urlscan.io logo urlscan.io
SecurityTrails logo

safe-window.com Open in urlscan Pro
172.67.197.49  Public Scan

Go To Rescan Add Verdict Report
URL: https://safe-window.com/
Submission Tags: @phishunt_io
Submission: On September 09 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 41 HTTP transactions. The main IP is 172.67.197.49, located in United States and belongs to CLOUDFLARENET, US. The main domain is safe-window.com.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.
This is the only time safe-window.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 172.67.197.49 13335 (CLOUDFLAR...)
1 2 23.225.166.66 40065 (CNSERVERS)
2 162.253.67.147 40065 (CNSERVERS)
41 4
Apex Domain
Subdomains		 Transfer
34 safe-window.com
safe-window.com
2 MB
2 gd567a.com
www.gd567a.com
1 KB
2 gd4488.com
www.gd4488.com
1 KB
0 gd4441.com Failed
www.gd4441.com Failed
0 baidu.com Failed
api.share.baidu.com Failed
41 5
Domain Requested by
34 safe-window.com safe-window.com
2 www.gd567a.com www.gd4488.com
2 www.gd4488.com 1 redirects safe-window.com
0 www.gd4441.com Failed www.gd567a.com
0 api.share.baidu.com Failed safe-window.com
41 5

This site contains no links.

Subject Issuer Validity Valid
*.safe-window.com
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
gd4488.com
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
www.gd5502.com
R3		 2021-09-06 -
2021-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://safe-window.com/
Frame ID: 34BD8A0027B0BB7433AD23E1D57EFD08
Requests: 35 HTTP requests in this frame

Frame: https://www.gd4441.com/?att=177
Frame ID: D94634CCBA053062043E3956DFA9C1E7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

彩八彩票App[开户网址,官网app下载,投注平台]-首页

Page Statistics

41
Requests

90 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

2433 kB
Transfer

3004 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://www.gd4488.com/a HTTP 301
  • https://www.gd4488.com/a/

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safe-window.com/ 		68 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
47b91902c59262250db002c8abe686cf6e791414416f95a232be300768452349

Request headers

:method
GET
:authority
safe-window.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 09 Sep 2021 16:10:07 GMT
content-type
text/html
last-modified
Tue, 13 Jul 2021 07:39:53 GMT
vary
Accept-Encoding
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpWjn%2FqI2Cs2YOSIhCzjDt79Ey6%2BQGa7SDBz%2FBPQL7%2FgD1A3%2BOk4ZCuncsCq%2F4W865MLXLbaVqF3gzBhW03YCxp6xbXxysyU5s2wfBcLWtATQ3eZ6MBEi3qkXRO7PNlL6ng%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c1af502e00f9d2-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
new_style.css
safe-window.com/xjcgssq_files/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/xjcgssq_files/new_style.css
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5ef75d03e9a15c949f4845f48e3efa664f68b7f10bcdbd0a79506b57d33f38c4

Request headers

:path
/xjcgssq_files/new_style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"68cd185b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of1M4ykZeVxmDqKypP9dntll5RhACt0xUKWQkae6g4AhB0Af%2BzCpTcQd0dtS%2Fb3ILLQ3202cAlVubMPgbQ8uDhRak1Pam2QkF5vQU0%2BoUTHba1NelX1BUptAnyRUEVXAb9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
68c1af537ad7f9d2-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
changyan.css
safe-window.com/xjcgssq_files/ 		258 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/xjcgssq_files/changyan.css
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7df1a256c4f264d94893c20ca1707e93c951c67cf501df8dc19b908c77852c8e

Request headers

:path
/xjcgssq_files/changyan.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"bc90195b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptIWoFvfDXlSSuThG2WeH14ET2LxQleQkxzAUAfWQs%2FOwAmQDUnEKY3guTFD%2BP3r4nn7Zg7cUxb%2FwP2mmI2grju01zybUwaG38FUq%2FWibzwVILsr0Na4NVQXsR6Md5XM1EU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
68c1af537adaf9d2-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
push.js
safe-window.com/xjcgssq_files/ 		281 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/xjcgssq_files/push.js
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

