live-datingsforyou.com Open in urlscan Pro
5.101.45.6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://saferrbo.cf/
Effective URL:
https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Submission: On January 24 via automatic, source certstream-suspicious (January 24th 2022, 12:24:49 am UTC) — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 22 domains to perform 46 HTTP transactions. The main IP is 5.101.45.6, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is live-datingsforyou.com.
TLS certificate: Issued by R3 on January 18th 2022. Valid for: 3 months.

This is the only time live-datingsforyou.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3037::6815:5a30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.53.175.136 212.53.175.136	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
3	162.210.196.168 162.210.196.168	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 2	81.20.131.61 81.20.131.61	33984 (SURFPLANE...) (SURFPLANET-AS)
1	85.13.157.188 85.13.157.188	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	128.65.210.181 128.65.210.181	34309 (LINK11 Li...) (LINK11 Link11 GmbH)
1	104.111.250.159 104.111.250.159	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.72.26 192.0.72.26	2635 (AUTOMATTIC) (AUTOMATTIC)
1	62.138.238.103 62.138.238.103	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
2	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:aeaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
10	5.101.45.6 5.101.45.6	209813 (FASTCONTENT) (FASTCONTENT)
46	15

9 2606:4700:3037::6815:5a30 (United States)

ASN13335 (CLOUDFLARENET, US)

saferrbo.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.53.175.136 (Seevetal, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: admin.transcript-verlag.de

www.transcript-verlag.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.168 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

imyru.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.20.131.61 (Germany) 1 redirects

ASN33984 (SURFPLANET-AS, DE)
PTR: app02.vaybee.de

www.vaybee-shop.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.vaybee.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.157.188 (Neusalza-Spremberg, Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd39406.kasserver.com

www.frauenkennenlernen.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

img.zeit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.65.210.181 (Frankfurt am Main, Germany)

ASN34309 (LINK11 Link11 GmbH, DE)

www.spiegel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.250.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-159.deploy.static.akamaitechnologies.com

www.express.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

belgarathblog.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.138.238.103 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)

bilder.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aeaa (United States)

ASN13335 (CLOUDFLARENET, US)

algosit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 5.101.45.6 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

live-datingsforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	live-datingsforyou.com live-datingsforyou.com	322 KB
9	saferrbo.cf saferrbo.cf	65 KB
3	gstatic.com fonts.gstatic.com	74 KB
3	imyru.info imyru.info	478 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	algosit.com algosit.com	1 KB
1	t-online.de bilder.t-online.de — Cisco Umbrella Rank: 97851	60 KB
1	wordpress.com belgarathblog.files.wordpress.com
1	express.de www.express.de — Cisco Umbrella Rank: 168107
1	spiegel.de www.spiegel.de — Cisco Umbrella Rank: 17964	18 B
1	zeit.de img.zeit.de — Cisco Umbrella Rank: 121937	14 KB
1	frauenkennenlernen.org www.frauenkennenlernen.org	553 KB
1	vaybee.de www.vaybee.de
1	vaybee-shop.de 1 redirects www.vaybee-shop.de	281 B
1	transcript-verlag.de www.transcript-verlag.de	510 B
0	welt.de Failed img.welt.de Failed
0	sportschule-potsdam.de Failed www.sportschule-potsdam.de Failed
0	focus.de Failed p6.focus.de Failed
0	amofi.info Failed amofi.info Failed
0	bdsm-urlaub.info Failed www.bdsm-urlaub.info Failed
0	akady.info Failed akady.info Failed
0	augustowski.eu Failed augustowski.eu Failed
46	22

