc439a0580ea749c3541f45b7c69b8684833%2526tds_ac_id%253Ds1043ale%2526_tgUrl%253DaHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.163.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-163-68.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: ebf7cf8f9e9497b278b4b608955e97aa240ad0318a9f074981b1224058ca764f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 21:24:20 GMT
etag: W/"2f7-on6bIWDGhm8xLtKx2xHTPD2oC0g"
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 759

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.clicks.dating
URL: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcz90ZHNJZD1zMTA0M2FsZV9yJnRkc19jYW1wYWlnbj1zMTA0M2FsZSZlbWFpbD0mdXRtX3NvdXJjZT1kZGEmdXRtX21lZGl1bT1tb2ImdXRtX2NhbXBhaWduPWF4X2VtJnV0bV90ZXJtPW1vYl93c3BfZGV1X2IzNzIwYWxlX2VtX3M4ZDA1NiZ1dG1fY29udGVudD0mcDE9MTUwNjgmczE9ZGQmdHI9ZVFPZ3RyZVlxMXlwUlRLUzBIQUJ4VWJWVFlJdlRxUVdoRmMxV2d5bTZMMXdGa3BwUk9Qb0lQa0NPUldJaU1FcCZ1dG1fc3ViPW9wbmZubCZwNT17cDV9&hash=b58e512fba9c9c4a86877364f743012b&ts=1637875473

Domain: baiser-chaud.com
URL: https://baiser-chaud.com/tds?tdsId=s1043ale_r&tds_campaign=s1043ale&email=&utm_source=dda&utm_medium=mob&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=&p1=15068&s1=dd&tr=eQOgtreYq1ypRTKS0HABxUbVTYIvTqQWhFc1Wgym6L1wFkppROPoIPkCORWIiMEp&utm_sub=opnfnl&p5={p5}

