the-get-yourlady.com Open in urlscan Pro
5.101.45.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://teekfenbank.cf/
Effective URL:
https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2021, 12:26:49 am UTC) — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 25 domains to perform 45 HTTP transactions. The main IP is 5.101.45.5, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is the-get-yourlady.com.
TLS certificate: Issued by R3 on October 7th 2021. Valid for: 3 months.

This is the only time the-get-yourlady.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3032::ac43:d13f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	184.24.10.14 184.24.10.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:224a:e400:1d:b722:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	138.201.205.53 138.201.205.53	24940 (HETZNER-AS) (HETZNER-AS)
1	185.219.238.38 185.219.238.38	41000 (FREETHOUG...) (FREETHOUGHT-AS)
2	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	217.160.0.129 217.160.0.129	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	5.35.241.235 5.35.241.235	20773 (GODADDY) (GODADDY)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:1f17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
10	5.101.45.5 5.101.45.5	209813 (FASTCONTENT) (FASTCONTENT)
45	16

9 2606:4700:3032::ac43:d13f (United States)

ASN13335 (CLOUDFLARENET, US)

teekfenbank.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (United States)

ASN2635 (AUTOMATTIC, US)

venturebeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.10.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-10-14.deploy.static.akamaitechnologies.com

www.telegraph.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:e400:1d:b722:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.images.express.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.205.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn.ligainsider.de

cdn.ligainsider.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.219.238.38 (United Kingdom)

ASN41000 (FREETHOUGHT-AS, GB)
PTR: watergate.cloudabove.com

www.decisionmarketing.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

static.independent.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.0.129 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-129.elastic-ssl.ui-r.com

ap-verlag.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.35.241.235 (Strasbourg, France)

ASN20773 (GODADDY, DE)
PTR: lvps5-35-241-235.dedicated.hosteurope.de

www.single-ratgeber.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

images.sk-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:1f17 (United States)

ASN13335 (CLOUDFLARENET, US)

algosit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 5.101.45.5 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

the-get-yourlady.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	the-get-yourlady.com the-get-yourlady.com	317 KB
9	teekfenbank.cf teekfenbank.cf	65 KB
3	gstatic.com fonts.gstatic.com	74 KB
2	googleapis.com fonts.googleapis.com	3 KB
2	independent.co.uk static.independent.co.uk	370 KB
2	facebook.com 1 redirects www.facebook.com	2 KB
1	algosit.com algosit.com	1 KB
1	sk-static.com images.sk-static.com	36 KB
1	single-ratgeber.net www.single-ratgeber.net	91 KB
1	ap-verlag.de ap-verlag.de	409 KB
1	decisionmarketing.co.uk www.decisionmarketing.co.uk	54 KB
1	ligainsider.de cdn.ligainsider.de	89 KB
1	express.co.uk cdn.images.express.co.uk	23 KB
1	telegraph.co.uk www.telegraph.co.uk	143 KB
1	fbsbx.com 1 redirects lookaside.fbsbx.com	2 KB
1	venturebeat.com venturebeat.com	15 KB
0	eonline.com Failed akns-images.eonline.com Failed
0	bestcellphonespying.com Failed bestcellphonespying.com Failed
0	googleusercontent.com Failed lh3.googleusercontent.com Failed
0	arrests.org Failed tennessee.arrests.org Failed
0	sandandpearl.com Failed sandandpearl.com Failed
0	badoocdn.com Failed pd1eu.badoocdn.com Failed
0	gigaherz.net Failed www.gigaherz.net Failed
0	jedinews.co.uk Failed www.jedinews.co.uk Failed
0	bestinau.com.au Failed bestinau.com.au Failed
45	25

	Domain	Requested by
10	the-get-yourlady.com	algosit.com the-get-yourlady.com
9	teekfenbank.cf	teekfenbank.cf
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	teekfenbank.cf the-get-yourlady.com
2	static.independent.co.uk	teekfenbank.cf
2	www.facebook.com	1 redirects teekfenbank.cf
1	algosit.com	teekfenbank.cf
1	images.sk-static.com	teekfenbank.cf
1	www.single-ratgeber.net	teekfenbank.cf
1	ap-verlag.de	teekfenbank.cf
1	www.decisionmarketing.co.uk	teekfenbank.cf
1	cdn.ligainsider.de	teekfenbank.cf
1	cdn.images.express.co.uk	teekfenbank.cf
1	www.telegraph.co.uk	teekfenbank.cf
1	lookaside.fbsbx.com	1 redirects
1	venturebeat.com	teekfenbank.cf
0	akns-images.eonline.com Failed	teekfenbank.cf
0	bestcellphonespying.com Failed	teekfenbank.cf
0	lh3.googleusercontent.com Failed	teekfenbank.cf
0	tennessee.arrests.org Failed	teekfenbank.cf
0	sandandpearl.com Failed	teekfenbank.cf
0	pd1eu.badoocdn.com Failed	teekfenbank.cf
0	www.gigaherz.net Failed	teekfenbank.cf
0	www.jedinews.co.uk Failed	teekfenbank.cf
0	bestinau.com.au Failed	teekfenbank.cf
45	25