	Domain	Requested by
10	live-datingsforyou.com	algosit.com live-datingsforyou.com
9	saferrbo.cf	saferrbo.cf
3	fonts.gstatic.com	fonts.googleapis.com
3	imyru.info	saferrbo.cf
2	fonts.googleapis.com	saferrbo.cf live-datingsforyou.com
1	algosit.com	saferrbo.cf
1	bilder.t-online.de	saferrbo.cf
1	belgarathblog.files.wordpress.com	saferrbo.cf
1	www.express.de	saferrbo.cf
1	www.spiegel.de	saferrbo.cf
1	img.zeit.de	saferrbo.cf
1	www.frauenkennenlernen.org	saferrbo.cf
1	www.vaybee.de	saferrbo.cf
1	www.vaybee-shop.de	1 redirects
1	www.transcript-verlag.de	saferrbo.cf
0	img.welt.de Failed	saferrbo.cf
0	www.sportschule-potsdam.de Failed	saferrbo.cf
0	p6.focus.de Failed	saferrbo.cf
0	amofi.info Failed	saferrbo.cf
0	www.bdsm-urlaub.info Failed	saferrbo.cf
0	akady.info Failed	saferrbo.cf
0	augustowski.eu Failed	saferrbo.cf
46	22

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-24` - `2023-01-24`	a year	crt.sh
transcript-verlag.de R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
imyru.info R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
frauenkennenlernen.org R3	`2022-01-09` - `2022-04-09`	3 months	crt.sh
*.zeit.de GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-07` - `2023-02-08`	a year	crt.sh
www.spiegel.de Sectigo RSA Domain Validation Secure Server CA	`2021-10-12` - `2022-11-12`	a year	crt.sh
www.dumontnet.de DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2023-01-28`	a year	crt.sh
bilder.t-online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-04-20` - `2022-04-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
live-datingsforyou.com R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Frame ID: AFA439AA4F39843ABA64891C1F5C80AD
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zum scheissen heute Frauen aus deiner Umgebung

Page URL History Show full URLs

https://saferrbo.cf/ Page URL
https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

76 %
HTTPS

29 %
IPv6

22
Domains

22
Subdomains

15
IPs

4
Countries

1093 kB
Transfer

1360 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://saferrbo.cf/ Page URL
https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.vaybee-shop.de/channel/tuerkisch-maenner-collage.jpg HTTP 302
https://www.vaybee.de/channel/tuerkisch-maenner-collage.jpg

Request Chain 19

https://p5.focus.de/img/fotos/crop1032070/6132719957-w1200-h627-o-q75-p5/Tuerkische-Maenner.jpg HTTP 301
https://p6.focus.de/img/fotos/id_1032070/tuerkische-maenner.jpg?im=Resize%3D%281200%2C627%29&hash=671c47a80f9930711c7d996cea076459417a8714e89e8892eb77a5fbe17b92f6

Request Chain 22

https://www.welt.de/img/bildergalerien/mobile106484176/3502505967-ci102l-w1024/Gedenkfeier-fuer-Tuerkisches-Mordopfer-Kreuzberg.jpg HTTP 301
https://img.welt.de/img/bildergalerien/mobile106484176/3502505967-ci102l-w1024/Gedenkfeier-fuer-Tuerkisches-Mordopfer-Kreuzberg.jpg

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
saferrbo.cf/ 24 KB
7 KB 139ms
68ms Document
text/html 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0650134f150c3ec5ef9760ce3254e93675b0fd0275a93181593c194c1eec7129

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 03 Aug 2021 15:27:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQkdAR42mOlpO1Vs2Hx42W7zr0hcSV8dFFxJ9Tcewz6LTY8Wc48bYr8u0MX3CRnSxL5UpG0worbYQhtiSyAsfTCsqTdWGtR2ilQy0KeAIhzsjB63gBs7plMR1PiCF7M9FCZjAxKRXoLmgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d251ed65baef93b-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.css
saferrbo.cf/images/assets/css/ 32 KB
5 KB 79ms
78ms Stylesheet
text/css 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saferrbo.cf/images/assets/css/main.css
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Jan 2020 18:27:06 GMT
server: cloudflare
etag: W/"5e1cb67a-7f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbvDCdtKNu57OzFqqaJUGUKwzTlAarzx3%2FXEMmy7LWFRynczPSZ%2FMmwD2WCPP5093vrIStHa2PioJdRYgmnvJMMMbsuiUheiSkHiL5%2By1Y9vNlJCSDzsc9AYIoCQ%2BdJIzb4yextvBTq1PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d251ed6ec3cf93b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET 4242198238_kennenlernen-freiburg.jpg
augustowski.eu/images/ 0
0

GET
H/1.1 404
Not Found 9783933127877XcQykLnn3eaCZ_1280x1280.jpg
www.transcript-verlag.de/media/image/a0/e8/62/ 0
510 B 284ms
168ms Image
text/html 212.53.175.136
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.transcript-verlag.de/media/image/a0/e8/62/9783933127877XcQykLnn3eaCZ_1280x1280.jpg

Requested by

Host: saferrbo.cf
URL: https://saferrbo.cf/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

212.53.175.136 Seevetal, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),

Reverse DNS

admin.transcript-verlag.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 00:24:43 GMT
Server: Apache/2.4.25 (Debian)
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET 2042885717_japaner-in-deutschland-kennenlernen.jpg
akady.info/images/ 0
0

GET
H2 404 1179233840_wo-kann-man-deutsche-soldaten-kennenlernen.jpg
imyru.info/images/ 9 B
140 B 482ms
129ms Image
text/plain 162.210.196.168
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imyru.info/images/1179233840_wo-kann-man-deutsche-soldaten-kennenlernen.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.210.196.168 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy
content-length: 9

GET
H/1.1

404
Not Found

tuerkisch-maenner-collage.jpg
www.vaybee.de/channel/
Redirect Chain

https://www.vaybee-shop.de/channel/tuerkisch-maenner-collage.jpg
https://www.vaybee.de/channel/tuerkisch-maenner-collage.jpg

0
0

198ms
11ms

Image
text/html

81.20.131.61
SURFPLANET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vaybee.de/channel/tuerkisch-maenner-collage.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: HTTP/1.1
Server: 81.20.131.61 , Germany, ASN33984 (SURFPLANET-AS, DE),
Reverse DNS: app02.vaybee.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Mon, 24 Jan 2022 00:24:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Location: http://www.vaybee.de/channel/tuerkisch-maenner-collage.jpg
Connection: keep-alive
Content-Length: 252

GET
H2 200 Kanadische-Frauen.jpg
www.frauenkennenlernen.org/wp-content/uploads/2016/05/ 549 KB
553 KB 202ms
48ms Image
image/jpeg 85.13.157.188
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.frauenkennenlernen.org/wp-content/uploads/2016/05/Kanadische-Frauen.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.157.188 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd39406.kasserver.com
Software: Apache /
Resource Hash: 98154616dc5d925b5bd48acdd9f991c1075560f0b293d7c3a8c23e90293b03f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
last-modified: Sun, 19 Nov 2017 10:05:22 GMT
server: Apache
accept-ranges: bytes
etag: "893ba-55e531b9b1c80"
content-length: 562106
content-type: image/jpeg

GET bdswiss_plattform_620.png
www.bdsm-urlaub.info/ 0
0

GET
H2 200 wide__660x371__desktop
img.zeit.de/zeit-magazin/leben/2016-04/partnerboerse-parship-elite-online-digitales-kennenlernen-johannson/ 14 KB
14 KB 297ms
214ms Image
image/webp 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.zeit.de/zeit-magazin/leben/2016-04/partnerboerse-parship-elite-online-digitales-kennenlernen-johannson/wide__660x371__desktop

Requested by

Host: saferrbo.cf
URL: https://saferrbo.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00801eb0b474ef1b21a3b78a5c84fc036e2996543eae170044aafdc0078a8ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
age: 0
x-maxage: 3600
strict-transport-security: max-age=15724800
content-type: image/webp
cache-control: max-age=7776000
content-disposition: inline; filename="partnerboerse-parship-elite-online-digitales-kennenlernen-johannson.webp"
accept-ranges: bytes
content-length: 14356
expires: Sun, 24 Apr 2022 00:24:43 GMT

GET 3306233155_maenner-kennenlernen-app.jpg
akady.info/images/ 0
0

GET 1083376154_das-kennenlernen-dict.png
amofi.info/images/ 0
0

GET
H2 404 8167080912_maenner-in-bars-kennenlernen.jpg
imyru.info/images/ 9 B
198 B 452ms
127ms Image
text/plain 162.210.196.168
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imyru.info/images/8167080912_maenner-in-bars-kennenlernen.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.210.196.168 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy
content-length: 9

GET 3573914427_mit-frauen-flirten-schreiben.jpg
augustowski.eu/images/ 0
0

GET
H2 404 image-34972-galleryV9-lcqx.jpg
www.spiegel.de/images/ 18 B
18 B 128ms
46ms Image
text/plain 128.65.210.181
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.spiegel.de/images/image-34972-galleryV9-lcqx.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.181 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: /
Resource Hash: 222d41c4b29bf6a0b9ac388c8d602f1d42fa73082fab275b6d270a592b438c67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 00:24:43 GMT
via: 1.1 google
cache-control: public, max-age=30, s-maxage=120
alt-svc: clear
content-length: 18
content-type: text/plain; charset=utf-8

GET
H2 404 snap3.png
www.express.de/image/23616416/max/338/600/7a8f1fb79d3045ecacc2631bb08df32c/XU/ 0
0 304ms
46ms Image
text/html 104.111.250.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.express.de/image/23616416/max/338/600/7a8f1fb79d3045ecacc2631bb08df32c/XU/snap3.png
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-159.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 404 maske-erdogan-07b1.jpg
belgarathblog.files.wordpress.com/2014/10/ 0
0 231ms
148ms Image
text/html 192.0.72.26
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belgarathblog.files.wordpress.com/2014/10/maske-erdogan-07b1.jpg?w=610
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1 200
OK frauen-koennen-mit-gelassenheit-punkten.jpg
bilder.t-online.de/b/64/83/82/98/id_64838298/tid_da/ 60 KB
60 KB 217ms
74ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/64/83/82/98/id_64838298/tid_da/frauen-koennen-mit-gelassenheit-punkten.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 40cd34adfea56bd181afe3bd5295d0085dfdc863a7ceb2d0c20088a33d5298ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:43 GMT
Last-Modified: Tue, 10 Sep 2013 09:12:01 GMT
Age: 0
Etag: "64838298-4"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=2591999
X-SourceInfo: cmsweb04/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 61510

GET 3229224113_partnervermittlung-polen-deutschland.jpg
augustowski.eu/images/ 0
0

GET

tuerkische-maenner.jpg
p6.focus.de/img/fotos/id_1032070/
Redirect Chain

https://p5.focus.de/img/fotos/crop1032070/6132719957-w1200-h627-o-q75-p5/Tuerkische-Maenner.jpg
https://p6.focus.de/img/fotos/id_1032070/tuerkische-maenner.jpg?im=Resize%3D%281200%2C627%29&hash=671c47a80f9930711c7d996cea076459417a8714e89e8892eb77a5fbe17b92f6

0
0

GET
H2 404 3338899241_turkische-jungs-kennenlernen.jpg
imyru.info/images/ 9 B
140 B 214ms
128ms Image
text/plain 162.210.196.168
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imyru.info/images/3338899241_turkische-jungs-kennenlernen.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.210.196.168 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy
content-length: 9

GET 11_Maennerfreundschaften.JPG
www.sportschule-potsdam.de/tl_files/schule/faecher/Partnerschaften/Finnland/Bildergalerie%20Finnland%20Deutschland%20Projekt/ 0
0

GET

Gedenkfeier-fuer-Tuerkisches-Mordopfer-Kreuzberg.jpg
img.welt.de/img/bildergalerien/mobile106484176/3502505967-ci102l-w1024/
Redirect Chain

https://www.welt.de/img/bildergalerien/mobile106484176/3502505967-ci102l-w1024/Gedenkfeier-fuer-Tuerkisches-Mordopfer-Kreuzberg.jpg
https://img.welt.de/img/bildergalerien/mobile106484176/3502505967-ci102l-w1024/Gedenkfeier-fuer-Tuerkisches-Mordopfer-Kreuzberg.jpg

