urlscan.io logo urlscan.io
SecurityTrails logo

safedates.net Open in urlscan Pro
2606:4700:3035::6815:4bfe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://have.safemeetings.net/?a=6573&c=866&s1=Nes31ha
Effective URL: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Submission: On May 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3035::6815:4bfe, located in United States and belongs to CLOUDFLARENET, US. The main domain is safedates.net.
This is the only time safedates.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 3.215.70.119 14618 (AMAZON-AES)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2 163.171.128.172 54994 (QUANTILNE...)
11 207.120.33.13 3356 (LEVEL3)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
26 7
2    3.215.70.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-70-119.compute-1.amazonaws.com
have.safemeetings.net
click-connect.com
9    2606:4700:3035::6815:4bfe (United States)

ASN13335 (CLOUDFLARENET, US)
safedates.net
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, CA)
9e2722ab.registersafely.com
11    207.120.33.13 (United States)

ASN3356 (LEVEL3, US)
fvvlrwtst.com
geoip.registersafely.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 fvvlrwtst.com
fvvlrwtst.com
71 KB
9 safedates.net
safedates.net
115 KB
3 registersafely.com
9e2722ab.registersafely.com
geoip.registersafely.com
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
84 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1831
12 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 328
31 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 708
77 KB
1 click-connect.com
click-connect.com
834 B
1 safemeetings.net
have.safemeetings.net
270 B
26 10
Domain Requested by
10 fvvlrwtst.com safedates.net
fvvlrwtst.com
ajax.googleapis.com
9 safedates.net safedates.net
2 www.googletagmanager.com fvvlrwtst.com
2 9e2722ab.registersafely.com 2 redirects
1 www.google-analytics.com www.googletagmanager.com
1 ajax.aspnetcdn.com fvvlrwtst.com
1 ajax.googleapis.com fvvlrwtst.com
1 geoip.registersafely.com fvvlrwtst.com
1 code.jquery.com safedates.net
1 click-connect.com 1 redirects
1 have.safemeetings.net 1 redirects
26 11

This site contains no links.

Subject Issuer Validity Valid
fvvlrwtst.com
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
geoip.registersafely.com
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Frame ID: 9CE065AB94046E9C1DEDFB83E8CDC73F
Requests: 10 HTTP requests in this frame

Frame: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Frame ID: BBDBCDE2AE51DDD366258ED83508DE84
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Connect

Page URL History Show full URLs

  1. https://have.safemeetings.net/?a=6573&c=866&s1=Nes31ha HTTP 302
    https://click-connect.com/?a=6573&c=866&s1=Nes31ha&ckmguid=f6d5aeea-968d-4372-9753-9b146342a28a HTTP 302
    http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

62 %
HTTPS

56 %
IPv6

10
Domains

11
Subdomains

7
IPs

3
Countries

412 kB
Transfer

984 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://have.safemeetings.net/?a=6573&c=866&s1=Nes31ha HTTP 302
    https://click-connect.com/?a=6573&c=866&s1=Nes31ha&ckmguid=f6d5aeea-968d-4372-9753-9b146342a28a HTTP 302
    http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha HTTP 301
  • https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha HTTP 302
  • https://fvvlrwtst.com/user/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha&sitekey=4576d5408cf6acce&rtr=1&rtid=41838207159

