agent.southernfidelityins.com Open in urlscan Pro
20.118.138.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://agent.southernfidelityins.com/
Submission: On December 22 via manual (December 22nd 2022, 3:25:56 pm UTC) from IN — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 24 HTTP transactions. The main IP is 20.118.138.136, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is agent.southernfidelityins.com.

This is the only time agent.southernfidelityins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	20.118.138.136 20.118.138.136	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eae5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:bbee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.155.120.143 45.155.120.143	35277 (LLHOST-IN...) (LLHOST-INC-SRL)
1	2a00:1450:400... 2a00:1450:400d:803::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	103.254.145.148 103.254.145.148	23620 (DMM DMM.c...) (DMM DMM.com LLC)
1	2a04:4e42:8e:... 2a04:4e42:8e::159	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	12

9 20.118.138.136 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

agent.southernfidelityins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eae5 (United States)

ASN13335 (CLOUDFLARENET, US)

lp.cutefans.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:bbee (United States)

ASN13335 (CLOUDFLARENET, US)

tg.onedragon.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.155.120.143 (Haarlem, Netherlands)

ASN35277 (LLHOST-INC-SRL, RO)
PTR: push-eu-gr3-02.texdom.org

cleardating.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:151 (United States)

ASN13335 (CLOUDFLARENET, US)

is1.sh-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.254.145.148 (Japan)

ASN23620 (DMM DMM.com LLC, JP)
PTR: 103x254x145x148

pics.dmm.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

komiksy.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	southernfidelityins.com agent.southernfidelityins.com	151 KB
3	gstatic.com fonts.gstatic.com	86 KB
3	cleardating.top cleardating.top	29 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com — Cisco Umbrella Rank: 37	31 KB
1	komiksy.me komiksy.me
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 762	224 KB
1	dmm.co.jp pics.dmm.co.jp — Cisco Umbrella Rank: 138747	96 KB
1	sh-cdn.com is1.sh-cdn.com — Cisco Umbrella Rank: 969103	307 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 82	103 KB
1	onedragon.win tg.onedragon.win	1 KB
1	cutefans.win lp.cutefans.win — Cisco Umbrella Rank: 736081	1000 B
24	11

	Domain	Requested by
9	agent.southernfidelityins.com	agent.southernfidelityins.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cleardating.top	tg.onedragon.win cleardating.top
1	komiksy.me
1	pbs.twimg.com	agent.southernfidelityins.com
1	pics.dmm.co.jp	agent.southernfidelityins.com
1	fonts.googleapis.com	cleardating.top
1	is1.sh-cdn.com	agent.southernfidelityins.com
1	i.ytimg.com	agent.southernfidelityins.com
1	tg.onedragon.win	agent.southernfidelityins.com
1	lp.cutefans.win	agent.southernfidelityins.com
1	ajax.googleapis.com	agent.southernfidelityins.com
24	12

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-06` - `2023-02-05`	a year	crt.sh
cleardating.top R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.dmm.co.jp GlobalSign RSA OV SSL CA 2018	`2022-05-03` - `2023-06-04`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.komiksy.me E1	`2022-11-07` - `2023-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://agent.southernfidelityins.com/
Frame ID: 70390908DCF543C4E5481CAF29C060E5
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Noch besser als dich zur mama zu haben ist dass mein kind dich als oma haben

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

58 %
HTTPS

75 %
IPv6

11
Domains

12
Subdomains

12
IPs

5
Countries

1029 kB
Transfer

1098 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
agent.southernfidelityins.com/ 18 KB
4 KB 880ms
161ms Document
text/html 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 / PHP/8.0.25
Resource Hash: b07a376b4c0038e3f857340fd103c7b6ee56f511d6249a866b20af3811d56453

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Dec 2022 15:25:50 GMT
Server: nginx/1.22.1
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.25

GET
H/1.1 200
OK style.min.css
agent.southernfidelityins.com/ 81 KB
81 KB 157ms
156ms Stylesheet
text/css 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/style.min.css
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: a0b7d17c655e775b574c33b45d219eccdb14b6b830d5e87a94d0268e6700f346

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sat, 17 Dec 2022 03:50:56 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "639d3ca0-144e3"
Content-Length: 83171
Content-Type: text/css

GET
H/1.1 200
OK css.css
agent.southernfidelityins.com/ 9 KB
9 KB 293ms
154ms Stylesheet
text/css 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/css.css
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 7c4589df9d5590b59b8be3476550df83cba3bdacdc3f408ef2f477f31ff0ba5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sat, 17 Dec 2022 03:50:56 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "639d3ca0-249e"
Content-Length: 9374
Content-Type: text/css