0
0

GET
H2 200 pic2.jpg
saferrbo.cf/images/ 9 KB
9 KB 75ms
74ms Image
image/jpeg 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saferrbo.cf/images/pic2.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9218
last-modified: Mon, 13 Jan 2020 09:38:40 GMT
server: cloudflare
etag: "5e1c3aa0-2402"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOCoaMQ05uqcbifKM6aEQfAt7bGN%2Bu1fGc1Kz9FPcruu8XqErmsjPX22WS1xAnKExCk8%2FakhaZn71r%2Fkv44wOLjfFw0E94doGUWbaV0T18NeJTdWI4cdAilXKRrA19WOmonKltq%2FuNei2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d251ed70c54f93b-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pic1.jpg
saferrbo.cf/images/ 5 KB
5 KB 77ms
77ms Image
image/jpeg 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saferrbo.cf/images/pic1.jpg
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5021
last-modified: Mon, 13 Jan 2020 09:35:22 GMT
server: cloudflare
etag: "5e1c39da-139d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Fj03g5eME3rwGI2ElEGWThkIUZWF1cxRzG0KsCFRp89dD4RB5SeW9kM7dIx6K6E4UZ%2FyLCOxO7zOhJf8%2BynvNhaXVZMcT7A3A%2FSu38jC%2F5ebtgd9Nh1l%2FiPzXmj1om%2Fm%2B9E%2F5rSMsn42Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d251ed70c56f93b-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
saferrbo.cf/images/assets/js/ 86 KB
31 KB 112ms
111ms Script
application/javascript 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saferrbo.cf/images/assets/js/jquery.min.js
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wzn104tmL4lCzp07lcBtp%2BCk6pJO5UhHetdKJuj%2FIiKkGJqtbHBQ3jOKZbhPI4k02GG50tso8kP%2FywrWj2c5WN43Y7S6Uw%2FDkFAWQjms4EjGmUbaTuYP60wRwyaPVSXNzI76s9oYXThHKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d251ed6ec3ff93b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 browser.min.js Show response
saferrbo.cf/images/assets/js/ 2 KB
1 KB 75ms
75ms Script
application/javascript 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saferrbo.cf/images/assets/js/browser.min.js
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-73b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Rn1E9Va2CW3VgDuzj5znz88KJAhXWr11cSwGsio%2F2sooLma9OK7TMflNjaGtvgaJOiuZ45BkTpLemfgQ1V81OzEJx428LmLy%2B3tvj0%2FBOPl9dWAIGDCYj%2BPsMk2kzOVrkXGJg1cJWlkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d251ed6ec43f93b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 breakpoints.min.js Show response
saferrbo.cf/images/assets/js/ 2 KB
1 KB 75ms
74ms Script
application/javascript 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saferrbo.cf/images/assets/js/breakpoints.min.js
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAjFTInLiCIhc6rqC77eqgwFn2kwPV9XFzv5FdbW3it3X0QYOVchAC6hrtmCB2r4nfYzLokN7yqszU%2BJlTM7%2FQ3eKnCyg93Zr7cldIBQHY%2FHmrByunzlxlFfIugfoSJghmQc%2FKwzo4tvvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d251ed6ec45f93b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 util.js Show response
saferrbo.cf/images/assets/js/ 12 KB
4 KB 76ms
76ms Script
application/javascript 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saferrbo.cf/images/assets/js/util.js
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-3091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrZyYvWaAe%2BKu4eRco8OUf6qLocqlaveJcLUt31UFqtvEhi6zrG4KmMwWz31143TOhSmxNFJy2u7XZJ5Eu6nFfAMzYqSVnMDGqRTWwaF2sztxfA1b0Yu8p4UZrm3FT7WjoZGGZRHyqYu7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d251ed6ec46f93b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
saferrbo.cf/images/assets/js/ 1 KB
838 B 80ms
80ms Script
application/javascript 2606:4700:3037::6815:5a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saferrbo.cf/images/assets/js/main.js
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:24:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mAJe5xM%2FlDTrTHhptaxeCcSgp%2FWQWOCF5wg5i23fiZlZHymuJCvj7cG49AnOWe%2BE2BZKtvr5Zjg%2BCV3wvbuQRbfYehd%2BehiGDilf8OwCohol2C6lFrxVQ%2BApxGiNsc44X6fcBKCjxdxTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d251ed6ec4cf93b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1007 B 76ms
31ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Requested by