:path
/xjcgssq_files/push.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"f551a5b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxwdluVPh2xvqRPdNjgFUyWdv83r2htKmm8mkhdCgBS2nWizqpkfSmM8slHbd8BfOEjiA%2FJ1PDZ4SLHu3Bn2t01q5w7bciM4x%2FGIhxjk79UpwcioNw%2BG5jASE2BIvPjqEl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
68c1af537adcf9d2-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
swiper-3.3.1.min.js
safe-window.com/xjcgssq_files/ 		295 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/xjcgssq_files/swiper-3.3.1.min.js
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
538e449689b787cce7e10206b054ca8e3f418170019ec332e5fed29838dbc393

Request headers

:path
/xjcgssq_files/swiper-3.3.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"30a21a5b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ShXCzj%2FQS3HNYq0ucvm%2Bj%2BfyTaDOkqncEbcae7jw7rWU9p76%2FDbvHX8u1FbZ%2BR681sUyQzGx%2BkJtS11qDW1AKa8KKHPtgD1SC4qBHV0tLDAhf8bXDmJfMdoTEgspVO%2BpnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
68c1af537addf9d2-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
autopush.js
safe-window.com/ 		374 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/autopush.js
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9cca469ca67f563614aa1551080500e11298b62683869cc882d57243a69c0bea

Request headers

:path
/autopush.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 13 Jul 2021 06:24:29 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"5baf7ebcaf77d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSc8%2Bcyqq3AAxh5Hc05K9td8lrfS9qjXwiP9VEZi3goxIOJKcE7LtcLcdI9EaMBvFdoY9gBECvT13GvxdMwoea6KdDx2NejbrsYO4Vl9%2FYVD6bLy5lNmbbMyV2UJHMeDgn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
68c1af537adff9d2-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
girl13.com-2017-08-25-17-25-43_80.jpg
safe-window.com/xjcgssq_files/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-08-25-17-25-43_80.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2163b45e21417a1ee09043531daba7780d80bc6557b28e88307c2d5b67d18fab

Request headers

:path
/xjcgssq_files/girl13.com-2017-08-25-17-25-43_80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
151007
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"77881d5b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szJhOKuLTr30aEabXxxPbSrdhF1p6z%2Bq9hcS13EMxpmTzGvAdNIV7Iv8lgYXU8R8EnZrcM9KY9APHStw7pmUUEXPDaG2p5xqIyVBIvD1XA%2Fa5QilOJcCdlQN6kG20g87vmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62288b411a-PRG
95869645.jpg
safe-window.com/xjcgssq_files/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/95869645.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d80341488d095eb36d16874fa3b3ccb667909dd53506d40944f503be053d986d

Request headers

:path
/xjcgssq_files/95869645.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34666
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"7947205b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIFipumEV5fd2FaB3eVxeRe%2F9EE%2FETfCuVd7m%2BvyK7zf3iOxiXgAdQ1jxPWNMxEeZPEFGn7Z7JZSyE3oiEhHv1gQbBriTCuLf9bW3H2lWBjuJyhxQ%2BsPOv8mhwrIMWgoPIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62288e411a-PRG
94353737.jpg
safe-window.com/xjcgssq_files/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/94353737.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1d7568a2a0f799b7758a8d9a8401c3255663545e49343f5ef750c623d5e3a4e6

Request headers

:path
/xjcgssq_files/94353737.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11066
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"9395205b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53AuZnM1RHvPBAYUGy%2FWQZ%2Feu%2B9TDgO8%2B8fAYsUwfy6GXQLaLBWFKr%2FI4%2BDc%2BtBS0W4vkzmqs9PdH8udIhQDrkG8Z2%2FDmb4thYQ8LIy6fyz7wKx%2FuBVotWAM22OnpxQ7EZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62288f411a-PRG
girl13.com-2017-09-19-16-18-43_80.jpg
safe-window.com/xjcgssq_files/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-09-19-16-18-43_80.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
38d171899d30cb190353cf62e6f4d778fad6d1992b65fd9ad7fe91c400e9a454