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:17:07	Name: _GRECAPTCHA Value: 09ABBMTcOzolWpMyX3ftj462wcU5XYrPWot3TJOSCoDVFFnzEMesmL_9KzAfcblyOO5UYgF8KFLn3bXYd5tGVUTFU
links.sslsecuredlink.com/	1969-12-31 23:59:59	Name: TEMP_DATA Value: c3d29a7d-cb68-4e7d-bd77-bc9270c02fbb
links.sslsecuredlink.com/	1969-12-31 23:59:59	Name: esg1 Value: vZ/Xyb/xvfKWXhbKDLP3h2SlRBWS3/v/ooD3/F/1e54f6f0
adktrack.com/	1969-12-31 23:59:59	Name: AdkFastLoading Value: "gAAAAABhn_8BnP5YfAtXMSHv1LkgV9Txb53PVshwX3ilz9vHOtu0aN1XKNbsjMvw2YN6ejD8uZLdGp9UAP0H6O-_FFmsWTogJb3Z5C1AzdeyBYt878Ap38cgS8w6SEW8CKlMpKw63h3A9DB_-pLAEg0uAjziObsPKG47-qsJSHLAQc1_RenK8p_dNi2JJUfxdoepAOvbKaURExpccmBSo1pzOX4N5p-PPUtAf1n1ItVoPopunfcE6eudVLZY-NLbUBnomoemKmUwtDrbY8Is0kglFUR7BmObvK1GhaAdzFtwpN6iOQvaLE4vmjMtzmxAP8pLsp7OPgotCrkX2ia-JcBPlXv1Ge8WjuY6PTwU-wRGgaGGZ1FKmuXCjjz_cCNpm3OnpJlRfcjkvk_D4Y1aIOH1n2RjLV52Y9s8xnW9_mJF_GlMPdnaGFfl5WP1C5vOlyL_BgeRqf14fmGVUgMNeEisDiYiLe8h7g=="
towertraffic.top/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CAT%7CEU%7C1%7CVienna%7C1040%7C48.1933%7C16.3727%7C200%7CEurope%2FVienna%7C%7C9%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
towertraffic.top/	1970-01-20 07:43:31	Name: OAID Value: ad26aedba0a574342d924904ff271931
www.clicks.dating/	1969-12-31 23:59:59	Name: PHPSESSID Value: ksqo6htpkfc38d4obub141c9e7
.www.clicks.dating/	1970-01-19 23:08:00	Name: fp2 Value: d0f0e69a072cad362abec007a70e0090
.baiser-chaud.com/	1970-01-20 07:43:31	Name: dci Value: 92b0c845fbb6cc9f340b9bf572f32f7f34c16b77
baiser-chaud.com/	1970-01-19 23:05:07	Name: dm Value: fe450dd0d1dadc615429144d33241f42
.retargetcore.com/	1970-01-20 07:43:31	Name: dci Value: 8adedbc55de8a742015e40fb6eba34feb11af715
pt-xb.xyz/	1970-01-19 22:57:56	Name: visitor_id Value: 619fff031ad664002c51c523
pt-xb.xyz/	1969-12-31 23:59:59	Name: company_id Value: 5e4fe3edf5f9d500451a1fbc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1(Line 8) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
other	error	URL: https://baiser-chaud.com/jump?id=25429&dci=92b0c845fbb6cc9f340b9bf572f32f7f34c16b77&tds_host=baiser-chaud.com&tds_campaign=b3720ale&utm_source=dda&utm_campaign=ax_em&utm_term=mob_wsp_deu_b3720ale_em_s8d056&utm_content=%7Butm_content%7D&s1=dd&tds_id=b3720ale_jump_a_1592483705704&tds_oid=25429&tds_cid=3c20cc439a0580ea749c3541f45b7c69b8684833&tds_ac_id=s1043ale&_tgUrl=aHR0cHM6Ly9iYWlzZXItY2hhdWQuY29tL3Rkcy90Zy9zL2QzMWQyNDlmMTMyY2FlZmE1ZmU2ZDU5MmVhMDMzNDhiP19fdD0xNjM3ODc1NDU5MDI3Jl9fbD0zNjAw&tds_rt=&tds_ao=1 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adktrack.com
baiser-chaud.com
fonts.googleapis.com
fonts.gstatic.com
links.sslsecuredlink.com
pt-xb.xyz
r.ar-mtch1.com
retargetcore.com
towertraffic.top
umbalabob.go2cloud.org
www.cdn2reference.com
www.clicks.dating
www.google.com
www.googletagmanager.com
www.gstatic.com
baiser-chaud.com
www.clicks.dating
13.69.68.37
18.158.163.68
2600:9000:21f3:ba00:6:74ba:b80:93a1
2606:4700:3035::6815:252d
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
3.120.52.136
3.65.163.54
34.117.122.249
52.210.2.133
52.57.94.90
76.8.50.78
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
2054089a2e2234728cb8d06a0f0774c2d0fab015c1523eac1d9009e123923f39
2191f00c663a6e05629a909ef29e964ae6f5a44f9fde6774a007fb5e097a0a82
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
2aa6736584cf4e4ade33bfc92772cca57317c0b6999e2a3f26da307a3afd4a90
2c2368eebd9058c07d6a0c3528143b1394c1f882ba07d994eac19651451c0353
3088fff85a56f3ef0a21306ca024c1af6640aa087d0db161ba906e54b55e91eb
357f69585305a6013b423ca75a63c1535a3bcdfc0b81f46f1af4896cb6f5b34c
38b097e26c8ee9ebe42639049f294b871fafaae6c1b58f666dd1dd0dc121253e
39f6585c09ef00d1ba4c49c049b9d359404d78ab5814d76cf4e482bdec00b6e3
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
57e92412a2113197019947b2ee0b8346207c303d7c4e64ebb847565be6e453c3
58f27fa2574bd5340a7d846f7ff70f75a7fea46d1bc0869f4e6cb572fdb67467
5a42085a2debe8c251c6f2b230d276d24cef7bdb2f77a64e92baf514c935e483
5e60e6637e6525bd535b050fcceda17a970e00b7fd50bb8165f3e66ad2dd4f27
637d33e989bd628e363568b0c42159214e769ad93050dedcfe4b1dbd9b2c822a
6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479
6fefeef7e53901118c4c64f8a069b0bdec839b67d0d932d88877eb8cbe9afec5
762d6a41d701d26adefa79edb51320a456b5394b50510a4dc1d70acbdbb24d0f
770349c1793e9805dd4c1ee0f965bdd04997dba4beea08867cdae72fe191d5e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8df671f9e63e36f71c284c621522ec61a7fd8199023d16af11453eaffafa458b
9b01279271206cf5d2c87bdb4d505cd8e74c4c587b0da0d20fb4809ea5c252a9
a554bc01c16e43dc6dd258c927b93cba7cd06f82e1b0cbe177232bdf955c0246
a8a6ca1b16b8d308e8f5894ab18a7f5ee4dc3b3d5bfc866eb58870d0a3a8db21
aaf2bc75c60776c40df9015d7f99cde0e9adb2f81e859276ed30d7c431d6a720
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53
afee828deb4f8539735da36032c0d3ecb40fa5251129ecc432af7a675b299bfb
b3bdd197284dbd9df257cd9c5afc1b355791130ed158fddf7cbdd24bcc7211b8
cb6c2a961e76c8843dcaa19d4fc583b1332836dfe46c4e50001a89c2a05ea679
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf0e908b458a01732a4de6723790536d4290a8293b62c357dc0f54419f761fa8
d3f471e23a6461f61722b70ba6d0ba7f94e61a70bba3186047a3ce3c598dfeba
d4f032371c512aea083e8f0542955c8f78bb86385cce8af5a61cd9c9b174c6a6
d77e70de074e7aa92432f20bf0fda242f72b6c1f4f6915061e94bbc39a149569
e079697288b6413e5d725e35c9321982e40e28cc4a120f9e9d44da18498bd456
e660f69a01d17353f1c5afef8cea76515f0d50a1a9929016f8ac3071859ea753
ebf7cf8f9e9497b278b4b608955e97aa240ad0318a9f074981b1224058ca764f
fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54
fef0b42ea2afcd308cfebcf998c267cdc5060d42d30592fe57fda3adfbf48207

baiser-chaud.com Open in urlscan Pro 18.158.163.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

48 Requests

94 %HTTPS

47 %IPv6

14 Domains

15 Subdomains

11 IPs

4 Countries

782 kBTransfer

1518 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

baiser-chaud.com Open in urlscan Pro
18.158.163.68 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

94 %
HTTPS

47 %
IPv6

14
Domains

15
Subdomains

11
IPs

4
Countries

782 kB
Transfer

1518 kB
Size

13
Cookies

48 HTTP transactions
0 data transactions