Host: saferrbo.cf
URL: https://saferrbo.cf/images/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

288f01b9601681ec39f2cf7242e0d23780310021fe2fee8e6272f8ed37ab67d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 00:08:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 24 Jan 2022 00:24:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jan 2022 00:24:43 GMT

GET
H2 200 KjXhYN
algosit.com/ 466 B
1 KB 214ms
134ms Script
application/javascript 2606:4700:3032::ac43:aeaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algosit.com/KjXhYN?se_referrer=&default_keyword=T%C3%BCrkische%20m%C3%A4nner%20in%20deutschland%20kennenlernen&&frm5f1ae947a2765=script5f1ae947a2766&_cid=3e24e87e-3961-d8fd-ee27-e3de41bfaa8c
Requested by: Host: saferrbo.cf
URL: https://saferrbo.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aeaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 00:24:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 24 Jan 2022 00:24:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOa3hfYN8KKi8B4AJXVyKTzfMrlzl0SGSkc%2BzUPfKNJ0IvBZjDJS%2F5vcSFC5T6Bkcsly%2BBhLzTflAjrs5noiNWcFXoykAGx1wpAJWxDxrGWM8Ou%2FTLExR9axG82Wzg3nhjz%2B1T5cggtJrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-ray: 6d251ed94e7c374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v11/ 28 KB
29 KB 89ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v11/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dbbd6cea03d1ecfbf65dc139b3cc03c52479ea3bf5fa8221822e478179e5ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saferrbo.cf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 06:28:34 GMT
x-content-type-options: nosniff
age: 237369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28608
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:21:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 21 Jan 2023 06:28:34 GMT

GET
H/1.1 200
OK Primary Request / Show response
live-datingsforyou.com/ 7 KB
7 KB 308ms
70ms Document
text/html 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Requested by: Host: algosit.com
URL: https://algosit.com/KjXhYN?se_referrer=&default_keyword=T%C3%BCrkische%20m%C3%A4nner%20in%20deutschland%20kennenlernen&&frm5f1ae947a2765=script5f1ae947a2766&_cid=3e24e87e-3961-d8fd-ee27-e3de41bfaa8c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: c2841fbded958aceed235044d85affba2de5daf957228a3c5afc6996213fe218

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://saferrbo.cf/

Response headers

Server: nginx
Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Type: text/html
Content-Length: 7285
Connection: keep-alive
Cache-Control: private no-transform

GET
H/1.1 200
OK animate.min.css
live-datingsforyou.com/media/dating/toon2/css/ 52 KB
4 KB 17ms
17ms Stylesheet
text/css 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/dating/toon2/css/animate.min.css
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-ce35"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK style.css
live-datingsforyou.com/media/dating/toon2/css/ 8 KB
2 KB 59ms
17ms Stylesheet
text/css 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/dating/toon2/css/style.css
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-21a0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK js.cookie.js Show response
live-datingsforyou.com/cookie/ 4 KB
2 KB 57ms
15ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/cookie/js.cookie.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:38:46 GMT
Server: nginx
ETag: W/"60a506d6-10a8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK utils.js Show response
live-datingsforyou.com/util/ 7 KB
3 KB 57ms
14ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/util/utils.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Mon, 21 Jun 2021 15:49:01 GMT
Server: nginx
ETag: W/"60d0b4ed-1d57"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK 123.jpg
live-datingsforyou.com/media/dating/toon2/images/ 175 KB
166 KB 115ms
21ms Image
image/jpeg 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-datingsforyou.com/media/dating/toon2/images/123.jpg
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-2bbe8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
live-datingsforyou.com/media/dating/toon2/js/ 84 KB
29 KB 103ms
51ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK bb.js Show response
live-datingsforyou.com/media/ 639 B
642 B 106ms
13ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/bb.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:39:28 GMT
Server: nginx
ETag: W/"60a50700-27f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK exit1.js Show response
live-datingsforyou.com/media/exit-new/ 3 KB
1 KB 108ms
14ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/exit-new/exit1.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=1orgnbk3pcc1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Mon, 31 May 2021 11:57:39 GMT
Server: nginx
ETag: W/"60b4cf33-d91"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H3 200 css
fonts.googleapis.com/ 30 KB
1 KB 33ms
18ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/media/dating/toon2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc17d3608f188d7362bb4f59bd8dcac681a257cb394e02769b291e452ebb4be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 23 Jan 2022 23:33:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 24 Jan 2022 00:24:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jan 2022 00:24:44 GMT

GET
H/1.1 200
OK bg.jpg
live-datingsforyou.com/media/dating/toon2/images/ 117 KB
108 KB 113ms
21ms Image
image/jpeg 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-datingsforyou.com/media/dating/toon2/images/bg.jpg
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/media/dating/toon2/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 00:24:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-1d3ca"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 73ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://live-datingsforyou.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:12:20 GMT
x-content-type-options: nosniff
age: 447144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 20:12:20 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 71ms
35ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://live-datingsforyou.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:12:18 GMT
x-content-type-options: nosniff
age: 360746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 20:12:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: augustowski.eu
URL: https://augustowski.eu/images/4242198238_kennenlernen-freiburg.jpg

Domain: akady.info
URL: https://akady.info/images/2042885717_japaner-in-deutschland-kennenlernen.jpg

Domain: www.bdsm-urlaub.info
URL: https://www.bdsm-urlaub.info/bdswiss_plattform_620.png

Domain: akady.info
URL: https://akady.info/images/3306233155_maenner-kennenlernen-app.jpg

Domain: amofi.info
URL: https://amofi.info/images/1083376154_das-kennenlernen-dict.png

Domain: augustowski.eu
URL: https://augustowski.eu/images/3573914427_mit-frauen-flirten-schreiben.jpg

Domain: augustowski.eu
URL: https://augustowski.eu/images/3229224113_partnervermittlung-polen-deutschland.jpg

Domain: p6.focus.de
URL: https://p6.focus.de/img/fotos/id_1032070/tuerkische-maenner.jpg?im=Resize%3D%281200%2C627%29&hash=671c47a80f9930711c7d996cea076459417a8714e89e8892eb77a5fbe17b92f6

Domain: www.sportschule-potsdam.de
URL: https://www.sportschule-potsdam.de/tl_files/schule/faecher/Partnerschaften/Finnland/Bildergalerie%20Finnland%20Deutschland%20Projekt/11_Maennerfreundschaften.JPG

Domain: img.welt.de
URL: https://img.welt.de/img/bildergalerien/mobile106484176/3502505967-ci102l-w1024/Gedenkfeier-fuer-Tuerkisches-Mordopfer-Kreuzberg.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			live-datingsforyou.com/	1969-12-31 23:59:59	Name: sid Value: t3~fiif3dmm1iziapghir3zhfu2

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://imyru.info/images/1179233840_wo-kann-man-deutsche-soldaten-kennenlernen.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.vaybee-shop.de/channel/tuerkisch-maenner-collage.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.frauenkennenlernen.org/wp-content/uploads/2016/05/Kanadische-Frauen.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://imyru.info/images/8167080912_maenner-in-bars-kennenlernen.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.sportschule-potsdam.de/tl_files/schule/faecher/Partnerschaften/Finnland/Bildergalerie%20Finnland%20Deutschland%20Projekt/11_Maennerfreundschaften.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://akady.info/images/2042885717_japaner-in-deutschland-kennenlernen.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://akady.info/images/3306233155_maenner-kennenlernen-app.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://amofi.info/images/1083376154_das-kennenlernen-dict.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://augustowski.eu/images/4242198238_kennenlernen-freiburg.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://augustowski.eu/images/3573914427_mit-frauen-flirten-schreiben.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://imyru.info/images/1179233840_wo-kann-man-deutsche-soldaten-kennenlernen.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.vaybee-shop.de/channel/tuerkisch-maenner-collage.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.frauenkennenlernen.org/wp-content/uploads/2016/05/Kanadische-Frauen.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://imyru.info/images/8167080912_maenner-in-bars-kennenlernen.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://saferrbo.cf/ Message: Mixed Content: The page at 'https://saferrbo.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.sportschule-potsdam.de/tl_files/schule/faecher/Partnerschaften/Finnland/Bildergalerie%20Finnland%20Deutschland%20Projekt/11_Maennerfreundschaften.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.spiegel.de/images/image-34972-galleryV9-lcqx.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://belgarathblog.files.wordpress.com/2014/10/maske-erdogan-07b1.jpg?w=610 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://augustowski.eu/images/3229224113_partnervermittlung-polen-deutschland.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.transcript-verlag.de/media/image/a0/e8/62/9783933127877XcQykLnn3eaCZ_1280x1280.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.express.de/image/23616416/max/338/600/7a8f1fb79d3045ecacc2631bb08df32c/XU/snap3.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.vaybee.de/channel/tuerkisch-maenner-collage.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://imyru.info/images/8167080912_maenner-in-bars-kennenlernen.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://imyru.info/images/3338899241_turkische-jungs-kennenlernen.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://imyru.info/images/1179233840_wo-kann-man-deutsche-soldaten-kennenlernen.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akady.info
algosit.com
amofi.info
augustowski.eu
belgarathblog.files.wordpress.com
bilder.t-online.de
fonts.googleapis.com
fonts.gstatic.com
img.welt.de
img.zeit.de
imyru.info
live-datingsforyou.com
p6.focus.de
saferrbo.cf
www.bdsm-urlaub.info
www.express.de
www.frauenkennenlernen.org
www.spiegel.de
www.sportschule-potsdam.de
www.transcript-verlag.de
www.vaybee-shop.de
www.vaybee.de
akady.info
amofi.info
augustowski.eu
img.welt.de
p6.focus.de
www.bdsm-urlaub.info
www.sportschule-potsdam.de
104.111.250.159
128.65.210.181
151.101.2.49
162.210.196.168
192.0.72.26
212.53.175.136
2606:4700:3032::ac43:aeaa
2606:4700:3037::6815:5a30
2a00:1450:4001:80f::2003
2a00:1450:400e:801::200a
5.101.45.6
62.138.238.103
81.20.131.61
85.13.157.188
00801eb0b474ef1b21a3b78a5c84fc036e2996543eae170044aafdc0078a8ff0
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0650134f150c3ec5ef9760ce3254e93675b0fd0275a93181593c194c1eec7129
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
222d41c4b29bf6a0b9ac388c8d602f1d42fa73082fab275b6d270a592b438c67
288f01b9601681ec39f2cf7242e0d23780310021fe2fee8e6272f8ed37ab67d4
2dbbd6cea03d1ecfbf65dc139b3cc03c52479ea3bf5fa8221822e478179e5ce6
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
40cd34adfea56bd181afe3bd5295d0085dfdc863a7ceb2d0c20088a33d5298ed
422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
98154616dc5d925b5bd48acdd9f991c1075560f0b293d7c3a8c23e90293b03f8
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7
a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb
af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
c2841fbded958aceed235044d85affba2de5daf957228a3c5afc6996213fe218
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cc17d3608f188d7362bb4f59bd8dcac681a257cb394e02769b291e452ebb4be1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

live-datingsforyou.com Open in urlscan Pro 5.101.45.6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

76 %HTTPS

29 %IPv6

22 Domains

22 Subdomains

15 IPs

4 Countries

1093 kBTransfer

1360 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

live-datingsforyou.com Open in urlscan Pro
5.101.45.6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

76 %
HTTPS

29 %
IPv6

22
Domains

22
Subdomains

15
IPs

4
Countries

1093 kB
Transfer

1360 kB
Size

1
Cookies

46 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!