Request headers

:path
/xjcgssq_files/girl13.com-2017-09-19-16-18-43_80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
124536
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"c2e3205b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K%2F8UX3zlyUm6EvKnR%2F61lB0hEhr8vRLW5%2BGah4qUiebLH9GBExTSZibwQRr8ne0JMX3kX32K2A%2FNsT1LliAQlMIeRmUq8MXxkENZMuWpuETNl5nbhuz%2Bka1e2jueEDlhbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af622891411a-PRG
98586930.jpg
safe-window.com/xjcgssq_files/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/98586930.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8f6e335e46d4dd0d484b67ab111ebc2460196b217fb7163d551200f7ed7ff5fe

Request headers

:path
/xjcgssq_files/98586930.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46661
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"d031215b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKOwHIKlMS76B%2Fue5QCBCj2rLjydn4KFp4CLiwUtZA9O9M2zWEmlKGkPvE%2BjJUS8oAkrE9vR1uzodmWplicnn9O%2Ftt%2Fai5BRV7Y8czv%2BFUTz24s6yLariYFKKqxJFLUT2hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af622893411a-PRG
758027.jpg
safe-window.com/xjcgssq_files/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/758027.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
965bb0d2f192b4a98aa0c199300fb9188691dadb71ef9cf6f8983f045c5dbaf0

Request headers

:path
/xjcgssq_files/758027.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12451
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"6891225b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZwGz9osd%2FHtS9%2FKalkYMcfk3wuE2VtuXS%2Blv3IY4iUyciiHjdno%2FIbIryMdGYP3nW7AXuJzS%2BVYuKIWd1HwyIemOEJFkU7NfQ9VQsC7lFwf%2F8uv3v2xFlvVuqkukSma2e0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af622894411a-PRG
26230718.jpg
safe-window.com/xjcgssq_files/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/26230718.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f6b080b61491673c463e3a0acff81ac0e8a3da1ee007c80b212de0d3d405901a

Request headers

:path
/xjcgssq_files/26230718.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
114102
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"84df225b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYRS65PFWxli5NTHpM5gsMR3fkPH3tZbvTZW9juazZb6Ljsre3tvokfJGep0HzDPEhjx5k9%2B%2B786avRsJ8WCluCIaL593lSU8nK3nkZ5vYNny9sROoU0a9XN7TGBHr86X%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af622895411a-PRG
girl13.com-2017-08-24-17-29-07_58.jpg
safe-window.com/xjcgssq_files/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-08-24-17-29-07_58.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e9e0da929c262eca73fedf6614208321f704154b0ac6ef18e7c0347b2ed69349

Request headers

:path
/xjcgssq_files/girl13.com-2017-08-24-17-29-07_58.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
87439
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"bf54235b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGupVoDE2cXWU8GCSgsTWzlvkEdFMLP%2BwHP1VEDZ6KFW2h53WS31NI%2F%2BJdj1F%2B1AuH1bDlwoOxyJVpR6AQdKvHaJO4R5AeABfiW0Djyub4MuK8HZdHhT2ev1AagROBUeAZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af622897411a-PRG
63192949.jpg
safe-window.com/xjcgssq_files/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/63192949.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0ca7656a30c6d75bb129044384faa739ceea73489e880f8c0968c9bd00b1145f

Request headers

:path
/xjcgssq_files/63192949.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7386
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"d8a2235b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pXGJAjYYxwNYlRv7a818ftPnrJsN4tKIIlX4fX6HuF4Kq93eOVRScHSrwckKZSSivveSmHmmqQjtQGlOZtogHFHpOzxOClOH1QRnMtrlVbhFzWV%2BA9blMZcdGT8Njsm03w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62289a411a-PRG
girl13.com-2017-08-21-13-55-40_00.jpg
safe-window.com/xjcgssq_files/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-08-21-13-55-40_00.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1b5d233d73b3dc830f01805d8b4127ced17589ad9d08ca4828e7ab4bff3bb6fb

