datevane.com Open in urlscan Pro
172.67.142.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://audienceexposure.com/
Effective URL:
https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&sear...
Submission: On April 29 via api (April 29th 2024, 9:34:45 am UTC) from CH — Scanned from CH

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 24 HTTP transactions. The main IP is 172.67.142.136, located in United States and belongs to CLOUDFLARENET, US. The main domain is datevane.com.
TLS certificate: Issued by GTS CA 1P5 on April 15th 2024. Valid for: 3 months.

This is the only time datevane.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	139.177.202.97 139.177.202.97	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 2	3.33.192.145 3.33.192.145	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
12	172.67.142.136 172.67.142.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.122.47 18.66.122.47	16509 (AMAZON-02) (AMAZON-02)
1	172.67.204.112 172.67.204.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	9

2 72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

audienceexposure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.177.202.97 (Atlanta, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-177-202-97.ip.linodeusercontent.com

9525.abcantri.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.192.145 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

stvwell.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.sitamedal4.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.142.136 (United States)

ASN13335 (CLOUDFLARENET, US)

datevane.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

zeniocloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-47.fra60.r.cloudfront.net

static.production.push-sender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.204.112 (United States)

ASN13335 (CLOUDFLARENET, US)

alexatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	datevane.com datevane.com	3 MB
3	push-sender.com static.production.push-sender.com — Cisco Umbrella Rank: 275409	13 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 21566 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9422	90 KB
2	stvwell.online 1 redirects stvwell.online — Cisco Umbrella Rank: 232724	1 KB
2	abcantri.xyz 1 redirects 9525.abcantri.xyz	2 KB
2	audienceexposure.com audienceexposure.com — Cisco Umbrella Rank: 8329	4 KB
1	alexatracker.com alexatracker.com — Cisco Umbrella Rank: 222002	660 B
1	zeniocloud.com zeniocloud.com — Cisco Umbrella Rank: 238482	773 B
1	sitamedal4.online 1 redirects xml-v4.sitamedal4.online	517 B
24	9

	Domain	Requested by
12	datevane.com	stvwell.online datevane.com
3	static.production.push-sender.com	datevane.com
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	stvwell.online	1 redirects audienceexposure.com
2	9525.abcantri.xyz	1 redirects audienceexposure.com
2	audienceexposure.com	audienceexposure.com
1	alexatracker.com	zeniocloud.com
1	zeniocloud.com	datevane.com
1	xml-v4.sitamedal4.online	1 redirects
1	cdn.perfdrive.com	stvwell.online
24	10

This site contains links to these domains. Also see Links.

Domain
wke.qoelif.com

Subject Issuer	Validity	Valid
stvwell.online Amazon RSA 2048 M03	`2024-04-11` - `2025-05-10`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-09-21` - `2024-09-26`	a year	crt.sh
datevane.com GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-07-24` - `2024-08-05`	a year	crt.sh
zeniocloud.com GTS CA 1P5	`2024-03-11` - `2024-06-09`	3 months	crt.sh
production.push-sender.com Amazon RSA 2048 M03	`2024-03-18` - `2025-04-17`	a year	crt.sh
alexatracker.com GTS CA 1P5	`2024-03-21` - `2024-06-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139
Frame ID: E53491F7190261261735651B8634E0D2
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://audienceexposure.com/ HTTP 307
https://audienceexposure.com/ HTTP 307
http://audienceexposure.com/ Page URL
http://audienceexposure.com/page/bouncy.php?&bpae=GbhGtL0aslx79bsvsfb%2F2ilnCmY8sbByeXh47PdTxFVALzKLI5gA... Page URL
http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c9... HTTP 307
https://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c9... HTTP 307
http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c9... Page URL
http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c9... HTTP 302
http://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY HTTP 307
https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY Page URL
https://stvwell.online/api/v1/pxcheck?impId=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY&minfo=eyJjb29r... HTTP 302
http://xml-v4.sitamedal4.online/click?seat=2698667&i=mAtoQNSnFYQ_0 HTTP 307
https://xml-v4.sitamedal4.online/click?seat=2698667&i=mAtoQNSnFYQ_0 HTTP 302
https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&c... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

88 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

3011 kB
Transfer

3271 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wke.qoelif.com/click
Title: Weiter!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://audienceexposure.com/ HTTP 307
https://audienceexposure.com/ HTTP 307
http://audienceexposure.com/ Page URL
http://audienceexposure.com/page/bouncy.php?&bpae=GbhGtL0aslx79bsvsfb%2F2ilnCmY8sbByeXh47PdTxFVALzKLI5gAOdy7rgtTdhb%2BXBnLHh7BPePO9cVVQEXiBQ6enWw1nbMbMhM8eQ0s4bvTDB8CVjkvEnv7YVIF%2BRPcIOffAbtX7S7nqnI%2BZvRdQAT7%2B%2BP%2B7M7e2Rn6Gkr%2FoiuHIX2Ft60CPf9JLUfDtjYpKEaIyZg0UmJaHvw%2FAC0GO%2BiitoRVIIX3uPOhuQdVip2J2O%2FgVc8KiWA6HXAzOc7G7MiJIQcQKqIwBTeHcJfJqc8ejsu%2FBK8LwKN4%2Fj7YCYC0%2BNzJ%2B%2FlYwu7tB906063WF5xyRxyAO03FHCR6KxW2HhGkoXNogENnZWbNL1%2FYqIZtsGluaRa%2B9C0CayRrhroQkV%2BtRhFBlBg%2FsMisQdY3qALnZildAVcwW0VpQqYOabzgbt3JxblGGp%2FsxZ6j2Os7se9BdBTdx67CwwzCOxsiZmW%2BY28CcWZ4r4xU4n4ayDonDQK0B2lTiW%2BboHi%2ByLciOE%2FBB%2Bt9bzEjVToSIS9%2FFiQQtp7GbdvrK%2BbcqJKmNEy%2FNCcnr2kQSblVv6G7V8hSvIctQRnNAJOygLB0ZJmFsiAlk464&redirectType=js&inIframe=false&inPopUp=false Page URL
http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed HTTP 307
https://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed HTTP 307
http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed Page URL
http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy HTTP 302
http://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY HTTP 307
https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY Page URL
https://stvwell.online/api/v1/pxcheck?impId=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vc3R2d2VsbC5vbmxpbmUvYXBpL3YxL3B4P3htbGlkPU12b3QxREZxU0ZXM3hXZlQxZG1lNUk3Y3lmb08xaG5pRldZVmNhY1kiLCJkZXZpY2VTcmVlblNpemUiOiIxMjAweDE2MDAiLCJkZXZpY2VXaW5kb3dTaXplIjoiMTIwMHgxNjAwIiwid25kMnNyY1JhdGlvTHdyMDYiOmZhbHNlLCJlZmZlY3RpdmVUeXBlIjoiNGciLCJpc0JvdCI6Im9mZiJ9 HTTP 302
http://xml-v4.sitamedal4.online/click?seat=2698667&i=mAtoQNSnFYQ_0 HTTP 307
https://xml-v4.sitamedal4.online/click?seat=2698667&i=mAtoQNSnFYQ_0 HTTP 302
https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://audienceexposure.com/ HTTP 307
https://audienceexposure.com/ HTTP 307
http://audienceexposure.com/

Request Chain 2

http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed HTTP 307
https://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed HTTP 307
http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed

Request Chain 3

http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy HTTP 302
http://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY HTTP 307
https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ audienceexposure.com/ Redirect Chain http://audienceexposure.com/ https://audienceexposure.com/ http://audienceexposure.com/	3 KB 3 KB	477ms 476ms	Document text/html	72.52.179.174 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://audienceexposure.com/ Protocol HTTP/1.1 Server 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS lb01.parklogic.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Cache-Control no-cache Connection Keep-Alive Content-Length 2632 Content-Type text/html; charset=UTF-8 Date Mon, 29 Apr 2024 09:34:28 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16 Redirect headers Location http://audienceexposure.com/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	bouncy.php audienceexposure.com/page/	1 KB 1 KB	171ms 169ms	Document text/html	72.52.179.174 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://audienceexposure.com/page/bouncy.php?&bpae=GbhGtL0aslx79bsvsfb%2F2ilnCmY8sbByeXh47PdTxFVALzKLI5gAOdy7rgtTdhb%2BXBnLHh7BPePO9cVVQEXiBQ6enWw1nbMbMhM8eQ0s4bvTDB8CVjkvEnv7YVIF%2BRPcIOffAbtX7S7nqnI%2BZvRdQAT7%2B%2BP%2B7M7e2Rn6Gkr%2FoiuHIX2Ft60CPf9JLUfDtjYpKEaIyZg0UmJaHvw%2FAC0GO%2BiitoRVIIX3uPOhuQdVip2J2O%2FgVc8KiWA6HXAzOc7G7MiJIQcQKqIwBTeHcJfJqc8ejsu%2FBK8LwKN4%2Fj7YCYC0%2BNzJ%2B%2FlYwu7tB906063WF5xyRxyAO03FHCR6KxW2HhGkoXNogENnZWbNL1%2FYqIZtsGluaRa%2B9C0CayRrhroQkV%2BtRhFBlBg%2FsMisQdY3qALnZildAVcwW0VpQqYOabzgbt3JxblGGp%2FsxZ6j2Os7se9BdBTdx67CwwzCOxsiZmW%2BY28CcWZ4r4xU4n4ayDonDQK0B2lTiW%2BboHi%2ByLciOE%2FBB%2Bt9bzEjVToSIS9%2FFiQQtp7GbdvrK%2BbcqJKmNEy%2FNCcnr2kQSblVv6G7V8hSvIctQRnNAJOygLB0ZJmFsiAlk464&redirectType=js&inIframe=false&inPopUp=false Requested by Host: audienceexposure.com URL: http://audienceexposure.com/ Protocol HTTP/1.1 Server 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS lb01.parklogic.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer http://audienceexposure.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Cache-Control no-cache Connection Keep-Alive Content-Length 1078 Content-Type text/html; charset=UTF-8 Date Mon, 29 Apr 2024 09:34:29 GMT Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16
GET H/1.1	200 OK	feed 9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/ Redirect Chain http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed https://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed	3 KB 2 KB	515ms 515ms	Document text/html	139.177.202.97 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed Requested by Host: audienceexposure.com URL: http://audienceexposure.com/page/bouncy.php?&bpae=GbhGtL0aslx79bsvsfb%2F2ilnCmY8sbByeXh47PdTxFVALzKLI5gAOdy7rgtTdhb%2BXBnLHh7BPePO9cVVQEXiBQ6enWw1nbMbMhM8eQ0s4bvTDB8CVjkvEnv7YVIF%2BRPcIOffAbtX7S7nqnI%2BZvRdQAT7%2B%2BP%2B7M7e2Rn6Gkr%2FoiuHIX2Ft60CPf9JLUfDtjYpKEaIyZg0UmJaHvw%2FAC0GO%2BiitoRVIIX3uPOhuQdVip2J2O%2FgVc8KiWA6HXAzOc7G7MiJIQcQKqIwBTeHcJfJqc8ejsu%2FBK8LwKN4%2Fj7YCYC0%2BNzJ%2B%2FlYwu7tB906063WF5xyRxyAO03FHCR6KxW2HhGkoXNogENnZWbNL1%2FYqIZtsGluaRa%2B9C0CayRrhroQkV%2BtRhFBlBg%2FsMisQdY3qALnZildAVcwW0VpQqYOabzgbt3JxblGGp%2FsxZ6j2Os7se9BdBTdx67CwwzCOxsiZmW%2BY28CcWZ4r4xU4n4ayDonDQK0B2lTiW%2BboHi%2ByLciOE%2FBB%2Bt9bzEjVToSIS9%2FFiQQtp7GbdvrK%2BbcqJKmNEy%2FNCcnr2kQSblVv6G7V8hSvIctQRnNAJOygLB0ZJmFsiAlk464&redirectType=js&inIframe=false&inPopUp=false Protocol HTTP/1.1 Server 139.177.202.97 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 139-177-202-97.ip.linodeusercontent.com Software nginx/1.14.2 / Resource Hash Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer http://audienceexposure.com/page/bouncy.php?&bpae=GbhGtL0aslx79bsvsfb%2F2ilnCmY8sbByeXh47PdTxFVALzKLI5gAOdy7rgtTdhb%2BXBnLHh7BPePO9cVVQEXiBQ6enWw1nbMbMhM8eQ0s4bvTDB8CVjkvEnv7YVIF%2BRPcIOffAbtX7S7nqnI%2BZvRdQAT7%2B%2BP%2B7M7e2Rn6Gkr%2FoiuHIX2Ft60CPf9JLUfDtjYpKEaIyZg0UmJaHvw%2FAC0GO%2BiitoRVIIX3uPOhuQdVip2J2O%2FgVc8KiWA6HXAzOc7G7MiJIQcQKqIwBTeHcJfJqc8ejsu%2FBK8LwKN4%2Fj7YCYC0%2BNzJ%2B%2FlYwu7tB906063WF5xyRxyAO03FHCR6KxW2HhGkoXNogENnZWbNL1%2FYqIZtsGluaRa%2B9C0CayRrhroQkV%2BtRhFBlBg%2FsMisQdY3qALnZildAVcwW0VpQqYOabzgbt3JxblGGp%2FsxZ6j2Os7se9BdBTdx67CwwzCOxsiZmW%2BY28CcWZ4r4xU4n4ayDonDQK0B2lTiW%2BboHi%2ByLciOE%2FBB%2Bt9bzEjVToSIS9%2FFiQQtp7GbdvrK%2BbcqJKmNEy%2FNCcnr2kQSblVv6G7V8hSvIctQRnNAJOygLB0ZJmFsiAlk464&redirectType=js&inIframe=false&inPopUp=false Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Mon, 29 Apr 2024 09:34:33 GMT server nginx/1.14.2 transfer-encoding chunked Redirect headers Location http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed Non-Authoritative-Reason HttpsUpgrades