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safedates.net/clickconnectwt/
Redirect Chain
  • https://have.safemeetings.net/?a=6573&c=866&s1=Nes31ha
  • https://click-connect.com/?a=6573&c=866&s1=Nes31ha&ckmguid=f6d5aeea-968d-4372-9753-9b146342a28a
  • http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29 PleskLin
Resource Hash
b05395663ea1263d8b3b7c91b00b0519a1b1b8f0baa997378ff146abea2d30ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7c3ae39a7c5b3a3d-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 May 2023 16:37:42 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wqntGgvPeqHomq2bbNSojr1Cqu7B1dGlxep4PNKwS3CetUCB5E8LgB0oYw7hOyF4nVpjYi50mDvZXiQD7rDhdxVIcJ920aHFZPSA4aBfid2%2F7UuH%2Bb3duBadOveNgRRD1eHU36ExVVecgy3"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.29 PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control
private
Connection
close
Content-Length
207
Content-Type
text/html; charset=utf-8
Date
Sun, 07 May 2023 16:37:41 GMT
Location
http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
main.css
safedates.net/clickconnectwt/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safedates.net/clickconnectwt/css/main.css
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
dac41a3d026f0c347b44b53ba60b4acb6fcaed1b559d4d77958d8bde0fd4c0e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:42 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 20 Jul 2017 17:27:14 GMT
Server
cloudflare
ETag
W/"5970e7f2-6563"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1RFaqhyAP4QmPVWqCF%2ByOAL8Os9%2FdS0oyp4LH%2FMMhPhW957S%2FalRlGgUFWSDocRxZImpWL%2BV%2FCdbSW6FEBfVnxjjduRP%2BOVqO4HWod1ou1FoNt7GUJOJoW7BBhaxvRLsfkny%2FSCoMGIraL%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
7c3ae39c4ed33a3d-FRA
animation_css.css
safedates.net/clickconnectwt/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safedates.net/clickconnectwt/css/animation_css.css
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
144af2c42e72d595a6afb42917a30c47e00f2401bbfefb7fbc17b8ecb60bc5a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:42 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 20 Jul 2017 17:04:08 GMT
Server
cloudflare
ETag
W/"5970e288-c35"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDt46ouSh7zrbLMtlu9OOMUeQ%2FL0U1acriAOptLNXEovQzf3eaJAwhg5lkMTpwBCxI7THLBhJq7SIlLqqHChF%2FQLJiqY4He2mbsImoV7of5uYaMLltOjdG58d09JEWcZ%2FxQvmqddqdPnUjzN"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
7c3ae39c48f9bb73-FRA
jquery-1.8.2.js
code.jquery.com/ 		259 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.8.2.js
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Protocol
HTTP/1.1
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://safedates.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Aug 2022 13:47:01 GMT
Server
nginx
ETag
W/"62f659d5-40c02"
Vary
Accept-Encoding
X-HW
1683477462.dop218.fr8.t,1683477462.cds162.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
78587
logo.png
safedates.net/clickconnectwt/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://safedates.net/clickconnectwt/images/logo.png
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
84b050aca834c23d5317ce92b6d8ca3760522ddd51601ae405d61809a19bd69c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:42 GMT
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6519
Last-Modified
Thu, 20 Jul 2017 17:25:58 GMT
Server
cloudflare
ETag
"5970e7a6-1977"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QawPcRJiYR13FcNGqmeM%2BbQTnrZcXfHl6JStSBkO%2FoGbztbY9EyYp1jmpqQFxbtoIpcv7uUV9%2BGYVgSbhmu1CL68mStEzPeZl7Mxd26GX0w43MSRNIzHvglCJ%2B6b%2B4%2F4%2FEDsg9oEmaSm4Igw"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7c3ae39ddb6abb73-FRA
/
fvvlrwtst.com/user/ Frame BBDB
Redirect Chain
  • http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha
  • https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha
  • https://fvvlrwtst.com/user/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha&sitekey=4576d5408cf6acce&rtr=1&rtid=41838207159
339 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/user/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha&sitekey=4576d5408cf6acce&rtr=1&rtid=41838207159
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
69c477c9aa6aabccc69590e225d0521c07ae4078fcff0896b96dcd80b7018bca

Request headers

Referer
http://safedates.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
277
content-type
text/html; charset=UTF-8
date
Sun, 07 May 2023 16:37:43 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
section-io-cache
Miss
section-io-id
a5b70a42ad7634424813a9884cc8bf40
vary
Accept-Encoding
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
x-varnish
2461429