Request headers

:path
/xjcgssq_files/girl13.com-2017-08-21-13-55-40_00.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
62660
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"1af1235b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMBKcQJYr68wNK7P36vJYfFYbmYPU%2Bb8XS0fdrW7R7qFV%2Fautjgp8w4nol588493Vu8gvpOwqGSdZVs9IWBKkb0PyOyqypKZq7V%2BYBGzrEkg4U8iSbD757eCUWMfMJVXeKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62289b411a-PRG
girl13.com-2019-07-27-22-33-25_00.jpg
safe-window.com/xjcgssq_files/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2019-07-27-22-33-25_00.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
29c35189672eb91a39b07cb3c9d1ce72eb75f2defe2b2fec001b65b999dfdaa2

Request headers

:path
/xjcgssq_files/girl13.com-2019-07-27-22-33-25_00.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
245650
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"618d245b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6lnNwtew98Si%2Bb4nWBPQoe%2FolBH53j78dy6ZcO8Jkltzt5v%2FaQMOfiWcZP4JInxqRNaceZO6Z1sy6R%2FzK8UDraxfiyPTGqsnpRZunICRHHQyLmRHNOVDFtIwDmD5%2FyXOYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62289c411a-PRG
53679233.jpg
safe-window.com/xjcgssq_files/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/53679233.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
22e8ecd0f688133e4526bba1c6c61aeda0aca6ced2feb35d0235fca2773589b0

Request headers

:path
/xjcgssq_files/53679233.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26372
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"982255b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy8JzbBQx%2FxAGHfQ05qIPGC%2BH5t%2BHDC70dkbpdW%2BF%2BrBV5E6%2B1FGRl58A2wJjBJMLtS%2Fb3ZSXkqUNtflGk%2B9f4rF0td3lPfldAghy8QHRRifwj4u%2FgknUTzsP8Gn3whKdvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62289d411a-PRG
girl13.com-2017-08-24-17-38-53_80.jpg
safe-window.com/xjcgssq_files/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-08-24-17-38-53_80.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
91c9a7cab3859cd6569beb33c328cf8ec33c0dd96c0b0d54c941a0de1b1f0488

Request headers

:path
/xjcgssq_files/girl13.com-2017-08-24-17-38-53_80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
142312
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"b99e255b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFqnYN%2BH74CaM95gANNJN730jAFk%2BmZSzFJxLiq%2BBq41j6WhTQEYY9%2BsE66pqWC%2F0KF%2BbXA8XldlLrIWaL%2FPS9%2FfeR3Vs8lAhEk0FmL1%2FxSL0WSWw818cBauZJYMs8thKeE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af62289f411a-PRG
girl13.com-2017-08-23-17-10-36_80.jpg
safe-window.com/xjcgssq_files/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-08-23-17-10-36_80.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
65dac24a067149cbaff147cfe216a0691742c403b9e3bf055bbf9deaefc0f837

Request headers

:path
/xjcgssq_files/girl13.com-2017-08-23-17-10-36_80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
96031
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"beec255b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDxtr230B2ljCX7siul3kR57IF2eduIU1KL7IH5SYPtiOX6ME3bAwi8ie%2BDahxEuLw38RNtJtYJwAKJQqi48QCEd2k4II2Y136ejwm8MpBndtGaoF3qIRQiOQXKxoVou8Yg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228a0411a-PRG
girl13.com-2017-08-21-13-58-08_80.jpg
safe-window.com/xjcgssq_files/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-08-21-13-58-08_80.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2029042dee55aa20a4d537964085a39743535a640fa3ef962597174aece10124

Request headers

:path
/xjcgssq_files/girl13.com-2017-08-21-13-58-08_80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
151361
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"ec3a265b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Derup8jkzadn6nPIn5Obyi391x3bMTAThQjDkEyCaRFbWQ9IstSB5iLfc8E6Jt%2Fpj%2FCMsvtmaWYy06SddsQ7oGZUsI%2FmK%2BipGQtg4zA0lh%2F%2FYjZUOiT6r8DNG7J%2FRUipamY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228a2411a-PRG
81213438.jpg
safe-window.com/xjcgssq_files/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/81213438.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8a384fef5845bce0cec4ba35859eeedf3bae2fdfeb95d0657d591ff0f4bfe37d

Request headers

:path
/xjcgssq_files/81213438.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:12 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50411
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"20b0265b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZJY3NDAHjtr2NBIuOhpxgEPeld6IHfuyy0p2LbmCmiUg%2FdlfR4Y1nNNGJmD%2BFWablLrxj86ewOpt2vE3UlcCuHI%2FkShm199s0thWQYV7MTxxeTSSgV8cjtW3CLtGKRyUBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228a3411a-PRG
girl13.com-2017-09-22-17-44-38_80.jpg
safe-window.com/xjcgssq_files/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-09-22-17-44-38_80.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a5dc2d7243f879ca3315b7e9fc308519d8736b82e1dd51cf9222c81bd96d5dfe

Request headers

:path
/xjcgssq_files/girl13.com-2017-09-22-17-44-38_80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:12 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
67763
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"7973275b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NarU8pxtgSMWA2PpWHW%2BxB5DHe1kycpHS7N4hclwUvqzgeUnnbOuRfx0I6z8ns7mvOS2dgLtFjCy5lSS1d%2FPizfUmePhmQ%2Bx9BQHs4B9zEu3KmJJQaLm4v74gH%2BAmMsgTeI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228a6411a-PRG
pic42_null.gif
safe-window.com/xjcgssq_files/ 		830 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/pic42_null.gif
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5cd4c8ea26cde48c3d162bd2b8314cb8b6af83a23038ff00094e5437ae934d00

Request headers

:path
/xjcgssq_files/pic42_null.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
830
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"a6fb315b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOLSAT7c7sFzgLf0Ho%2BFZkFarqcny5fM832jXc%2BkJjMgjtzGx51AsLCHfrNZZzwLemfBOBXLV8pr17uwR7k1u49IUpVAGwzVhWY7Vv7%2But6uiqfeMc6GBfr08sHVurJSDzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228a9411a-PRG
girl13.com-2017-09-19-16-01-45_y0.jpg
safe-window.com/xjcgssq_files/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-09-19-16-01-45_y0.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
923b0d55bca36eea7167c81b444988116a475fad8eb8cf2d9219092ec4602f62

Request headers

:path
/xjcgssq_files/girl13.com-2017-09-19-16-01-45_y0.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51609
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"e16f325b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLdA7pElR6CjEDHftgSb3u%2B5p0VlyKjZOL8KAOALzvriGf2zg1%2BFHyWDKoYNqgf67DrJes4t16DwCeya%2FOP5tuVMvpNywEtGD2ASulrZU93ApPjfsmq9PapWZqmCq9265U0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228ac411a-PRG
47881639.jpg
safe-window.com/xjcgssq_files/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/47881639.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c4421dbc0cca7a29d995d5529b06982f45c8bb5f37f6d3051fdfe8b9da7cfe06

Request headers

:path
/xjcgssq_files/47881639.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21933
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"1abe325b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJOABGr6eii6wh0%2BxW0syJXWngU9xfnCeJY%2BxlmTD7qEBecWLxb%2Bl5TBINIYH%2FeSAnhtQxhoyAuG4pl1pZcL1jJ6Eqoyy2UYUktAzDX68sJvoBLw12WW1exIG6pU%2B0Mwjs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228b1411a-PRG
5683531.jpg
safe-window.com/xjcgssq_files/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/5683531.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
223519329bcbdeb4242c42dddbb4b92a13e4564faf1f7d99eb5ace3ed63969ac

Request headers

:path
/xjcgssq_files/5683531.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14172
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"3dc335b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL8XCl4Y4qoZy9xNKIhVzn9sdlGEjZEcw6ifW5kA6SSLOMMpHr%2Ba9bJV3i%2FtRXSTmg8mVOW558vqNnpE4Wp4A40d6SDmMuoSE2yHJ%2FSfJyTdlHKx3AL9I0PEue8uMmC1fW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228b2411a-PRG
girl13.com-2017-08-21-14-03-41_n2.jpg
safe-window.com/xjcgssq_files/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/girl13.com-2017-08-21-14-03-41_n2.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
36bc03f7dbaa24ee11c1ce76cab9add260fe0bfbf85b2f21c19ea3598f243e97

Request headers

:path
/xjcgssq_files/girl13.com-2017-08-21-14-03-41_n2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:12 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
106317
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"8fcf335b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct%2Bgsc3wovwDznbiYto62BgUNabwsqEyM1H56L4%2BP1h7hlXiHfL9Gzldc9jmayybyetQUIJm61B5oDjHNgVkei%2Fhw%2BDvTT%2B6DUOBxrqcZcG7X%2FK1cAPM80QYCmERZ6gTD7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228b4411a-PRG
9162088.jpg
safe-window.com/xjcgssq_files/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/9162088.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6cc3bb9d3640722a7549755f2703a1f3db41ce7d31dd3bd46c92e9c7c7437b5f

Request headers

:path
/xjcgssq_files/9162088.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
138579
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"b544345b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BCXJP7qC7YYbl55mtojls6vEYFlF1JuH5ukk8MW6WI4NcavKG3GG5VGjziOjCnJg3qU1jtSjVeIlOvlhTMT0a4sFt71BcMbcGqPqPDFPXpU%2Bn5B5QR3vuFOxJYaOSvE1K0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228b5411a-PRG
2579622.jpg
safe-window.com/xjcgssq_files/ 		524 KB
525 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/2579622.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
94f60648f20a3ae958dfaa78e3c9b38d139477df09bbbf4af3f4834963ea22e8

Request headers

:path
/xjcgssq_files/2579622.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
536535
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"e8355b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0br6qlBLM%2Bv8PtLzLvqM4ALxm2394lLXwFK%2B88W9Vp5zqRNCNzoBNjxawK0EGe0ZS5SL79E14TZ0LwRi0d%2B0mNINW6TKEyoh2EBkjRSMx9VRV854nYrpy4yTzlyRVpmH1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228b6411a-PRG
37540528.jpg
safe-window.com/xjcgssq_files/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/37540528.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fe894a84572fef698b6bd6348b8f6af3497121b80527d2183a0358083951c4ff

Request headers

:path
/xjcgssq_files/37540528.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37678
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"1b56355b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FQtR1T1rTX7Aogjkswf6DY03UN0dn3JXuBm3gawOENTrqBWpTyqr2sJHO44L%2Bxru1RenigZhZ2Nc%2BN7s9n3pnigk%2FhO%2BesvXROeZTgO7OwolCtErMW3DVT7Qr%2BmbRIfj1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228b8411a-PRG
3135875.jpg
safe-window.com/xjcgssq_files/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe-window.com/xjcgssq_files/3135875.jpg
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9acfa1262aa76605749404992f2567ec3d880f67c61dbf9974c9e42e942456b4

Request headers

:path
/xjcgssq_files/3135875.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9514
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
etag
"43cb355b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcBgXAS8HphP3UEbzJR9DEccAIHHUfzkgKfB7Hrd8LpphrbKbFmIpv8WqhBFAr40QCPUJFRfI7subqQQ%2BkL6Qfk0%2F4i6QzQ5XwnHykdGRjhG%2Fm1zRT18M%2Fnub1XUn%2F9GGSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68c1af6228b9411a-PRG
new_style.js
safe-window.com/xjcgssq_files/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/xjcgssq_files/new_style.js
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bfeebdce62e344a6b13e0b8591d123ee333420776922a6b7a0b2fe13f94403f4