GET
H/1.1 200
OK style.css
agent.southernfidelityins.com/ 45 KB
46 KB 312ms
169ms Stylesheet
text/css 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/style.css
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: bd7f91a7b686ad3aa33f17b1b702ea7fce742cc520eed0d0ae6a11d702dc33ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sat, 17 Dec 2022 03:50:56 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "639d3ca0-b540"
Content-Length: 46400
Content-Type: text/css

GET
H/1.1 200
OK style-frontend.css
agent.southernfidelityins.com/ 911 B
1 KB 321ms
176ms Stylesheet
text/css 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/style-frontend.css
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sat, 17 Dec 2022 03:50:56 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "639d3ca0-38f"
Content-Length: 911
Content-Type: text/css

GET
H/1.1 200
OK ecae-buttonskin-none.css
agent.southernfidelityins.com/ 304 B
517 B 330ms
184ms Stylesheet
text/css 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/ecae-buttonskin-none.css
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sat, 17 Dec 2022 03:50:56 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "639d3ca0-130"
Content-Length: 304
Content-Type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 03:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 03:06:20 GMT

GET
H/1.1 200
OK jquery.lazyload.js Show response
agent.southernfidelityins.com/js/ 9 KB
9 KB 325ms
179ms Script
application/javascript 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/js/jquery.lazyload.js
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 975da8d895d45c00422e72e16e66ecb493035db188913c3efd40ea7c9e156b79

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sat, 17 Dec 2022 03:50:56 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "639d3ca0-23cc"
Content-Length: 9164
Content-Type: application/javascript

GET
H2 200 popunder.js Show response
lp.cutefans.win/js/ 812 B
1000 B 76ms
24ms Script
application/javascript 2606:4700:3038::6815:eae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cutefans.win/js/popunder.js
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:25:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 12:38:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3555
etag: W/"60a506d8-32c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPpd3im%2Fo0OZM95ga6xEAikJApR%2BR7YN%2F5r1Q0qBFve16%2Fd%2FyXLDrB6CXJxkmRxX0LkFZHnNnZURisaVPCZEqFZfsZe7rRMCKMdPnOieUlarkvX%2FryfYAPq1wcO%2BADeSvIPlvSk4RXuUWbHRG5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, no-transform
cf-ray: 77d9df551a7f9a18-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK pops Show response
tg.onedragon.win/ 192 B
1 KB 102ms
73ms Script
application/javascript 2606:4700:3033::ac43:bbee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tg.onedragon.win/pops
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:bbee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2acf023ccac3dd3bc1eec2957eeeb404eda647e912b67b4f5fd596e2777e06fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Dec 2022 15:25:50 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: *
Content-Type: application/javascript; charset=utf-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bryL9cX70%2FvzyHXiBAwrBV86BV2XzHIiGtMEDQIK%2Bp0Zv08eulxOzc7MNe6vjRdHcBI%2Ff7qkRTkWcW7S6aIi%2BWLfN81%2B%2BNQVEhc5hf3dCIU2qrnZr2YHqBnprGXdTbUxLio7zFmTNSntXO477UVZ"}],"group":"cf-nel","max_age":604800}
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 77d9df54fda09036-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: 0

GET
H/1.1 200
OK p.js Show response
cleardating.top/js/push/ 19 KB
19 KB 145ms
89ms Script
application/javascript 45.155.120.143
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to

Full URL: https://cleardating.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1
Requested by: Host: tg.onedragon.win
URL: http://tg.onedragon.win/pops
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.155.120.143 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: push-eu-gr3-02.texdom.org
Software: nginx /
Resource Hash: d112be22f5670582cbff8333b8999be4197939dc64eeaa1b3ebb89a4ebdce379

Request headers

Referer: http://agent.southernfidelityins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sun, 12 Jul 2020 15:13:32 GMT
Server: nginx
ETag: "5f0b289c-4a20"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18976

GET
H/1.1 200
OK style.css
cleardating.top/js/push/ 7 KB
7 KB 15ms
15ms Stylesheet
text/css 45.155.120.143
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to

Full URL: https://cleardating.top/js/push/style.css
Requested by: Host: cleardating.top
URL: https://cleardating.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.155.120.143 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: push-eu-gr3-02.texdom.org
Software: nginx /
Resource Hash: a02d23216c6457f31398e32ee141cc2ac5dc02597897f3ea4b2c213bcba7deb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:50 GMT
Last-Modified: Sun, 20 Dec 2020 20:01:56 GMT
Server: nginx
ETag: "5fdfadb4-1b84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7044