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-14` - `2022-10-13`	a year	crt.sh
venturebeat.com R3	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
www.telegraph.co.uk DigiCert SHA2 Secure Server CA	`2021-10-08` - `2022-06-13`	8 months	crt.sh
cdn.images.express.co.uk Amazon	`2021-08-24` - `2022-09-22`	a year	crt.sh
cdn.ligainsider.de R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
decisionmarketing.co.uk cPanel, Inc. Certification Authority	`2021-08-14` - `2021-11-12`	3 months	crt.sh
*.independent.co.uk GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
www.ap-verlag.de GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-03` - `2022-03-16`	a year	crt.sh
single-ratgeber.net R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.sk-static.com R3	`2021-09-18` - `2021-12-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
the-get-yourlady.com R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Frame ID: 7CC60A365C258B510FF808977F90F370
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zum scheissen heute Frauen aus deiner Umgebung

Page URL History Show full URLs

https://teekfenbank.cf/ Page URL
https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

45
Requests

80 %
HTTPS

44 %
IPv6

25
Domains

25
Subdomains

16
IPs

5
Countries

1689 kB
Transfer

1959 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://teekfenbank.cf/ Page URL
https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=364854170677207 HTTP 302
https://www.facebook.com/orginaleBlondine/photos/a.364854204010537/476896229473000/?type=3&is_lookaside=1 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2ForginaleBlondine%2Fphotos%2Fa.364854204010537%2F476896229473000%2F%3Ftype%3D3%26is_lookaside%3D1

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
teekfenbank.cf/ 21 KB
7 KB 99ms
50ms Document
text/html 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe47721e55811525c9bd5ff555a49549135ae95b713a93307b6c00dc411f3f4

Request headers

:method: GET
:authority: teekfenbank.cf
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-type: text/html; charset=utf-8
last-modified: Sun, 08 Aug 2021 11:22:12 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lOHI2hL0acFUzvEdjfNA5iBGrzIBc3V%2FRpxuz416Lr8m%2BOovV%2BPjjH6p7X%2F4snlnoILpYTcpupuqxIFBQ1lbUHTEEBKkbaZn0MRLV7dTlqpHMMbCYcwsLHu4hwWHzTdtp2QBYEZu%2B%2BDjWLgVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69dcad85380b5b50-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.css
teekfenbank.cf/images/assets/css/ 32 KB
5 KB 42ms
41ms Stylesheet
text/css 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teekfenbank.cf/images/assets/css/main.css
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432

Request headers

:path: /images/assets/css/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Jan 2020 18:27:06 GMT
server: cloudflare
etag: W/"5e1cb67a-7f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIqEuHn7uj9MMsU4xoK2kfurbHmzbEnGQduZ0dIguj1Bio7lLYjh%2B64fFy9OoOLTPND2nNrvbxoSqVMIMHa%2F%2BVEP3KXSGFomLusMa9e%2BePI2e%2B84EpwKaBXRIlcqZShgZwXc8mZnvOAs3cbFjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69dcad85a85b5b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app-annie-forecast.jpg
venturebeat.com/wp-content/uploads/2016/11/ 15 KB
15 KB 140ms
91ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2016/11/app-annie-forecast.jpg?w=1200&strip=all

Requested by

Host: teekfenbank.cf
URL: https://teekfenbank.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

53d1b6c42de61e94ca2bc02db06a80ca0cb8f597169c420d49b7858f1473e11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
x-rq: hhn1 109 88 443
last-modified: Thu, 14 Oct 2021 00:26:43 GMT
server: nginx
etag: "ce62c9d0570e3a79"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 15498
expires: Fri, 14 Oct 2022 00:26:43 GMT

GET best-dating-apps-in-Australia.jpg
bestinau.com.au/wp-content/uploads/2020/03/ 0
0

GET logo_original-e1472744587649.png
www.jedinews.co.uk/wp-content/uploads/2016/07/ 0
0

GET
H2

200

/
www.facebook.com/login/
Redirect Chain

https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=364854170677207
https://www.facebook.com/orginaleBlondine/photos/a.364854204010537/476896229473000/?type=3&is_lookaside=1
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2ForginaleBlondine%2Fphotos%2Fa.364854204010537%2F476896229473000%2F%3Ftype%3D3%26is_lookaside%3D1

0
0

120ms
119ms

Image
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2ForginaleBlondine%2Fphotos%2Fa.364854204010537%2F476896229473000%2F%3Ftype%3D3%26is_lookaside%3D1
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.facebook.com *.fbsbx.com data:;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: S5R0PKMfbIaXq5pQEcrH7lNTO7SlmdNyl0J0ge1o94kdC1SloAV72mjT67uHJaRk5VHieiF0NxJAaLYAYBgdUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Oct 2021 00:26:43 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2ForginaleBlondine%2Fphotos%2Fa.364854204010537%2F476896229473000%2F%3Ftype%3D3%26is_lookaside%3D1
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mercedes-cls-review-xlarge-xlarge_trans_NvBQzQNjv4BqrWYeUU_H0zBKyvljOo6zlkYMapKPjdhyLnv9ax6_too.jpg
www.telegraph.co.uk/content/dam/motoring2/2015/12/02/ 143 KB
143 KB 315ms
201ms Image
image/jpeg 184.24.10.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telegraph.co.uk/content/dam/motoring2/2015/12/02/mercedes-cls-review-xlarge-xlarge_trans_NvBQzQNjv4BqrWYeUU_H0zBKyvljOo6zlkYMapKPjdhyLnv9ax6_too.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.10.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-10-14.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: gzip
x-check-cacheable: YES
server: Akamai Image Manager
etag: "278c6-5630e48b3fb00"
x-serial: 881
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-transform, max-age=31536000
last-modified: Sun, 07 Feb 2021 16:20:03 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=188

GET 1702.jpg
www.gigaherz.net/upload/ 0
0

GET sz___size__.jpg
pd1eu.badoocdn.com/p55/218/3/8/4/703137057/d3599/t1557940459/c_LEWKElFp45GUV7bbswOMrkYVCytQh20d4.cPvjwZzXxOLaOvr40Mdg/3599381/dfs_190x190/ 0
0

GET
H2 200 Windows-10-Hacked-UK-Release-Date-Price-Microsoft-Free-Desktop-Software-Upgrade-Hack-Online-Account-Windows-10-Free-App-Online-S-552767.jpg
cdn.images.express.co.uk/img/dynamic/59/590x/secondary/ 23 KB
23 KB 231ms
140ms Image
image/jpeg 2600:9000:224a:e400:1d:b722:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.images.express.co.uk/img/dynamic/59/590x/secondary/Windows-10-Hacked-UK-Release-Date-Price-Microsoft-Free-Desktop-Software-Upgrade-Hack-Online-Account-Windows-10-Free-App-Online-S-552767.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e400:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89779b56163dab32d4848b9b279b2a36c90560ec9b8d5d6bc5b238a329a554f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:44 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2016 08:10:30 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "7316ed1ef8b3460e9af158dbe204aa5d"
access-control-allow-methods: HEAD, GET, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=300
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 23254
x-amz-cf-id: AXBnToPF9Wm_W9noHHnJST7BvKp32G4ZNhTT5aBQSUWQdy8VUvgn6w==

GET Johnson4.jpg
sandandpearl.com/wp-content/uploads/2015/07/ 0
0

GET
H2 200 sebastian-rode-002.jpg
cdn.ligainsider.de/images/article/player/big/2019-2020/ 88 KB
89 KB 18ms
2ms Image
image/jpeg 138.201.205.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ligainsider.de/images/article/player/big/2019-2020/sebastian-rode-002.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.201.205.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.ligainsider.de
Software: nginx/1.14.2 /
Resource Hash: b3fe6a42001d4c33de7ad7235681a5392461b17fd154ce6d6478e8434602aac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
last-modified: Fri, 07 Jun 2019 08:06:50 GMT
server: nginx/1.14.2
etag: "5cfa1b1a-16183"
x-cache-status: EXPIRED
content-type: image/jpeg
cache-control: public, max-age=604800
content-length: 90499

GET
H2 200 Grindr.jpg
www.decisionmarketing.co.uk/wp-content/uploads/2020/01/ 53 KB
54 KB 223ms
50ms Image
image/jpeg 185.219.238.38
FREETHOUGHT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.decisionmarketing.co.uk/wp-content/uploads/2020/01/Grindr.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.219.238.38 , United Kingdom, ASN41000 (FREETHOUGHT-AS, GB),
Reverse DNS: watergate.cloudabove.com
Software: LiteSpeed /
Resource Hash: b38243567cc3b48d438eaffb712438dd82f21e28c70895fcc6b2a6bd6fed8935

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
last-modified: Wed, 15 Jan 2020 09:07:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 54525
expires: Thu, 21 Oct 2021 00:26:43 GMT

GET 2013-01-03_SOUTHERS-TEDRA-MARQUIS.jpg
tennessee.arrests.org/mugs/Hamilton/ 0
0

GET xAUsnGqEuLnPB6f7EJqeUdOCNJFw5LeBOk-ETU9BhxQCxwPQuDfxgIKzuou0XPYQZmty=h900
lh3.googleusercontent.com/ 0
0

GET
H2 200 woman-dating-app-photo.jpg
static.independent.co.uk/s3fs-public/thumbnails/image/2017/04/21/12/ 94 KB
95 KB 57ms
7ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.independent.co.uk/s3fs-public/thumbnails/image/2017/04/21/12/woman-dating-app-photo.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 020278f4f33a2d3ac808d89d82b39bae9e0d8f7848e17b0444195b9a44f2d339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 412060
x-cache: MISS, HIT
fastly-io-info: ifsz=96687 idim=1254x836 ifmt=jpeg ofsz=96687 odim=1254x836 ofmt=jpeg
xbe: shield_london_city_uk
fastly-stats: io=1
content-length: 96687
x-amz-id-2: 1fEi4RNdqrLDc7IvL5ZpAR78MWCmqa5Udquq50zR72QFkthw4m/YulO85cFLrUpJ7hTLoZRZO4I=
fastly-io-warning: Failed to shrink image
x-served-by: cache-lcy19272-LCY, cache-fra19171-FRA
server: AmazonS3
x-timer: S1634171204.648218,VS0,VE1
etag: "oLS32IzsrKdpeqROUWIz20ZtHOYlwZFSSg9KKtDwqUk"
x-amz-request-id: KS3M9M3NYASN1R0G
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 0, 1

GET girl-tinder-account.jpg
bestcellphonespying.com/wp-content/uploads/ 0
0

GET
H2 200 infografik-arxan-app-security.jpg
ap-verlag.de/clickandbuilds/WordPress/MyCMS4/wp-content/uploads/2016/01/ 408 KB
409 KB 167ms
94ms Image
image/jpeg 217.160.0.129
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap-verlag.de/clickandbuilds/WordPress/MyCMS4/wp-content/uploads/2016/01/infografik-arxan-app-security.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.160.0.129 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-129.elastic-ssl.ui-r.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
last-modified: Wed, 13 Jan 2016 05:31:46 GMT
server: Apache
accept-ranges: bytes
etag: "65fbb-529307c695480"
content-length: 417723
content-type: image/jpeg

GET
H/1.1 200
OK lovoo_login.jpg
www.single-ratgeber.net/wp-content/uploads/2015/10/ 90 KB
91 KB 81ms
16ms Image
image/jpeg 5.35.241.235
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.single-ratgeber.net/wp-content/uploads/2015/10/lovoo_login.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.35.241.235 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: lvps5-35-241-235.dedicated.hosteurope.de
Software: Apache / PleskLin
Resource Hash: 9efdd68f038d8b653d9a0f8dbed271d09eab694095d6218aa0cb9b7120371a41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:43 GMT
Referrer-Policy
Last-Modified: Wed, 23 Aug 2017 06:37:19 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 92590
ETag: "169ae-55765f1904051"
Expires: Sat, 13 Nov 2021 00:26:43 GMT

GET rs_300x300-160318114554-600.Bumble-Election-Filters.1.ms.031816.jpg
akns-images.eonline.com/eol_images/Entire_Site/2016218/ 0
0

GET
H2 200 huge_avatar
images.sk-static.com/images/media/profile_images/artists/379603/ 36 KB
36 KB 113ms
7ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.sk-static.com/images/media/profile_images/artists/379603/huge_avatar
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly/EU-East/FRA/cache-fra19143-FRA /
Resource Hash: fd3948289db277f5050354461107dcad0fbe8a979922bed448daf797d62f0a31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: epnlLY6nWsT1JBeuW0gIsBxbnuTMw5us
via: 1.1 varnish
server: Fastly/EU-East/FRA/cache-fra19143-FRA
age: 189786
date: Thu, 14 Oct 2021 00:26:43 GMT
x-cache: HIT
content-type
cache-control: max-age=3600
accept-ranges: bytes
content-length: 36746
x-cache-hits: 1

GET
H2 200 546163-0yi20-9582-002-100-0000-light-screener-leather-sneaker.jpg
static.independent.co.uk/s3fs-public/thumbnails/image/2019/02/13/15/ 274 KB
275 KB 9ms
8ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.independent.co.uk/s3fs-public/thumbnails/image/2019/02/13/15/546163-0yi20-9582-002-100-0000-light-screener-leather-sneaker.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3bbb8c96af2bc35c31c95059504de91ba0697b0614534c243a110e2189f48952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 1579688
x-cache: HIT, HIT
fastly-io-info: ifsz=280914 idim=2376x1584 ifmt=jpeg ofsz=280914 odim=2376x1584 ofmt=jpeg
xbe: shield_london_city_uk
fastly-stats: io=1
content-length: 280914
x-amz-id-2: IqgtjqOv7awFhu7wG4vFJl1VWsq3c24tjS3sQn2URLsLwiQL1Vy6/QqhtGRwV/JYMKqOXw73qGQ=
fastly-io-warning: Failed to shrink image
x-served-by: cache-lcy19257-LCY, cache-fra19171-FRA
server: AmazonS3
x-timer: S1634171204.667207,VS0,VE2
etag: "2yTEiepTMVCXE3Qc+70+OGyHyTeiCY1ScLbY/q010Y0"
x-amz-request-id: Z3JCXNY4PEM8PMR8
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 pic2.jpg
teekfenbank.cf/images/ 9 KB
9 KB 51ms
50ms Image
image/jpeg 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teekfenbank.cf/images/pic2.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb

Request headers

:path: /images/pic2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9218
last-modified: Mon, 13 Jan 2020 09:38:40 GMT
server: cloudflare
etag: "5e1c3aa0-2402"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jils6nQPAkz0sPS9tTha6pyQ5LQ3q%2Bm1a7G8a6skcvWm42N7Ar%2B3NE6iRCDhqcKpR1aE%2B1lY1vbwy33ybm8WW6ZySINWBFDLthKK4w00tZQkFirJAALVNkbK7rTR6AKNYEQrNiTD1wmHGCYWRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69dcad85b8695b50-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pic1.jpg
teekfenbank.cf/images/ 5 KB
5 KB 35ms
34ms Image
image/jpeg 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teekfenbank.cf/images/pic1.jpg
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b

Request headers

:path: /images/pic1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5021
last-modified: Mon, 13 Jan 2020 09:35:22 GMT
server: cloudflare
etag: "5e1c39da-139d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBnSV3vCHv7L6Fv7Zo7obxoD%2Fu62lZFBmHCdyKNePK%2BdrsMIC0tCa4fHNcAye7F1hW98RGCz2GV4VNP0W%2BSwxV8SBlCKf6o1RfdDa7amm%2BSqOmSVcGkh7Q6M%2F41fp7PoZgE60Zdups8Nzv0iEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69dcad85b86a5b50-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
teekfenbank.cf/images/assets/js/ 86 KB
31 KB 68ms
63ms Script
application/javascript 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teekfenbank.cf/images/assets/js/jquery.min.js
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path: /images/assets/js/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcrGcvhkPGNf6xjPImxJhSeSyXDladx3MExryOnka9Rhvl6NPxpSOiYijJgSZxHNKzjERNlS2j8saz%2FsUVnkrG8%2FNyCEvvAbypWIfjrXr%2FnH9%2FF3%2BlcwLz%2BQ6eJiRQaR6RUwoV%2BBT%2BGBKXK01g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69dcad85b8635b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 browser.min.js Show response
teekfenbank.cf/images/assets/js/ 2 KB
1 KB 43ms
38ms Script
application/javascript 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teekfenbank.cf/images/assets/js/browser.min.js
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4

Request headers

:path: /images/assets/js/browser.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-73b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C4WO44X6kHFUQnlR6DnjhWw0VR9XhH4zsxvKYEwApuKTNLcYmMInaoVcvcQkojaMHhyxQ%2Bm6MkdXU9NXbysICMvBDSc1PGkrDZ8Gq4GdDGbt4%2FSNQTsxnYNQJ0LNn7wY1Mf9RpD8B4amBgZjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69dcad85b8655b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 breakpoints.min.js Show response
teekfenbank.cf/images/assets/js/ 2 KB
1 KB 39ms
35ms Script
application/javascript 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teekfenbank.cf/images/assets/js/breakpoints.min.js
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

:path: /images/assets/js/breakpoints.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNIdTrHTa6pEduEvfOFkesEj94c%2BTh2kq6%2BZlM7v87bmIf7Mse7KGEvGaI%2BpMQerHFzZvJlryhw%2Bvj9GaDoPKfVvooVQMR8%2B%2Blkjp06wTMKvozHYtekNTQ1xcBsNeW8SSG5TdrcJZL8Rie915g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69dcad85b8665b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 util.js Show response
teekfenbank.cf/images/assets/js/ 12 KB
4 KB 38ms
33ms Script
application/javascript 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teekfenbank.cf/images/assets/js/util.js
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

:path: /images/assets/js/util.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-3091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT6IQqoNGjMeTA%2FkhXjhtXq35%2Btcqv7gWaSJ%2F9k56d44gdHXBYe3VouOTVk0Bifcd4bBxDUpR6URLZrATyPtMeq%2Bi9uhvzrd%2Bjzs7H4eHTEqYaPSz0GzGOzHAs0qkNpe1sE84Ee2dM1DayTWMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69dcad85b8675b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
teekfenbank.cf/images/assets/js/ 1 KB
1 KB 55ms
50ms Script
application/javascript 2606:4700:3032::ac43:d13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teekfenbank.cf/images/assets/js/main.js
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c

Request headers

:path: /images/assets/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: teekfenbank.cf
referer: https://teekfenbank.cf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rZjbe5jSvkkoxEZNPZtL%2FtNpt4qxwox9rJXDIkPrnqX%2FGn4f7cOc%2FRu3jqsErJICAXuqT%2BjeqwBBSxMrQsUmPJAQbdAyaER%2BrTzocDVWl4BjJ2mRcRJ%2FgtTaoeIbJ5PHFvvf9dq5jvjdnr1PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69dcad85b8685b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Requested by

Host: teekfenbank.cf
URL: https://teekfenbank.cf/images/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

288f01b9601681ec39f2cf7242e0d23780310021fe2fee8e6272f8ed37ab67d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 22:51:52 GMT
server: ESF
date: Thu, 14 Oct 2021 00:26:43 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 00:26:43 GMT

GET
H2 200 KjXhYN
algosit.com/ 462 B
1 KB 96ms
71ms Script
application/javascript 2606:4700:3031::6815:1f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algosit.com/KjXhYN?se_referrer=&default_keyword=Kostenlose%20dating-apps%20uk%202020&&frm610bbd2f3af8d=script610bbd2f3af8e&_cid=a53f2f4c-ef52-b491-035a-6baf9ce8e7ad
Requested by: Host: teekfenbank.cf
URL: https://teekfenbank.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 00:26:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 14 Oct 2021 00:26:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY6MsdH7%2B3xFjxz4S6woB4gu2cHqbf5gDYwRVT4KymCYaQW%2BgrEet3QjeItamSDJD%2FEhhiauYNpOMKhK3Yn9xqk87wm7ezuglZlpqtx%2B7z4%2F2BXcQTxf1Q1TAyi6vWGVMnRjIoW82451Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-ray: 69dcad874ae4695e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: 0

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v11/ 28 KB
29 KB 36ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v11/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dbbd6cea03d1ecfbf65dc139b3cc03c52479ea3bf5fa8221822e478179e5ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://teekfenbank.cf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 22:06:24 GMT
x-content-type-options: nosniff
age: 8419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28608
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:21:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 22:06:24 GMT

GET
H/1.1 200
OK Primary Request Cookie set / Show response
the-get-yourlady.com/ 7 KB
3 KB 145ms
38ms Document
text/html 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Requested by: Host: algosit.com
URL: https://algosit.com/KjXhYN?se_referrer=&default_keyword=Kostenlose%20dating-apps%20uk%202020&&frm610bbd2f3af8d=script610bbd2f3af8e&_cid=a53f2f4c-ef52-b491-035a-6baf9ce8e7ad
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 16e27d839ae7912e18b21fa97935e5aa2dec94477b41e4170ab1b160534c046c

Request headers

Host: the-get-yourlady.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://teekfenbank.cf/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://teekfenbank.cf/

Response headers

Server: nginx
Date: Thu, 14 Oct 2021 00:26:43 GMT
Content-Type: text/html
Content-Length: 2385
Connection: keep-alive
Cache-Control: private no-transform
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo; path=/

GET
H/1.1 200
OK animate.min.css
the-get-yourlady.com/media/dating/toon2/css/ 52 KB
4 KB 30ms
30ms Stylesheet
text/css 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/media/dating/toon2/css/animate.min.css
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-ce35"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK style.css
the-get-yourlady.com/media/dating/toon2/css/ 8 KB
2 KB 115ms
32ms Stylesheet
text/css 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/media/dating/toon2/css/style.css
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-21a0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK js.cookie.js Show response
the-get-yourlady.com/cookie/ 4 KB
2 KB 111ms
29ms Script
application/javascript 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/cookie/js.cookie.js
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:38:46 GMT
Server: nginx
ETag: W/"60a506d6-10a8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK utils.js Show response
the-get-yourlady.com/util/ 7 KB
3 KB 113ms
30ms Script
application/javascript 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/util/utils.js
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Mon, 21 Jun 2021 15:49:01 GMT
Server: nginx
ETag: W/"60d0b4ed-1d57"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK 123.jpg
the-get-yourlady.com/media/dating/toon2/images/ 175 KB
166 KB 117ms
32ms Image
image/jpeg 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://the-get-yourlady.com/media/dating/toon2/images/123.jpg
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-2bbe8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
the-get-yourlady.com/media/dating/toon2/js/ 84 KB
29 KB 119ms
37ms Script
application/javascript 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK bb.js Show response
the-get-yourlady.com/media/ 639 B
642 B 110ms
28ms Script
application/javascript 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/media/bb.js
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:39:28 GMT
Server: nginx
ETag: W/"60a50700-27f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK exit1.js Show response
the-get-yourlady.com/media/exit-new/ 3 KB
1 KB 111ms
28ms Script
application/javascript 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://the-get-yourlady.com/media/exit-new/exit1.js
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/?u=8bfp605&o=4f30vvg&cid=3u4uhlq2t6v0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Mon, 31 May 2021 11:57:39 GMT
Server: nginx
ETag: W/"60b4cf33-d91"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/media/dating/toon2/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc17d3608f188d7362bb4f59bd8dcac681a257cb394e02769b291e452ebb4be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 22:38:59 GMT
server: ESF
date: Thu, 14 Oct 2021 00:26:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 00:26:44 GMT

GET
H/1.1 200
OK bg.jpg
the-get-yourlady.com/media/dating/toon2/images/ 117 KB
108 KB 114ms
32ms Image
image/jpeg 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://the-get-yourlady.com/media/dating/toon2/images/bg.jpg
Requested by: Host: the-get-yourlady.com
URL: https://the-get-yourlady.com/media/dating/toon2/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://the-get-yourlady.com/media/dating/toon2/css/style.css
Cookie: sid=t1~iy5u31q0z42bfw54zg1inweo
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://the-get-yourlady.com/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 00:26:44 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-1d3ca"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 159216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 04:13:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://the-get-yourlady.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 323218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 06:39:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bestinau.com.au
URL: https://bestinau.com.au/wp-content/uploads/2020/03/best-dating-apps-in-Australia.jpg

Domain: www.jedinews.co.uk
URL: https://www.jedinews.co.uk/wp-content/uploads/2016/07/logo_original-e1472744587649.png

Domain: www.gigaherz.net
URL: https://www.gigaherz.net/upload/1702.jpg

Domain: pd1eu.badoocdn.com
URL: https://pd1eu.badoocdn.com/p55/218/3/8/4/703137057/d3599/t1557940459/c_LEWKElFp45GUV7bbswOMrkYVCytQh20d4.cPvjwZzXxOLaOvr40Mdg/3599381/dfs_190x190/sz___size__.jpg?jpegq=80&wp=1

Domain: sandandpearl.com
URL: https://sandandpearl.com/wp-content/uploads/2015/07/Johnson4.jpg

Domain: tennessee.arrests.org
URL: https://tennessee.arrests.org/mugs/Hamilton/2013-01-03_SOUTHERS-TEDRA-MARQUIS.jpg

Domain: lh3.googleusercontent.com
URL: https://lh3.googleusercontent.com/xAUsnGqEuLnPB6f7EJqeUdOCNJFw5LeBOk-ETU9BhxQCxwPQuDfxgIKzuou0XPYQZmty=h900

Domain: bestcellphonespying.com
URL: https://bestcellphonespying.com/wp-content/uploads/girl-tinder-account.jpg

Domain: akns-images.eonline.com
URL: https://akns-images.eonline.com/eol_images/Entire_Site/2016218/rs_300x300-160318114554-600.Bumble-Election-Filters.1.ms.031816.jpg?downsize=600:*&crop=600:315;left,top

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			the-get-yourlady.com/	1969-12-31 23:59:59	Name: sid Value: t1~iy5u31q0z42bfw54zg1inweo