GET H2	200	px stvwell.online/api/v1/ Redirect Chain http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy http://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY	2 KB 1 KB	388ms 136ms	Document text/html	3.33.192.145 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY Requested by Host: audienceexposure.com URL: http://audienceexposure.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.192.145 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ab226b763647f1870.awsglobalaccelerator.com Software / Resource Hash Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer http://9525.abcantri.xyz/match-9525/92091/257177503/1714383269/mf_bbf125b5-1909-4542-8d1c-5f9ed1aa7c90/YXBpeDM0LWF1ZGllbmNlZXhwb3N1cmUuY29tfEdWUDRTVURRQjQ0OTQ3RkoxWjIzU1czUnwxNjQy/feed Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Mon, 29 Apr 2024 09:34:33 GMT etag W/"8ad-9HVg+MVbSwlUXoTWkF5CTgUZGJI" vary Accept-Encoding Redirect headers Location https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY Non-Authoritative-Reason HttpsUpgrades
GET H2	200	stormcaster.js cdn.perfdrive.com/advanced/	237 KB 89 KB	630ms 29ms	Script application/javascript	130.211.29.114 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.perfdrive.com/advanced/stormcaster.js Requested by Host: stvwell.online URL: https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 114.29.211.130.bc.googleusercontent.com Software nginx/1.10.1 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://stvwell.online/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 08:38:23 GMT content-encoding gzip via 1.1 google last-modified Mon, 15 Apr 2024 07:46:16 GMT server nginx/1.10.1 age 3371 etag W/"661cdb48-3b565" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600,public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 90756
GET H2	200	Primary Request / Show response datevane.com/ms/ Redirect Chain https://stvwell.online/api/v1/pxcheck?impId=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZW... http://xml-v4.sitamedal4.online/click?seat=2698667&i=mAtoQNSnFYQ_0 https://xml-v4.sitamedal4.online/click?seat=2698667&i=mAtoQNSnFYQ_0 https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunri...	5 KB 2 KB	794ms 342ms	Document text/html	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Requested by Host: stvwell.online URL: https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58dc169743ed5881dd67e2718563ade3278bc444e2ea4d55bcf05ada6a9bb44d` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://stvwell.online/api/v1/px?xmlid=Mvot1DFqSFW3xWfT1dme5I7cyfoO1hniFWYVcacY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status DYNAMIC cf-ray 87be4c12ce633609-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 29 Apr 2024 09:34:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2Fw5nYt5f2lcHkz5XnGNPqezLfjJ8Pp0tsErsHtPULKEtCjPHJDCrXQtFwc7K3SiyxY4cjj2kWsICAMlaweNQ3LrXTznFZkdgRIO1u9BLejVV4iBKvZOsLgrgiUjwew%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Accept-CH Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model Cache-Control no-store Connection keep-alive Content-Length 0 Date Mon, 29 Apr 2024 09:34:35 GMT Location https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Server nginx
POST H2	200	jsdata cas.avalon.perfdrive.com/	360 B 514 B	170ms 45ms	XHR text/plain	35.241.15.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cas.avalon.perfdrive.com/jsdata? Requested by Host: cdn.perfdrive.com URL: https://cdn.perfdrive.com/advanced/stormcaster.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.15.241.35.bc.googleusercontent.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://stvwell.online/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * x-response-time 0ms date Mon, 29 Apr 2024 09:34:34 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 360 content-type text/plain; charset=UTF-8
POST H2	200	jsdata cas.avalon.perfdrive.com/	255 B 318 B	181ms 59ms	XHR text/plain	35.241.15.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cas.avalon.perfdrive.com/jsdata? Requested by Host: cdn.perfdrive.com URL: https://cdn.perfdrive.com/advanced/stormcaster.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.15.241.35.bc.googleusercontent.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://stvwell.online/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * x-response-time 0ms date Mon, 29 Apr 2024 09:34:34 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 255 content-type text/plain; charset=UTF-8
GET H2	200	jquery_002.js Show response datevane.com/ms/js/	94 KB 34 KB	69ms 65ms	Script application/javascript	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/js/jquery_002.js Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:36 GMT content-encoding br cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"66069edf-1762a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=005YAoOFKSv1WTavqUz15tQbAtYoBE1vwjB7DaLgUxhGfe%2BUUwiM7pFcsEPijIHqG3BuuCrdCK0QwLLfkQGL9FOYILjMTVcPiiZ7BpatK2AHaKRBYkFlpqzZXi%2BqTIk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 87be4c184dc43609-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery-migrate.html Show response datevane.com/ms/j/	315 B 509 B	132ms 129ms	Script text/html	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/j/jquery-migrate.html Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:36 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 29 Mar 2024 10:58:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86MhR9QVoHVRWenj8r5zoeoa8p6L3ONcRQmHM4%2FyMxuf7qp%2BIqJWR1jEtDh9KahBx%2BgSU1qZICj6IBkSTR5K3C3ccAwBaswVafjMpmZ8WiyAtbIWDQqmlpl2O4IcZsc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 87be4c184dc93609-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jqueryc4ca.js Show response datevane.com/ms/js/	3 KB 1 KB	80ms 77ms	Script application/javascript	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/js/jqueryc4ca.js?1 Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0026a9108e68ab350704ce0a3055b97aec0aa5890c6b1b98e57d2b4d74f0a64e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:36 GMT content-encoding br cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"66069edd-b74" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUCSEvjDUQ9FcONmuh3yfg3nPS4ulEnFoHhH3dr5vEhkccbbeBa7bEnlw0WkdZncYOqAqnaPfIPnN%2FwHFQCMHmLSi%2Br3zxIxYssGjv6u8MWjNZGX7L3SaUu5gZYroPs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 87be4c184dcb3609-FRA alt-svc h3=":443"; ma=86400
GET H2	200	custom1c81e.js Show response datevane.com/ms/js/	1 KB 817 B	65ms 62ms	Script application/javascript	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/js/custom1c81e.js?2 Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e2bfc581641af55a2ac1575ed1fd832b5cfa8c3598aed07581a4957daf46104d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:36 GMT content-encoding br cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"66069edd-5f5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDnn%2FSFuwwBovqXDlzp45L7j%2Fg4WQIi7ysR1ez0AP3stzIL%2FLF2UBsjhVgwwiIY4jTXLwp%2FQBfQkZ4KnglswnoXh3tdP9vddyJJh13e8z5dLixqXptX8Ei00LXLXYvs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 87be4c184dcd3609-FRA alt-svc h3=":443"; ma=86400
GET H2	200	base.css datevane.com/ms/css/	10 KB 3 KB	54ms 51ms	Stylesheet text/css	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/css/base.css Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `796bdce73bbd649ed63f009954f01d0ac0f8e3b33baed8782b314b2c69db5589` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:36 GMT content-encoding br cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"66069ec8-26f1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4USv2D2P%2FxR9i7Sj6VwalCVnp1V2Z2ulWz5zh%2FIvijN08UW%2BV1rFUYXUKYbEg0taC7wkcgR%2FhxnrRmIsbEpwWPKbu%2BhYeyM0FYqo%2FSUeqT2SDloqekSQN96%2B5QzBGSo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 87be4c184dc03609-FRA alt-svc h3=":443"; ma=86400
GET H2	200	style6512.css datevane.com/ms/css/	4 KB 1 KB	65ms 63ms	Stylesheet text/css	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/css/style6512.css?11 Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a91cc53726a1755daf8cc7bb352229f009b02b9d719b99035656c5c829449a97` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:36 GMT content-encoding br cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"66069ec8-10e7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWQ3OxwwVVblWO2jAi5FB0ALiWD4sl9izS99nK1X9lSYq2%2FMNPS2%2F7k1E%2BSlDW1jaNr0BLd%2FFBmGX7VL8xMq4g0PgckWzqeftEQI58zIXRdYNjhDmtLrCxWC4B%2FrcGE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 87be4c184dd03609-FRA alt-svc h3=":443"; ma=86400
GET H2	200	JAIA.js Show response zeniocloud.com/	598 B 773 B	538ms 121ms	Script text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zeniocloud.com/JAIA.js?sub1=lina4love.com Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a6e8d8c49989f97c5886e77588ee17a49fc8f5818e46750866f607a30ee0388f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:37 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 Apr 2024 09:30:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 223 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRKAxXSCfAgTrS1g08gccH7xwioO1I6wxIVI7a8T8ZB7PQ0j2pbz5jA%2F1IiSyuphbaD8d7vW36u07XDqdDNyA1WCsodykIbVEPsSILVXu3nfnsKf1IEsC38cRqxFVKFZqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87be4c1afd0b65dc-FRA alt-svc h3=":443"; ma=86400
GET H2	200	subs_window.js Show response static.production.push-sender.com/mng/	19 KB 5 KB	187ms 61ms	Script application/javascript	18.66.122.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.production.push-sender.com/mng/subs_window.js?ver=1710236770 Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-47.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `19ae427423f173c2919b25f1b287e2cbbfae4c0c8f4c45c23ba2f916ab465fb8` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 06:48:52 GMT content-encoding gzip via 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 14:25:55 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 9945 x-amz-server-side-encryption AES256 etag W/"2b3010e6d2440c83b9cfff48def5f0c1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id rRcutIvQsGyiSG_0TnWWYw8rzTgeyTh8WXeRTM2fY8kZfgw3vmO-Aw==
GET H2	200	subs_window.css static.production.push-sender.com/mng/	7 KB 2 KB	185ms 59ms	Stylesheet text/css	18.66.122.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.production.push-sender.com/mng/subs_window.css?ver=1710236770 Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-47.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `1b5afe8e6975d7c5970d6a7fb37bff4d0162e35baddbd37c8149c40a549e49d0` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 02:47:47 GMT content-encoding gzip via 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 14:25:55 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 24862 x-amz-server-side-encryption AES256 etag W/"adb85744f96b502ad68d63ede0adcd4e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id Wv9QE7I_Ur_hOeHN-n3x9STVRwobEZVGRtvF9GqLhE9uCoyknPMOGA==
GET H2	200	init.min.js Show response static.production.push-sender.com/mng/channels/	27 KB 5 KB	195ms 70ms	Script application/javascript	18.66.122.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.production.push-sender.com/mng/channels/init.min.js?ver=1710236770 Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-47.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `09c57ca60b3ff9fc47a5cf1b9c5eb52017bb130a3347af01be1d05ab1f7f91a0` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 05:20:42 GMT content-encoding gzip via 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 14:25:55 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 15379 x-amz-server-side-encryption AES256 etag W/"8853549c3d94b135cff7696e087dc08f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id kboi_vIZ_lIeegr6-_hSxCPtT55FDpTJ-pdHx_2GNMYALD4pM20OMw==
GET H2	200	load.gif datevane.com/ms/images/	6 KB 6 KB	79ms 78ms	Image image/gif	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://datevane.com/ms/images/load.gif Requested by Host: datevane.com URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:36 GMT cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag "66069ed3-16cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GMcL2DGjjgJJ5zjOBh7flE67yiw4o9TstHtB9R16hXHZ8FJJnsqd8fFdHkStHKNOJewL7cQD7FcXbplADCHkAjkv%2BO3jYlbUvpkW8vxSfhQ8kWBansHc1AnTxhwOl54%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 87be4c184dd23609-FRA alt-svc h3=":443"; ma=86400 content-length 5837
GET H2	200	JAIA.js Show response alexatracker.com/jscode/	0 660 B	1915ms 920ms	Script application/json	172.67.204.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alexatracker.com/jscode/JAIA.js?sub1=lina4love.com&sub2=&sub3=&sub4=&sub5=&prid= Requested by Host: zeniocloud.com URL: https://zeniocloud.com/JAIA.js?sub1=lina4love.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.204.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 29 Apr 2024 09:34:38 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2zVt2e6imLdsgCbidstzJLjK9UaJd3bRaR3EbT7mP5%2BP6V4wJE9SoXc90ITgFJydR7p%2FOKonc0cUfpCPgonmh8gLiquK9c6m8tke2XhEyjMXSr7HngCGpdX2SsDlp%2BhGy%2FL"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=UTF-8 cache-control no-cache, no-store, must-revalidate accept-ranges bytes cf-ray 87be4c21fd6d4d44-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	200	bg.webp datevane.com/ms/images/	3 MB 3 MB	50ms 49ms	Image image/webp	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://datevane.com/ms/images/bg.webp Requested by Host: datevane.com URL: https://datevane.com/ms/css/style6512.css?11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f0b2adbbc9f7388faef57b3f67de4873796ff469fea41237bc065284d915f19e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/css/style6512.css?11 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:37 GMT cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 441 etag "66069ed8-286790" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49IDQnycdPzJmGC49zfFHzlW5HCbgvA9zbJfR%2F1%2BBcThJXKaWFJ1sG5iwhgKQRqylqH%2BXx6r4SVYaPj8ms0z9yOQMDwQMpku7rlwpfP10pVhizpGns3bW%2FLnBecIx9g%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 87be4c1baab13609-FRA alt-svc h3=":443"; ma=86400 content-length 2647952
GET H2	200	centurygothic_bold.ttf datevane.com/ms/css/fonts/	127 KB 127 KB	699ms 696ms	Font application/octet-stream	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/css/fonts/centurygothic_bold.ttf Requested by Host: datevane.com URL: https://datevane.com/ms/css/style6512.css?11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `90cb613b492874a560c0ff18a3402b1d24fb7e846dff11295d5c4644d6c75e83` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/css/style6512.css?11 Origin https://datevane.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:37 GMT cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 441 etag "66069ece-1fa8c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVSSXJmV9p%2FY%2BDnF%2B9Yn9E5tJxJYu5NHwgncz2IZKZSByuwldeqeuF7ii8AJT74RWGJDAJZ1LZlQH7qF4uEwlnFOa5Op08jreq3gmZBIuRsTawnAeshcPazYM%2FuYm3s%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 87be4c1bfb073609-FRA alt-svc h3=":443"; ma=86400 content-length 129676
GET H2	200	centurygothic.ttf datevane.com/ms/css/fonts/	134 KB 135 KB	723ms 722ms	Font application/octet-stream	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/ms/css/fonts/centurygothic.ttf Requested by Host: datevane.com URL: https://datevane.com/ms/css/style6512.css?11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a9cbb5d75b2a2b0d22dc94571608e4e9dc7b88e825374985880c5722c1c9e5f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/css/style6512.css?11 Origin https://datevane.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:37 GMT cf-cache-status HIT last-modified Fri, 29 Mar 2024 10:58:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 441 etag "66069ece-21960" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fyBawNUWuQbfHl7NhnZ4yvdK5f%2BIN%2BoDZupkCdnFEncuN6cwPskmYdutXfmqmhek4CO5McfNwQIKD2ZUtv8yAJypE%2FVjRrzT2b56R1r8jPP%2BTZWEOWef3WMvTcojx0%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 87be4c1bfb093609-FRA alt-svc h3=":443"; ma=86400 content-length 137568