GET
H/1.1 404
Not Found memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
agent.southernfidelityins.com/ 0
0 145ms
144ms Font
text/html 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/css.css
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

Referer: http://agent.southernfidelityins.com/css.css
Origin: http://agent.southernfidelityins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:51 GMT
Content-Encoding: gzip
Server: nginx/1.22.1
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 404
Not Found memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
agent.southernfidelityins.com/ 0
0 152ms
152ms Font
text/html 20.118.138.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://agent.southernfidelityins.com/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/css.css
Protocol: HTTP/1.1
Server: 20.118.138.136 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

Referer: http://agent.southernfidelityins.com/css.css
Origin: http://agent.southernfidelityins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:51 GMT
Content-Encoding: gzip
Server: nginx/1.22.1
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/73FBvjNz1KE/ 102 KB
103 KB 196ms
48ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/73FBvjNz1KE/maxresdefault.jpg

Requested by

Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67d0af3c0e5dc85b473aa72f00fcf1f46b5a92e6711156ddf64a9796ba928494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:14:39 GMT
x-content-type-options: nosniff
age: 672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104957
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Dec 2022 17:14:39 GMT

GET
H2 200 giant_thumb_a382689f.png
is1.sh-cdn.com/images/2/f/d/7/279607/ 306 KB
307 KB 51ms
19ms Image
image/webp 2606:4700:20::681a:151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1.sh-cdn.com/images/2/f/d/7/279607/giant_thumb_a382689f.png
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4315013d615347c91ee481febdb8f133b7f3b29f1b493574af53eb698d7ab3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:25:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23442
cf-polished: origFmt=png, origSize=444731
content-disposition: inline; filename="giant_thumb_a382689f.webp"
x-backend-server: storage1
content-length: 312952
cf-bgj: imgq:100,h2pri
last-modified: Sat, 17 Apr 2021 13:03:58 GMT
server: cloudflare
etag: "607adcbe-6c93b"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtYhoHzNk8EKLEnySHKHi019HXNmCB0j1minWFgMF%2BYrGHVhAYRR%2Bcsz8lTTXpnNtkQym8ASivo8FzwRwqhbX6l8uC%2Bx16RRLpyUoT8pa1C%2ByDGvrKDc3buZtbhryps7%2BQ6Ro0mOQSlHYYuR"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 77d9df59dac390f2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 139ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Requested by

Host: cleardating.top
URL: https://cleardating.top/js/push/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccf51aecf26c713a061b5ac74a83d36cf71dfab5e9f767e768fbab450bdef1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cleardating.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 15:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 15:25:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 15:25:51 GMT

GET
H2 200 ipx00072jp-6.jpg
pics.dmm.co.jp/digital/video/ipx00072/ 96 KB
96 KB 976ms
241ms Image
image/jpeg 103.254.145.148
DMM DMM.com LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/digital/video/ipx00072/ipx00072jp-6.jpg
Requested by: Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.254.145.148 , Japan, ASN23620 (DMM DMM.com LLC, JP),
Reverse DNS: 103x254x145x148
Software: openresty /
Resource Hash: de36e7d6dc79bb215140ab33d5d276294fbdc80a54ac398ec032adf68a1875c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Thu, 22 Dec 2022 15:25:51 GMT
last-modified: Fri, 17 Nov 2017 00:29:21 GMT
server: openresty
etag: "5a0e2d61-18000"
x-cache-status: HIT
content-type: image/jpeg
accept-ranges: bytes
content-length: 98304

GET
H2 200 EVlrUnLXkAY1vVi.jpg
pbs.twimg.com/media/ 223 KB
224 KB 36ms
8ms Image
image/jpeg 2a04:4e42:8e::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EVlrUnLXkAY1vVi.jpg

Requested by

Host: agent.southernfidelityins.com
URL: http://agent.southernfidelityins.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b31815620f0d42a32abff50b7b1c58b8638d9e894336c3a5dc4dec421d489d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 22 Dec 2022 15:25:51 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 228804
x-served-by: cache-lhr7366-LHR, cache-hhn-etou8220079-HHN, cache-tw-ZZZ1
last-modified: Tue, 14 Apr 2020 19:44:13 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: abcf2c6f25267f43
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 212ms
96ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://agent.southernfidelityins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:50:55 GMT
x-content-type-options: nosniff
age: 246896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 18:50:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 162ms
47ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://agent.southernfidelityins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 11:59:19 GMT
x-content-type-options: nosniff
age: 98792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 11:59:19 GMT