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Sun, 07 May 2023 16:37:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://fvvlrwtst.com/user/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha&sitekey=4576d5408cf6acce&rtr=1&rtid=41838207159
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
waf/4.34.2-0.el7
x-via
1.1 PS-DFW-014Az146:9 (Cdn Cache Server V2.0), 1.1 kf160:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:16 (Cdn Cache Server V2.0)
x-ws-request-id
6457d3d7_PSdgflkfFRA1je97_30147-10365
main_bg.jpg
safedates.net/clickconnectwt/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://safedates.net/clickconnectwt/images/main_bg.jpg
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
190659656cf4ee28e7ec451e128a31cc8eb5045525445ddc34599d365aff99dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://safedates.net/clickconnectwt/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:43 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
21427
Last-Modified
Thu, 20 Jul 2017 17:04:16 GMT
Server
cloudflare
ETag
"5970e290-53b3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLXKxKd9nFFerXwL0O0iCoLAKfceXDYOl7Wh9lweez2VW7WgqQ8da66UwrjHjr0Zb24Y0xx8Kz7qcT%2BLEM5Gqw4OKuWfOGdbpX22qNEhIVmzCAOqlfq9ViPYGS2HVAIaqJGZ%2F8fdgE7pWTAI"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7c3ae39e9a193a3d-FRA
utsaah_0-webfont.woff2
safedates.net/clickconnectwt/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/clickconnectwt/fonts/utsaah_0-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4fede49d34df1973648ed99c04e320cff974dee80503e8e021a8ebba88c4466e

Request headers

Referer
http://safedates.net/clickconnectwt/css/main.css
Origin
http://safedates.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:43 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
18612
Last-Modified
Thu, 20 Jul 2017 17:04:15 GMT
Server
cloudflare
ETag
"5970e28f-48b4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEE7bLbUBtWo5wme8sWDrhXSslwjkyp0q7FyKo%2Fy%2BElutRgGaFoVbdpvmFuZQ6qRGGayuQAUkrMqnJ2Cvbj7Lxo1KsDOoGnbxUcDV6IFB1aI0gCly8YbFWPHB5g05lnzzS2GGQTSARuMB3Sg"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7c3ae39eaed41994-FRA
opensans-bold-webfont.woff2
safedates.net/clickconnectwt/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/clickconnectwt/fonts/opensans-bold-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
440037c1f1d101173021fecf3894478fdc075bd9e3f44f63d2fbb000d8d5bd69

Request headers

Referer
http://safedates.net/clickconnectwt/css/main.css
Origin
http://safedates.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:43 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
19480
Last-Modified
Thu, 20 Jul 2017 17:04:10 GMT
Server
cloudflare
ETag
"5970e28a-4c18"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocNxQ1M80zmf7Z6qPL7Cj4EzWb3jSV3fCQuu070%2FsRuX6BX8rsNq3hjjjv7ytJF%2FpQzIEoXm1THXnNRM7zOLwMMHPITkUcLAL6CARDtSGgOo3D1sK6nWo7lBRGHLnKP2SEhOuywoDl2Tr5qK"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7c3ae39eab741c32-FRA
opensans-semibold-webfont.woff2
safedates.net/clickconnectwt/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/clickconnectwt/fonts/opensans-semibold-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3430860f3bc99112e3fcd4f6468331688312497c95afda9853cd8d44afddc9b3

Request headers

Referer
http://safedates.net/clickconnectwt/css/main.css
Origin
http://safedates.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:43 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
18972
Last-Modified
Thu, 20 Jul 2017 17:04:13 GMT
Server
cloudflare
ETag
"5970e28d-4a1c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iM959Xvq7uYDMbzS68d3lvE%2F253un2rMCqThEAdTtg81x42aQFzDhov5nK9aweyV%2FT7cAsA5e8dO9Q9B9fJipz3uhRwRdc4mGrrcf0iw3vWWFWmb8dYK9mPkXJe%2BzjV7ojek4P9lpvVz0cP8"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7c3ae39eabb25c92-FRA
opensans-regular-webfont.woff2
safedates.net/clickconnectwt/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/clickconnectwt/fonts/opensans-regular-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
27bce382dc57da3b801dac7bd4778b48c5c9ee0704642a63186cd2072e4f5ec2

Request headers

Referer
http://safedates.net/clickconnectwt/css/main.css
Origin
http://safedates.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 16:37:43 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
18764
Last-Modified
Thu, 20 Jul 2017 17:04:11 GMT
Server
cloudflare
ETag
"5970e28b-494c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ix5GiQHF4dSUa%2FoYVfxLOPAudNCNSTFLfgKN5fHGF0mp%2FT8%2F8KfQYXQQkBRNOUmIUtg%2BW5oMjASjmJ54%2FiOJO0M0samPeJRMOtduoBQKrSmyDeGMNNi9%2FceznyTC%2F22R8b6R0%2FBsLtVr%2FHea"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7c3ae39eaeed9bbe-FRA
/
fvvlrwtst.com/user/ Frame BBDB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Requested by
Host: safedates.net
URL: http://safedates.net/clickconnectwt/?x_r=39786189&x_o=589&x_a=6573&x_c=Nes31ha
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
b0da36403935d19dd1abf28a0b0a084e1bbe16b70a830812d922cd2989afe22f

Request headers

Referer
https://fvvlrwtst.com/user/?ofid=18&a_aid=9e2722ab&a_bid=e941c9af&x_o=589&x_r=39786189&x_a=6573&x_c=Nes31ha&sitekey=4576d5408cf6acce&rtr=1&rtid=41838207159
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
content-encoding
gzip
content-length
3816
content-type
text/html; charset=UTF-8
date
Sun, 07 May 2023 16:37:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
section-io-cache
Miss
section-io-id
c19233725be13310c0fd6c40c2672d44
vary
Accept-Encoding
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
x-varnish
2925266
/
geoip.registersafely.com/ Frame BBDB 		402 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.registersafely.com/?v=1
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
94b20ef14e38221f2ea10163432508f8aef846b366535655af472bd9cffbb9e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 16:37:44 GMT
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
content-encoding
gzip
age
0
vary
Accept-Encoding
x-varnish
1184539
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
section-io-cache
Miss
section-io-id
d0610fa1a1d28745049acc7284b71535
expires
0
sl_pink.css
fvvlrwtst.com/common_tpls/compact/css/ Frame BBDB 		129 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/common_tpls/compact/css/sl_pink.css
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
038e12b14c1d951ddee7e3845c878237990982d9ee32ad5c4259f4f1c7d904c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
content-encoding
gzip
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
last-modified
Thu, 25 Feb 2016 16:37:54 GMT
age
0
etag
W/"56cf2de2-203ff"
vary
Accept-Encoding
x-varnish
1381690
content-type
text/css
accept-ranges
bytes
section-io-cache
Miss
section-io-id
2d45eaf4e60ee798e2420e3efafd34f1
content-length
27148
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame BBDB 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fvvlrwtst.com/
Origin
https://fvvlrwtst.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 22:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 22:35:14 GMT
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ Frame BBDB 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CA) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fvvlrwtst.com/
Origin
https://fvvlrwtst.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12928062
x-cache
HIT
content-length
12247
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (ama/48CA)
etag
"194598e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
fvvlrwtst.com/common_tpls/js/ Frame BBDB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
section-io-cache-id
b5f57ff3cb934b4010270cf12b512cb9
last-modified
Fri, 18 Nov 2022 21:23:38 GMT
age
6488
etag
W/"6377f7da-ed7"
vary
Accept-Encoding
x-varnish
2925268 3146320
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
600f9ac2dc71fdbb065e6876eacc0da8
validate_form_v2.js
fvvlrwtst.com/common_tpls/js/ Frame BBDB 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/common_tpls/js/validate_form_v2.js?jsv=24
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
via
1.1 varnish-977b4d767-blp47 (Varnish/7.2)
section-io-cache-id
3d6ea101c55a076e2501b325ca1be74c
last-modified
Mon, 13 Feb 2023 23:40:03 GMT
age
6457
etag
W/"63eaca53-63ed"
vary
Accept-Encoding
x-varnish
991905 787181
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
8d0c342e4b3541d1f929705ca9c80d2f
ajax-loader.gif
fvvlrwtst.com/common_tpls/images/ Frame BBDB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fvvlrwtst.com/common_tpls/images/ajax-loader.gif
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
section-io-cache-id
5d7f22d2e2c54176e1dc0e48f2ab919d
last-modified
Mon, 07 Oct 2013 22:49:23 GMT
age
6457
etag
"52533a73-c88"
x-varnish
1184538 950732
content-type
image/gif
accept-ranges
bytes
section-io-cache
Hit
section-io-id
28df1022fe543af8ecc24dce629470b5
content-length
3208
iframeResizer.contentWindow.min.js
fvvlrwtst.com/common_tpls/js/ Frame BBDB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
via
1.1 varnish-977b4d767-blp47 (Varnish/7.2)
section-io-cache-id
d137162d46a5e69c24d84052d531e19c
last-modified
Thu, 04 Feb 2016 15:06:03 GMT
age
6564
etag
W/"56b368db-3445"
vary
Accept-Encoding
x-varnish
661488 917885
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
5374248c361f3bff7dd9c27f92e12647
js
www.googletagmanager.com/gtag/ Frame BBDB 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8fc7269687f165c216e110a6e056221345468a3146e55f3cda6cfa355219813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45868
x-xss-protection
0
last-modified
Sun, 07 May 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 May 2023 16:37:44 GMT
gtm.js
www.googletagmanager.com/ Frame BBDB 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60a67026ea0a8dcdb451dd40c8ac3f954f0ca5da60b0a3ea4dbed46db3a83b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39857
x-xss-protection
0
last-modified
Sun, 07 May 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 May 2023 16:37:44 GMT
analytics.js
www.google-analytics.com/ Frame BBDB 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 May 2023 16:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
126
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 07 May 2023 18:35:39 GMT
btn_sl_pink.png
fvvlrwtst.com/common_tpls/images/ Frame BBDB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fvvlrwtst.com/common_tpls/images/btn_sl_pink.png
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/common_tpls/compact/css/sl_pink.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
d47418e38b6fd627f3503c3c4fc124440d04c3584879fe1fbfc766675995e922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fvvlrwtst.com/common_tpls/compact/css/sl_pink.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:45 GMT
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
last-modified
Thu, 25 Feb 2016 16:37:54 GMT
age
0
etag
"56cf2de2-12fd"
x-varnish
2925275
content-type
image/png
accept-ranges
bytes
section-io-cache
Miss
section-io-id
da477d5d1c2d6b1a89ef9555b8dccb02
content-length
4861
glyphicons-halflings-regular.woff2
fvvlrwtst.com/common_tpls/common/fonts/ Frame BBDB 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: fvvlrwtst.com
URL: https://fvvlrwtst.com/common_tpls/compact/css/sl_pink.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://fvvlrwtst.com/common_tpls/compact/css/sl_pink.css
Origin
https://fvvlrwtst.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:45 GMT
via
1.1 varnish-977b4d767-blp47 (Varnish/7.2)
last-modified
Wed, 15 Apr 2015 00:29:46 GMT
age
0
etag
"552db0fa-466c"
x-varnish
1383389
content-type
application/octet-stream
accept-ranges
bytes
section-io-cache
Miss
section-io-id
d44c6575dc4521d62a40b87c1356db90
content-length
18028
/
fvvlrwtst.com/user/trk/ Frame BBDB 		21 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fvvlrwtst.com/user/trk/?rtid=41838207159
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.13 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
b9060f2a5746047e335fa36603b3be8301fcaeebfe6fc2573c015a12a126e3e2

Request headers

Accept
*/*
Referer
https://fvvlrwtst.com/user/?SID=bc808c4a85471da2dbc39649d0fab888
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 16:37:45 GMT
via
1.1 varnish-977b4d767-s89tm (Varnish/7.2)
age
0
content-type
text/json;charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish
2891922
cache-control
no-store, no-cache, must-revalidate
section-io-cache
Miss
section-io-id
e786f4f10e5ba29c8bfded60aac87b6e
content-length
21
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| blinkeffect

6 Cookies

Domain/Path Name / Value
.click-connect.com/ Name: sid
Value: RQmOGlx67kG0TfKB3JePU9fRL/KYBnM6P+PX1vn5sVrDwJdWvmOBdA==
.click-connect.com/ Name: trk
Value: FMEenGbkxju0TfKB3JePU9fRL/KYBnM6P+PX1vn5sVrDwJdWvmOBdA==
.click-connect.com/ Name: c589
Value: RQmOGlx67kHyfGwYYMUYp0boMfyO+qQcoOTtZ5J6f9KrLz5g0fmFzQ==
safedates.net/ Name: PHPSESSID
Value: kpildev95clf82bc5f2evbu1rr
9e2722ab.registersafely.com/ Name: PHPSESSID
Value: d53692a4944de4c140228aa2452edbda
fvvlrwtst.com/ Name: PHPSESSID
Value: bc808c4a85471da2dbc39649d0fab888

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e2722ab.registersafely.com
ajax.aspnetcdn.com
ajax.googleapis.com
click-connect.com
code.jquery.com
fvvlrwtst.com
geoip.registersafely.com
have.safemeetings.net
safedates.net
www.google-analytics.com
www.googletagmanager.com
152.199.19.160
163.171.128.172
2001:4860:4802:36::178
2001:4de0:ac18::1:a:1b
207.120.33.13
2606:4700:3035::6815:4bfe
2a00:1450:4001:806::200a
2a00:1450:4001:811::2008
3.215.70.119
038e12b14c1d951ddee7e3845c878237990982d9ee32ad5c4259f4f1c7d904c1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
144af2c42e72d595a6afb42917a30c47e00f2401bbfefb7fbc17b8ecb60bc5a0
190659656cf4ee28e7ec451e128a31cc8eb5045525445ddc34599d365aff99dd
27bce382dc57da3b801dac7bd4778b48c5c9ee0704642a63186cd2072e4f5ec2
3430860f3bc99112e3fcd4f6468331688312497c95afda9853cd8d44afddc9b3
440037c1f1d101173021fecf3894478fdc075bd9e3f44f63d2fbb000d8d5bd69
4fede49d34df1973648ed99c04e320cff974dee80503e8e021a8ebba88c4466e
60a67026ea0a8dcdb451dd40c8ac3f954f0ca5da60b0a3ea4dbed46db3a83b6d
69c477c9aa6aabccc69590e225d0521c07ae4078fcff0896b96dcd80b7018bca
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef
84b050aca834c23d5317ce92b6d8ca3760522ddd51601ae405d61809a19bd69c
94b20ef14e38221f2ea10163432508f8aef846b366535655af472bd9cffbb9e5
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0
b05395663ea1263d8b3b7c91b00b0519a1b1b8f0baa997378ff146abea2d30ec
b0da36403935d19dd1abf28a0b0a084e1bbe16b70a830812d922cd2989afe22f
b9060f2a5746047e335fa36603b3be8301fcaeebfe6fc2573c015a12a126e3e2
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a
d47418e38b6fd627f3503c3c4fc124440d04c3584879fe1fbfc766675995e922
dac41a3d026f0c347b44b53ba60b4acb6fcaed1b559d4d77958d8bde0fd4c0e3
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fc7269687f165c216e110a6e056221345468a3146e55f3cda6cfa355219813
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c