GET H2	404	favicon.ico datevane.com/	564 B 440 B	305ms 305ms	Other text/html	172.67.142.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://datevane.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 09:34:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2Foot4Ztc9ZgF2ec1Ic2uX9PUE54OHDy%2BkZIW%2BLyLFsPI1oZE0P9PJWnM7AA3TYMsySIM8nPg2iZ7WzwFqmgfjmpIt%2BDo2hsB7WHtNmNF7cJwU42hTL2F6rlSUDBPNM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 87be4c283ba53609-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stvwell.online/	1970-01-21 00:32:15	Name: __ssds Value: 2
.stvwell.online/	1970-01-21 00:32:15	Name: __ssuzjsr2 Value: a9be3cd8e
.stvwell.online/	1970-01-21 00:32:15	Name: __uzmaj2 Value: 21b45d2f-6185-41c5-a354-36f5ca435240
.stvwell.online/	1970-01-21 00:32:15	Name: __uzmbj2 Value: 1714383274
.stvwell.online/	1970-01-21 00:32:15	Name: __uzmcj2 Value: 829061067145
.stvwell.online/	1970-01-21 00:32:15	Name: __uzmdj2 Value: 1714383274
.stvwell.online/	1970-01-21 00:32:15	Name: __uzmlj2 Value: YSCA73Pq0HQZgXMl2TvAjG2fJNQJ97U2GldVpSV1Z3k=
.stvwell.online/	1970-01-21 00:32:15	Name: __uzmfj2 Value: 7f6000abcdd4aa-56f6-4832-84ce-605995c5292c17143832747110-cad25c0cc8dd81c210
alexatracker.com/	1970-01-21 05:49:03	Name: trbarid Value: 2f7bc8405bffbe2dea0665392d6dc2d486326e6e41b29b2614c4e79f8966ab13a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A4717502310529329582%3B%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	URL: https://datevane.com/ms/?bid=0.04&conversion=zzlNeih9GEk&source_subid=64dc65edfefea9b901ddfb3ac&campaign=1203156&search_referrer_domain=audienceexposure.com&query=audienceexposure.com&carrier=Sunrise&state=sz&banner=6124913&ip=84.227.76.139 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://datevane.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9525.abcantri.xyz
alexatracker.com
audienceexposure.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
datevane.com
static.production.push-sender.com
stvwell.online
xml-v4.sitamedal4.online
zeniocloud.com
130.211.29.114
139.177.202.97
172.67.142.136
172.67.204.112
173.239.53.32
18.66.122.47
188.114.97.3
3.33.192.145
35.241.15.240
72.52.179.174
0026a9108e68ab350704ce0a3055b97aec0aa5890c6b1b98e57d2b4d74f0a64e
09c57ca60b3ff9fc47a5cf1b9c5eb52017bb130a3347af01be1d05ab1f7f91a0
19ae427423f173c2919b25f1b287e2cbbfae4c0c8f4c45c23ba2f916ab465fb8
1b5afe8e6975d7c5970d6a7fb37bff4d0162e35baddbd37c8149c40a549e49d0
3a9cbb5d75b2a2b0d22dc94571608e4e9dc7b88e825374985880c5722c1c9e5f
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
58dc169743ed5881dd67e2718563ade3278bc444e2ea4d55bcf05ada6a9bb44d
796bdce73bbd649ed63f009954f01d0ac0f8e3b33baed8782b314b2c69db5589
90cb613b492874a560c0ff18a3402b1d24fb7e846dff11295d5c4644d6c75e83
a6e8d8c49989f97c5886e77588ee17a49fc8f5818e46750866f607a30ee0388f
a91cc53726a1755daf8cc7bb352229f009b02b9d719b99035656c5c829449a97
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a
e2bfc581641af55a2ac1575ed1fd832b5cfa8c3598aed07581a4957daf46104d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0b2adbbc9f7388faef57b3f67de4873796ff469fea41237bc065284d915f19e

datevane.com Open in urlscan Pro 172.67.142.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

88 %HTTPS

0 %IPv6

9 Domains

10 Subdomains

9 IPs

2 Countries

3011 kBTransfer

3271 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

9 Cookies

3 Console Messages

Indicators

datevane.com Open in urlscan Pro
172.67.142.136 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

88 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

3011 kB
Transfer

3271 kB
Size

9
Cookies

24 HTTP transactions
0 data transactions