GET
H2 404 xn--h1adbgjv4e.me_1638111068_porno-komiks-dedovshchina-harli--hazing-harley--sexgazer-seks-komiks-artov-i-kartinok-2021-11-27-142061120.WebP
komiksy.me/images/comics/ 0
0 405ms
225ms Image
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://komiksy.me/images/comics/xn--h1adbgjv4e.me_1638111068_porno-komiks-dedovshchina-harli--hazing-harley--sexgazer-seks-komiks-artov-i-kartinok-2021-11-27-142061120.WebP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK susan37_ico2.jpg
cleardating.top/js/push/images/ 3 KB
3 KB 130ms
130ms Image
image/jpeg 45.155.120.143
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cleardating.top/js/push/images/susan37_ico2.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.155.120.143 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: push-eu-gr3-02.texdom.org
Software: nginx /
Resource Hash: 73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://agent.southernfidelityins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:25:53 GMT
Last-Modified: Sun, 20 Dec 2020 18:28:50 GMT
Server: nginx
ETag: "5fdf97e2-b88"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2952

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 48ms
47ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://agent.southernfidelityins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 71573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:33:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			agent.southernfidelityins.com/dating.html	1969-12-31 23:59:59	Name: kxxxf Value: Noch%20besser%20als%20dich%20zur%20mama%20zu%20haben%20ist%20dass%20mein%20kind%20dich%20als%20oma%20haben
			.agent.southernfidelityins.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: a58ac17e90a47aad03818806040aeb04a6abc54a283e53176e58e3fd81c28201

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://tg.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tg.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tg.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cleardating.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://agent.southernfidelityins.com/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://agent.southernfidelityins.com/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://komiksy.me/images/comics/xn--h1adbgjv4e.me_1638111068_porno-komiks-dedovshchina-harli--hazing-harley--sexgazer-seks-komiks-artov-i-kartinok-2021-11-27-142061120.WebP Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agent.southernfidelityins.com
ajax.googleapis.com
cleardating.top
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
is1.sh-cdn.com
komiksy.me
lp.cutefans.win
pbs.twimg.com
pics.dmm.co.jp
tg.onedragon.win
103.254.145.148
20.118.138.136
2606:4700:20::681a:151
2606:4700:3033::ac43:bbee
2606:4700:3038::6815:eae5
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:1450:400d:803::2016
2a00:1450:400d:807::2003
2a04:4e42:8e::159
2a06:98c1:3121::c
45.155.120.143
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029
2acf023ccac3dd3bc1eec2957eeeb404eda647e912b67b4f5fd596e2777e06fb
4315013d615347c91ee481febdb8f133b7f3b29f1b493574af53eb698d7ab3f6
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3
67d0af3c0e5dc85b473aa72f00fcf1f46b5a92e6711156ddf64a9796ba928494
73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786
7c4589df9d5590b59b8be3476550df83cba3bdacdc3f408ef2f477f31ff0ba5f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
975da8d895d45c00422e72e16e66ecb493035db188913c3efd40ea7c9e156b79
9b31815620f0d42a32abff50b7b1c58b8638d9e894336c3a5dc4dec421d489d9
a02d23216c6457f31398e32ee141cc2ac5dc02597897f3ea4b2c213bcba7deb7
a0b7d17c655e775b574c33b45d219eccdb14b6b830d5e87a94d0268e6700f346
b07a376b4c0038e3f857340fd103c7b6ee56f511d6249a866b20af3811d56453
bd7f91a7b686ad3aa33f17b1b702ea7fce742cc520eed0d0ae6a11d702dc33ae
ccf51aecf26c713a061b5ac74a83d36cf71dfab5e9f767e768fbab450bdef1ec
d112be22f5670582cbff8333b8999be4197939dc64eeaa1b3ebb89a4ebdce379
de36e7d6dc79bb215140ab33d5d276294fbdc80a54ac398ec032adf68a1875c1
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

agent.southernfidelityins.com Open in urlscan Pro 20.118.138.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

58 %HTTPS

75 %IPv6

11 Domains

12 Subdomains

12 IPs

5 Countries

1029 kBTransfer

1098 kBSize

2 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

6 Console Messages

Indicators

agent.southernfidelityins.com Open in urlscan Pro
20.118.138.136 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

58 %
HTTPS

75 %
IPv6

11
Domains

12
Subdomains

12
IPs

5
Countries

1029 kB
Transfer

1098 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions