safelydatesnow.com Open in urlscan Pro
2606:4700:3033::ac43:c90f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://matchmilfytindi.pro/go4dates226
Effective URL:
https://safelydatesnow.com/go4dates226
Submission: On August 24 via manual (August 24th 2020, 5:53:08 pm UTC) from US

Summary HTTP 40 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3033::ac43:c90f, located in United States and belongs to CLOUDFLARENET, US. The main domain is safelydatesnow.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2020. Valid for: a year.

This is the only time safelydatesnow.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tinder (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.174.152.175 217.174.152.175	31083 (TELEPOINT) (TELEPOINT)
27	2606:4700:303... 2606:4700:3033::ac43:c90f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	104.24.100.78 104.24.100.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::681b:87fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.156.92 13.226.156.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6812:3e9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.171.128.172 163.171.128.172	54994 (QUANTILNE...) (QUANTILNETWORKS)
40	10

1 217.174.152.175 (Dobrich, Bulgaria) 1 redirects

ASN31083 (TELEPOINT, BG)

matchmilfytindi.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3033::ac43:c90f (United States)

ASN13335 (CLOUDFLARENET, US)

safelydatesnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.24.100.78 (United States)

ASN13335 (CLOUDFLARENET, US)

geoip.joinsafelyonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681b:87fe (United States)

ASN13335 (CLOUDFLARENET, US)

www.ip2phrase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.156.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-92.dus51.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6812:3e9f (United States)

ASN13335 (CLOUDFLARENET, US)

fastpx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, US)

fc845.registersafely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	safelydatesnow.com safelydatesnow.com	2 MB
4	bugsnag.com sessions.bugsnag.com	179 B
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	81 KB
1	registersafely.com fc845.registersafely.com
1	fastpx.com fastpx.com	376 B
1	gstatic.com fonts.gstatic.com	33 KB
1	ip2phrase.com www.ip2phrase.com	593 B
1	onesignal.com cdn.onesignal.com	3 KB
1	joinsafelyonline.com geoip.joinsafelyonline.com	554 B
1	googleapis.com fonts.googleapis.com	648 B
1	matchmilfytindi.pro 1 redirects matchmilfytindi.pro	277 B
40	11

	Domain	Requested by
27	safelydatesnow.com	safelydatesnow.com
4	sessions.bugsnag.com	d2wy8f7a9ursnm.cloudfront.net
2	d2wy8f7a9ursnm.cloudfront.net	safelydatesnow.com
1	fc845.registersafely.com	safelydatesnow.com
1	fastpx.com	safelydatesnow.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.ip2phrase.com	safelydatesnow.com
1	cdn.onesignal.com	safelydatesnow.com
1	geoip.joinsafelyonline.com	safelydatesnow.com
1	fonts.googleapis.com	safelydatesnow.com
1	matchmilfytindi.pro	1 redirects
40	11

This site contains links to these domains. Also see Links.

Domain
www.ip2phrase.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-16` - `2021-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.registersafely.com AlphaSSL CA - SHA256 - G2	`2019-09-13` - `2021-09-13`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://safelydatesnow.com/go4dates226
Frame ID: 3EE535A74D1CF8077C04895C82D85520
Requests: 30 HTTP requests in this frame

Frame: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Frame ID: 7A91E8690BC3126427D57D079F49EA5C
Requests: 7 HTTP requests in this frame

Frame: https://fc845.registersafely.com/routes/fc845/?ofid=8&a_aid=fc845&x_subid=lsf-mediumauth&a_bid=a3b4e25e&x_variable=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Frame ID: 20EA283B406E382752BEA288BCD1110E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://matchmilfytindi.pro/go4dates226 HTTP 301
https://safelydatesnow.com/go4dates226 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

40
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

1984 kB
Transfer

2042 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ip2phrase.com/
Title: Frankfurt am Main, Hessen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://matchmilfytindi.pro/go4dates226 HTTP 301
https://safelydatesnow.com/go4dates226 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request go4dates226 Show response
safelydatesnow.com/
Redirect Chain

http://matchmilfytindi.pro/go4dates226
https://safelydatesnow.com/go4dates226

11 KB
4 KB

1023ms
994ms

Document
text/html

2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b49cc2fccac3a3fa76f8f43cc5cca27e7484dd4093248995db801a6b0104312a

Request headers

:method: GET
:authority: safelydatesnow.com
:scheme: https
:path: /go4dates226
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 17:52:46 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=ddd5ab52230c69eec28f93e212dc549761598291565; expires=Wed, 23-Sep-20 17:52:45 GMT; path=/; domain=.safelydatesnow.com; HttpOnly; SameSite=Lax .AspNetCore.Session=CfDJ8Hq0t2raHVNIu4G6XXkOfJph7rGIskIaqeFlkVBgCs27Tt11IYsfxrxLurzj6mvenNk2CpNYxME%2BKRiRXFrppzJXGE3fmZcEzOCP%2BMC%2BI0yWn%2B2NUtYbFgyLa1u4KMsYgOeJxzyh09sS0lCFeSHrjJlGuzuK%2BuCanDmHLiDAY6JV; path=/; samesite=none; httponly
cache-control: no-cache
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
cf-request-id: 04c332f541000063a1b508f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c7eedcec88663a1-FRA
content-encoding: br

Redirect headers

Date: Mon, 24 Aug 2020 17:52:46 GMT
Server: Apache mod_bwlimited/1.4
Location: https://safelydatesnow.com/go4dates226
Content-Length: 246
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 4 KB
648 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans:400,300,700

Requested by

Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16d3d12f94cb57adf13852a17da9cd977b449c5abf0d1cd16651c907dc0f4e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 17:52:46 GMT
server: ESF
date: Mon, 24 Aug 2020 17:52:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Aug 2020 17:52:46 GMT

GET
H2 200 normalize.css
safelydatesnow.com/tinder2019/css/ 8 KB
2 KB 17ms
15ms Stylesheet
text/css 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/tinder2019/css/normalize.css
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: W/"1d6724965cb071f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c7eedd4fb5363a1-FRA
cf-request-id: 04c332f91f000063a1b50a8200000001

GET
H2 200 skeleton.css
safelydatesnow.com/tinder2019/css/ 12 KB
3 KB 19ms
18ms Stylesheet
text/css 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/tinder2019/css/skeleton.css
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754aee517dab7c5f6f77f944d43e85e34ed12d499bc043d6eb224a4159aae98c

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: W/"1d6724965cb095e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c7eedd50b5463a1-FRA
cf-request-id: 04c332f920000063a1b50a9200000001

GET
H2 200 style.css
safelydatesnow.com/tinder2019/css/ 11 KB
3 KB 17ms
16ms Stylesheet
text/css 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/tinder2019/css/style.css
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 428e401b117aed08b1a22f15eb7dec16ebce0ac867272231fd8255d3ecde526a

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: W/"1d6724965cb0b70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c7eedd50b5563a1-FRA
cf-request-id: 04c332f920000063a1b50aa200000001

GET
H2 200 / Show response
geoip.joinsafelyonline.com/ 401 B
554 B 1678ms
1591ms Script
application/javascript 104.24.100.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.joinsafelyonline.com/
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.100.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f588c6c199451241a8797f481752e52d159fa273a3c5dd2dbb32e2333cc9221

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 17:52:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5c7eedd59a63ee54-CDG
cf-request-id: 04c332f97f0000ee54b58a0200000001
expires: 0

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6825b92753d2d2ddd3fcbb3ec0481c2a48a93917f96e7758da2c330403b5740d

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 85
etag: W/"07fe8328bd2f934c60350007c3e625e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 5c7eedd7e98bd6b1-FRA
cf-request-id: 04c332faef0000d6b1042c1200000001
expires: Tue, 25 Aug 2020 05:52:47 GMT

GET
H2 200 safechecklogo.png
safelydatesnow.com/tinder2019/images/ 15 KB
15 KB 14ms
13ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/safechecklogo.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7079f269e445f9bf3e6405ff5638faeb17c7d21ff587775f16e3277099b85d95

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: "1d6724965cb1be1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eedd80cbb63a1-FRA
content-length: 15585
cf-request-id: 04c332fb03000063a1b50b6200000001

GET
H2 200 logotin.png
safelydatesnow.com/tinder2019/ 10 KB
10 KB 22ms
21ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/logotin.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c295a9eab3939e1820a44376e4db9e0a33ea87f657d944bd505dd744d90a664e

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: "1d6724965cb0167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eedd81cc563a1-FRA
content-length: 9831
cf-request-id: 04c332fb12000063a1b50b7200000001

GET
H2 200 ip2phrase.asp Show response
www.ip2phrase.com/ 175 B
593 B 290ms
272ms Script
text/html 2606:4700:3031::681b:87fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip2phrase.com/ip2phrase.asp?template=%3CCITY%3E,%20%3CREGION%3E
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:87fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922b90f38d297fb2f6a5f6edf5c248486e5a46b985d1a9d816a74cfafff2ed8a

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 17:52:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c7eedd53c7d05bf-FRA
cf-request-id: 04c332f944000005bf198b9200000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 register.gif
safelydatesnow.com/tinder2019/images/ 242 KB
242 KB 18ms
18ms Image
image/gif 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/register.gif
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22f891861e26158a94810d08efac95a1651d6ef4af15a7cade5ea58d0e7af9d

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: "1d6724965c8e0e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eedd84cda63a1-FRA
content-length: 247785
cf-request-id: 04c332fb29000063a1b50ba200000001

GET
H2 200 error-button2.png
safelydatesnow.com/tinder2019/images/ 21 KB
21 KB 19ms
19ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/error-button2.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a93ddecc8a375bad785f131221a6be5370935d671937cd04040d3ceb7bb990e

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: "1d6724965cb75fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eedd87ceb63a1-FRA
content-length: 21245
cf-request-id: 04c332fb48000063a1b50bb200000001

GET
H2 200 logosdf2.png
safelydatesnow.com/tinder2019/images/ 54 KB
54 KB 16ms
16ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/logosdf2.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04edcd1ddbff27af1eef53238da91f1ef4f8f3ce55cdfa40fe3b87c8ef1d18ec

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: "1d6724965cbf025"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eedd89cf963a1-FRA
content-length: 55077
cf-request-id: 04c332fb5c000063a1b50bc200000001

GET
H2 200 images
safelydatesnow.com/ 94 KB
94 KB 219ms
219ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/images?id=366136
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb5159d48ae7b5693c5b824ccf66e502b1a4f835a26c8a823f29c3855327f8b

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
status: 200
cf-ray: 5c7eedd8cd0a63a1-FRA
content-length: 96020
cf-request-id: 04c332fb7b000063a1b50bd200000001

GET
H2 200 images
safelydatesnow.com/ 135 KB
135 KB 199ms
199ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/images?id=366134
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2c1054b5dceac7506f2179618b670a739c029c476eadde6ee35b568ea158e2

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
status: 200
cf-ray: 5c7eedda1d8763a1-FRA
content-length: 138059
cf-request-id: 04c332fc4e000063a1b50c5200000001

GET
H2 200 images
safelydatesnow.com/ 129 KB
129 KB 229ms
229ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/images?id=366135
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d6228cff322eb2db74f31bd7b83f6a418aa9c19e6b9072c76c9c3dc280500d

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
status: 200
cf-ray: 5c7eeddbce3463a1-FRA
content-length: 132005
cf-request-id: 04c332fd60000063a1b50cb200000001

GET
H2 200 images
safelydatesnow.com/ 134 KB
134 KB 213ms
213ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/images?id=366133
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc1bd02b28598d27b11cee0547af926019025f422097b5bede2250ccbbdeb86

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
status: 200
cf-ray: 5c7eeddd5ecd63a1-FRA
content-length: 137203
cf-request-id: 04c332fe56000063a1b50cf200000001

GET
H2 200 contact_Is.png
safelydatesnow.com/tinder2019/images/ 77 KB
77 KB 49ms
49ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/contact_Is.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be94d2d915cc3433bc9d2f13cdb86aa11e3301618dcd84940f5da0ca1a77a132

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965ca15bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddedf8163a1-FRA
content-length: 78524
cf-request-id: 04c332ff4b000063a1b50d8200000001

GET
H2 200 signupnow.png
safelydatesnow.com/tinder2019/images/ 16 KB
16 KB 14ms
14ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/signupnow.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc44a1d5b99728b5b22cc0fda4b250808675f83f32993c8214664ad09aed2613

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965cb19b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddf2f9d63a1-FRA
content-length: 16053
cf-request-id: 04c332ff7d000063a1b50d9200000001

GET
H2 200 jessica.png
safelydatesnow.com/tinder2019/profile-pics/ 217 KB
218 KB 24ms
23ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/profile-pics/jessica.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b83a146d7451334a489d778a8cb67cf66496098ca2f0c3066e9bc249f5a68371

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965c842b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddf4fb263a1-FRA
content-length: 222642
cf-request-id: 04c332ff8f000063a1b50da200000001

GET
H2 200 TinaandRaymond.png
safelydatesnow.com/tinder2019/profile-pics/ 157 KB
157 KB 26ms
26ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/profile-pics/TinaandRaymond.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7911d87a52df5f683fe94de9f6a1f4f49cf55bbbf13c8e29c7fe7a12a2eece

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965c954d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddf7fc763a1-FRA
content-length: 160721
cf-request-id: 04c332ffa9000063a1b50db200000001

GET
H2 200 staci.png
safelydatesnow.com/tinder2019/profile-pics/ 222 KB
222 KB 21ms
21ms Image
image/png 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/profile-pics/staci.png
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f412119f26180556b1eb9bff47a64eb7035d243a9f0c1c2a367d1800901afcf2

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965c85f69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddf7fd063a1-FRA
content-length: 227433
cf-request-id: 04c332ffaf000063a1b50dc200000001

GET
H2 200 as-seen-on.gif
safelydatesnow.com/tinder2019/images/ 32 KB
32 KB 22ms
21ms Image
image/gif 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/as-seen-on.gif
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d449f17ae7d103e430d8d87a911aff5e50d208ecedbb6c4f50c13529a543541

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965cb596b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddf8fd563a1-FRA
content-length: 32363
cf-request-id: 04c332ffb3000063a1b50dd200000001

GET
H2 200 n_1.jpg
safelydatesnow.com/tinder2019/images/ 273 KB
274 KB 50ms
50ms Image
image/jpeg 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/n_1.jpg
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226f205ee4b13704203ed8d8d592f02a46f6ebca7ce4d91e703b7865ed9d3438

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965cf62c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddf8fd763a1-FRA
content-length: 280008
cf-request-id: 04c332ffb3000063a1b50de200000001

GET
H2 200 as-seen-on2.gif
safelydatesnow.com/tinder2019/images/ 8 KB
8 KB 27ms
26ms Image
image/gif 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safelydatesnow.com/tinder2019/images/as-seen-on2.gif
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: "1d6724965cb3932"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c7eeddf8fd863a1-FRA
content-length: 7730
cf-request-id: 04c332ffb3000063a1b50df200000001

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
41 KB 103ms
28ms Script
application/javascript 13.226.156.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-92.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 18:11:07 GMT
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 3368501
ETag: "e63788b8657ac52b3cdbb970e551c2a4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 40961
X-Amz-Cf-Id: jysu2vRLLjLqzLtrcMdTQ1_LOtyZjLAiFoi_MWXtshj6xDNjjlsYjw==

GET
H2 200 webfont.js Show response
safelydatesnow.com/tinder/js/ 13 KB
5 KB 14ms
14ms Script
application/javascript 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/tinder/js/webfont.js
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3ca7d262a9370115f0cb5af00ed49f738e43ab587246c6aef865f1894c891d7

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: W/"1d6724965cb14a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c7eedd7bc8963a1-FRA
cf-request-id: 04c332facf000063a1b50b3200000001

GET
H2 200 common.js Show response
safelydatesnow.com/shared/ 2 KB
834 B 16ms
15ms Script
application/javascript 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/shared/common.js
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae72a95ac795750a22d36837cf9edbddacd940a1c6e873ffe9a61042fb8b13a

Request headers

Referer: https://safelydatesnow.com/go4dates226
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 113
etag: W/"1d6724965cb2e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c7eedd7cca063a1-FRA
cf-request-id: 04c332fade000063a1b50b4200000001

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2
fonts.gstatic.com/s/merriweathersans/v13/ 33 KB
33 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v13/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://safelydatesnow.com
Referer: https://fonts.googleapis.com/css?family=Merriweather+Sans:400,300,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 20:17:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Aug 2020 19:50:46 GMT
server: sffe
age: 250513
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33660
x-xss-protection: 0
expires: Sat, 21 Aug 2021 20:17:35 GMT

GET
H2 200 join Show response
safelydatesnow.com/ Frame 7A91 1 KB
671 B 474ms
473ms Document
text/html 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/go4dates226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8cd14b5b08d2afce9a75082a712f562cd3a6a929bf1f0605daf5d82fb5bf88

Request headers

:method: GET
:authority: safelydatesnow.com
:scheme: https
:path: /join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safelydatesnow.com/go4dates226
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=ddd5ab52230c69eec28f93e212dc549761598291565; .AspNetCore.Session=CfDJ8Hq0t2raHVNIu4G6XXkOfJph7rGIskIaqeFlkVBgCs27Tt11IYsfxrxLurzj6mvenNk2CpNYxME%2BKRiRXFrppzJXGE3fmZcEzOCP%2BMC%2BI0yWn%2B2NUtYbFgyLa1u4KMsYgOeJxzyh09sS0lCFeSHrjJlGuzuK%2BuCanDmHLiDAY6JV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://safelydatesnow.com/go4dates226

Response headers

status: 200
date: Mon, 24 Aug 2020 17:52:49 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
cf-request-id: 04c332ffe2000063a1b50e1200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c7eeddfdff963a1-FRA
content-encoding: br

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 160ms
146ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://safelydatesnow.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 24 Aug 2020 17:52:48 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 149ms
148ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://safelydatesnow.com/go4dates226
Bugsnag-Sent-At: 2020-08-24T17:52:48.623Z
Bugsnag-Api-Key: 1e4f71ee0b1653b1c3485b10681638b9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Mon, 24 Aug 2020 17:52:48 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 fire.css
safelydatesnow.com/tinder/css/ Frame 7A91 8 KB
3 KB 15ms
13ms Stylesheet
text/css 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/tinder/css/fire.css
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6718361c9a911793042df84a3d19f79fae7e68ec6ef9092e32d7a343d753b4

Request headers

Referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 114
etag: W/"1d6724965cb066c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c7eede2c90d63a1-FRA
cf-request-id: 04c33301be000063a1b50ef200000001

GET
H2 200 common.js Show response
safelydatesnow.com/shared/ Frame 7A91 2 KB
854 B 12ms
11ms Script
application/javascript 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/shared/common.js
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae72a95ac795750a22d36837cf9edbddacd940a1c6e873ffe9a61042fb8b13a

Request headers

Referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 115
etag: W/"1d6724965cb2e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c7eede2c90f63a1-FRA
cf-request-id: 04c33301be000063a1b50f0200000001

GET
H2 200 /
fastpx.com/pixel/action/ Frame 7A91 43 B
376 B 341ms
310ms Image
image/gif 2606:4700:3037::6812:3e9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastpx.com/pixel/action/?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1&a=form
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6812:3e9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 5c7eede2f845bf14-FRA
content-length: 43
cf-request-id: 04c33301dc0000bf14ec3e2200000001

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ Frame 7A91 40 KB
41 KB 30ms
29ms Script
application/javascript 13.226.156.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-92.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 18:11:07 GMT
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 3368503
ETag: "e63788b8657ac52b3cdbb970e551c2a4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 40961
X-Amz-Cf-Id: e5gkvw43C8jEz5GCS5uVfQDYehJaXBumtQJN2Q5mDPIGMMjnDUYqGw==

GET
H2 200 webfont.js Show response
safelydatesnow.com/tinder/js/ Frame 7A91 13 KB
5 KB 13ms
12ms Script
application/javascript 2606:4700:3033::ac43:c90f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safelydatesnow.com/tinder/js/webfont.js
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c90f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3ca7d262a9370115f0cb5af00ed49f738e43ab587246c6aef865f1894c891d7

Request headers

Referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:52:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 14:44:22 GMT
server: cloudflare
age: 115
etag: W/"1d6724965cb14a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c7eede2c91163a1-FRA
cf-request-id: 04c33301bf000063a1b50f1200000001

GET
H2 200 /
fc845.registersafely.com/routes/fc845/ Frame 20EA 0
0 501ms
269ms Document
text/html 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://fc845.registersafely.com/routes/fc845/?ofid=8&a_aid=fc845&x_subid=lsf-mediumauth&a_bid=a3b4e25e&x_variable=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Requested by: Host: safelydatesnow.com
URL: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: ZENEDGE /
Resource Hash

Request headers

:method: GET
:authority: fc845.registersafely.com
:scheme: https
:path: /routes/fc845/?ofid=8&a_aid=fc845&x_subid=lsf-mediumauth&a_bid=a3b4e25e&x_variable=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1

Response headers

status: 200
date: Mon, 24 Aug 2020 17:52:49 GMT
content-type: text/html
x-cache-status: NOTCACHED
x-zen-fury: 827eb729b9cb7c57a0d3048d9fa164d9461acc8d
cache-control: no-store
set-cookie: PHPSESSID=839e35015281dd70605e8a064816a5f3; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: ZENEDGE
x-cdn: Served-By-Zenedge
content-encoding: gzip
x-via: 1.1 PSdgflkfFRA1ox201:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:1 (Cdn Cache Server V2.0)
x-ws-request-id: 5f43fe71_PSdgflkfFRA1gd9_35165-48628

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 143ms
142ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://safelydatesnow.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 24 Aug 2020 17:52:49 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ Frame 7A91 21 B
82 B 143ms
142ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://safelydatesnow.com/join?t=n_12-a_44665-l_45586-m_3-o_16-t_19-f_50-c_28212604-d_0-v_1
Bugsnag-Sent-At: 2020-08-24T17:52:49.134Z
Bugsnag-Api-Key: 1e4f71ee0b1653b1c3485b10681638b9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Mon, 24 Aug 2020 17:52:49 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tinder (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pkhybm.com/	1970-01-19 11:58:13	Name: __utmb Value: 66583855.1.10.1598291572
.pkhybm.com/	1970-01-19 11:58:12	Name: __utmt Value: 1
pkhybm.com/	1970-01-19 11:58:11	Name: __ZEHIC9554 Value: N
.pkhybm.com/	1970-01-19 16:20:59	Name: __utmz Value: 66583855.1598291572.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
pkhybm.com/	1970-01-19 11:58:11	Name: __zjc4691 Value: 5021181051
.pkhybm.com/	1969-12-31 23:59:59	Name: __utmc Value: 66583855
.pkhybm.com/	1970-01-20 05:29:23	Name: __utma Value: 66583855.1112997220.1598291572.1598291572.1598291572.1
pkhybm.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5805f576d708aa326675fd702363b0f6

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	debug	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: [bugsnag] Loaded!
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: [JoinForm]: Loaded!
console-api	debug	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: [bugsnag] Loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
d2wy8f7a9ursnm.cloudfront.net
fastpx.com
fc845.registersafely.com
fonts.googleapis.com
fonts.gstatic.com
geoip.joinsafelyonline.com
matchmilfytindi.pro
safelydatesnow.com
sessions.bugsnag.com
www.ip2phrase.com
104.24.100.78
13.226.156.92
163.171.128.172
217.174.152.175
2600:1901:0:7a0b::
2606:4700:3031::681b:87fe
2606:4700:3033::ac43:c90f
2606:4700:3037::6812:3e9f
2606:4700::6812:e134
2a00:1450:4001:806::200a
2a00:1450:4001:81b::2003
04edcd1ddbff27af1eef53238da91f1ef4f8f3ce55cdfa40fe3b87c8ef1d18ec
055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
16d3d12f94cb57adf13852a17da9cd977b449c5abf0d1cd16651c907dc0f4e11
1b6718361c9a911793042df84a3d19f79fae7e68ec6ef9092e32d7a343d753b4
226f205ee4b13704203ed8d8d592f02a46f6ebca7ce4d91e703b7865ed9d3438
2d8cd14b5b08d2afce9a75082a712f562cd3a6a929bf1f0605daf5d82fb5bf88
3a93ddecc8a375bad785f131221a6be5370935d671937cd04040d3ceb7bb990e
428e401b117aed08b1a22f15eb7dec16ebce0ac867272231fd8255d3ecde526a
4cc1bd02b28598d27b11cee0547af926019025f422097b5bede2250ccbbdeb86
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4f588c6c199451241a8797f481752e52d159fa273a3c5dd2dbb32e2333cc9221
55d6228cff322eb2db74f31bd7b83f6a418aa9c19e6b9072c76c9c3dc280500d
5a7911d87a52df5f683fe94de9f6a1f4f49cf55bbbf13c8e29c7fe7a12a2eece
5b2c1054b5dceac7506f2179618b670a739c029c476eadde6ee35b568ea158e2
5d449f17ae7d103e430d8d87a911aff5e50d208ecedbb6c4f50c13529a543541
6825b92753d2d2ddd3fcbb3ec0481c2a48a93917f96e7758da2c330403b5740d
7079f269e445f9bf3e6405ff5638faeb17c7d21ff587775f16e3277099b85d95
754aee517dab7c5f6f77f944d43e85e34ed12d499bc043d6eb224a4159aae98c
8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2
922b90f38d297fb2f6a5f6edf5c248486e5a46b985d1a9d816a74cfafff2ed8a
a22f891861e26158a94810d08efac95a1651d6ef4af15a7cade5ea58d0e7af9d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ca7d262a9370115f0cb5af00ed49f738e43ab587246c6aef865f1894c891d7
b49cc2fccac3a3fa76f8f43cc5cca27e7484dd4093248995db801a6b0104312a
b83a146d7451334a489d778a8cb67cf66496098ca2f0c3066e9bc249f5a68371
be94d2d915cc3433bc9d2f13cdb86aa11e3301618dcd84940f5da0ca1a77a132
c295a9eab3939e1820a44376e4db9e0a33ea87f657d944bd505dd744d90a664e
cae72a95ac795750a22d36837cf9edbddacd940a1c6e873ffe9a61042fb8b13a
cbb5159d48ae7b5693c5b824ccf66e502b1a4f835a26c8a823f29c3855327f8b
f412119f26180556b1eb9bff47a64eb7035d243a9f0c1c2a367d1800901afcf2
fc44a1d5b99728b5b22cc0fda4b250808675f83f32993c8214664ad09aed2613

safelydatesnow.com Open in urlscan Pro 2606:4700:3033::ac43:c90f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

64 %IPv6

11 Domains

11 Subdomains

10 IPs

3 Countries

1984 kBTransfer

2042 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safelydatesnow.com Open in urlscan Pro
2606:4700:3033::ac43:c90f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

1984 kB
Transfer

2042 kB
Size

8
Cookies

40 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!