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://teekfenbank.cf/(Line 1) Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.jedinews.co.uk/wp-content/uploads/2016/07/logo_original-e1472744587649.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/(Line 1) Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.gigaherz.net/upload/1702.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/(Line 1) Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://sandandpearl.com/wp-content/uploads/2015/07/Johnson4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/(Line 1) Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://tennessee.arrests.org/mugs/Hamilton/2013-01-03_SOUTHERS-TEDRA-MARQUIS.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/(Line 1) Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://bestcellphonespying.com/wp-content/uploads/girl-tinder-account.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/(Line 1) Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://akns-images.eonline.com/eol_images/Entire_Site/2016218/rs_300x300-160318114554-600.Bumble-Election-Filters.1.ms.031816.jpg?downsize=600:*&crop=600:315;left,top'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.jedinews.co.uk/wp-content/uploads/2016/07/logo_original-e1472744587649.png Message: Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
security	warning	URL: https://teekfenbank.cf/ Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.jedinews.co.uk/wp-content/uploads/2016/07/logo_original-e1472744587649.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/ Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://www.gigaherz.net/upload/1702.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/ Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://sandandpearl.com/wp-content/uploads/2015/07/Johnson4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/ Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://tennessee.arrests.org/mugs/Hamilton/2013-01-03_SOUTHERS-TEDRA-MARQUIS.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/ Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://bestcellphonespying.com/wp-content/uploads/girl-tinder-account.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://teekfenbank.cf/ Message: Mixed Content: The page at 'https://teekfenbank.cf/' was loaded over HTTPS, but requested an insecure element 'http://akns-images.eonline.com/eol_images/Entire_Site/2016218/rs_300x300-160318114554-600.Bumble-Election-Filters.1.ms.031816.jpg?downsize=600:*&crop=600:315;left,top'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akns-images.eonline.com
algosit.com
ap-verlag.de
bestcellphonespying.com
bestinau.com.au
cdn.images.express.co.uk
cdn.ligainsider.de
fonts.googleapis.com
fonts.gstatic.com
images.sk-static.com
lh3.googleusercontent.com
lookaside.fbsbx.com
pd1eu.badoocdn.com
sandandpearl.com
static.independent.co.uk
teekfenbank.cf
tennessee.arrests.org
the-get-yourlady.com
venturebeat.com
www.decisionmarketing.co.uk
www.facebook.com
www.gigaherz.net
www.jedinews.co.uk
www.single-ratgeber.net
www.telegraph.co.uk
akns-images.eonline.com
bestcellphonespying.com
bestinau.com.au
lh3.googleusercontent.com
pd1eu.badoocdn.com
sandandpearl.com
tennessee.arrests.org
www.gigaherz.net
www.jedinews.co.uk
138.201.205.53
151.101.130.137
151.101.2.217
184.24.10.14
185.219.238.38
192.0.66.2
217.160.0.129
2600:9000:224a:e400:1d:b722:f80:93a1
2606:4700:3031::6815:1f17
2606:4700:3032::ac43:d13f
2a00:1450:4001:800::2003
2a00:1450:4001:829::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
5.101.45.5
5.35.241.235
020278f4f33a2d3ac808d89d82b39bae9e0d8f7848e17b0444195b9a44f2d339
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
16e27d839ae7912e18b21fa97935e5aa2dec94477b41e4170ab1b160534c046c
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
288f01b9601681ec39f2cf7242e0d23780310021fe2fee8e6272f8ed37ab67d4
2dbbd6cea03d1ecfbf65dc139b3cc03c52479ea3bf5fa8221822e478179e5ce6
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
3bbb8c96af2bc35c31c95059504de91ba0697b0614534c243a110e2189f48952
422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432
53d1b6c42de61e94ca2bc02db06a80ca0cb8f597169c420d49b7858f1473e11a
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
7fe47721e55811525c9bd5ff555a49549135ae95b713a93307b6c00dc411f3f4
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
89779b56163dab32d4848b9b279b2a36c90560ec9b8d5d6bc5b238a329a554f5
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7
9efdd68f038d8b653d9a0f8dbed271d09eab694095d6218aa0cb9b7120371a41
a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb
af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
b38243567cc3b48d438eaffb712438dd82f21e28c70895fcc6b2a6bd6fed8935
b3fe6a42001d4c33de7ad7235681a5392461b17fd154ce6d6478e8434602aac5
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cc17d3608f188d7362bb4f59bd8dcac681a257cb394e02769b291e452ebb4be1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57
fd3948289db277f5050354461107dcad0fbe8a979922bed448daf797d62f0a31

the-get-yourlady.com Open in urlscan Pro 5.101.45.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

80 %HTTPS

44 %IPv6

25 Domains

25 Subdomains

16 IPs

5 Countries

1689 kBTransfer

1959 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

the-get-yourlady.com Open in urlscan Pro
5.101.45.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

80 %
HTTPS

44 %
IPv6

25
Domains

25
Subdomains

16
IPs

5
Countries

1689 kB
Transfer

1959 kB
Size

1
Cookies

45 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!