Request headers

:path
/xjcgssq_files/new_style.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"4d1a365b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGfRG3kZW6Y96ATVt0VV%2BgP7apd5C%2FB%2BdjPdttBEh08WpJia%2B%2Fj0BeqxGtWSY9fBfiqB2bK%2FYVRl50Y1XhgNktlk6Rcy4RJHOqlGKohvZsH%2BIFy3VB57KmZ5wFINghIon%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
68c1af61e83c411a-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp35.js
safe-window.com/xjcgssq_files/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe-window.com/xjcgssq_files/wp35.js
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5a72c4772e129fe4717d992e8e1304c00c0c9d233ec2863ab1971194d69e961e

Request headers

:path
/xjcgssq_files/wp35.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
safe-window.com
referer
https://safe-window.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 21:46:04 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"ccdc365b6656d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G6kT5B5%2Fa5dBCjLCuL3XLJiQXiJy9a5UUrXnqqYmIyePAL%2FXbw0s9DqF4z0LhvZNQbPemo%2BwGPWeqcDiTaSKSDravopy3ENzgp9MDYl42X9%2B7MygyjwZmhF8%2ByGyfjsVjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
68c1af620866411a-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s.gif
api.share.baidu.com/ 		0
0
/
www.gd4488.com/a/ Frame D946
Redirect Chain
  • https://www.gd4488.com/a
  • https://www.gd4488.com/a/
878 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gd4488.com/a/
Requested by
Host: safe-window.com
URL: https://safe-window.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.166.66 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
c0174563869fc0fc49d56134d81cf76863b640adb76783b1324a517f4422d2c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.gd4488.com
:scheme
https
:path
/a/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
frame
referer
https://safe-window.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://safe-window.com/

Response headers

server
nginx
date
Thu, 09 Sep 2021 16:10:10 GMT
content-type
text/html
content-length
878
last-modified
Mon, 06 Sep 2021 02:46:31 GMT
etag
"61358107-36e"
strict-transport-security
max-age=31536000
accept-ranges
bytes

Redirect headers

server
nginx
date
Thu, 09 Sep 2021 16:10:10 GMT
content-type
text/html
content-length
162
location
https://www.gd4488.com/a/
strict-transport-security
max-age=31536000
0.11466042842955848
www.gd567a.com/ Frame D946 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gd567a.com/0.11466042842955848
Requested by
Host: www.gd4488.com
URL: https://www.gd4488.com/a/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.253.67.147 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gd4488.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
/
www.gd567a.com/ Frame D946 		884 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gd567a.com/
Requested by
Host: www.gd4488.com
URL: https://www.gd4488.com/a/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.253.67.147 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
03aec23a103cc08b3050fa9cd61101969e94a6b57b74336cab0debb6ea735e69

Request headers

Host
www.gd567a.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
frame
Referer
https://www.gd4488.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gd4488.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 26 Aug 2021 11:50:59 GMT
Accept-Ranges
bytes
ETag
"75a95aa3709ad71:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Date
Thu, 09 Sep 2021 16:10:07 GMT
Content-Length
805
0.22665095066142205
www.gd4441.com/ Frame D946 		0
0
/
www.gd4441.com/ Frame D946 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.share.baidu.com
URL
https://api.share.baidu.com/s.gif?l=https://safe-window.com/
Domain
www.gd4441.com
URL
https://www.gd4441.com/0.22665095066142205
Domain
www.gd4441.com
URL
https://www.gd4441.com/?att=177

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| Swiper function| $ function| jQuery

0 Cookies

5 Console Messages

Source Level URL
Text
security warning URL: https://www.gd4488.com/a/
Message:
Mixed Content: The page at 'https://www.gd4488.com/a/' was loaded over HTTPS, but requested an insecure element 'http://www.gd567a.com/0.11466042842955848'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.gd567a.com/0.11466042842955848
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning URL: https://www.gd567a.com/
Message:
Mixed Content: The page at 'https://www.gd567a.com/' was loaded over HTTPS, but requested an insecure element 'http://www.gd4441.com/0.22665095066142205'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.gd4441.com/0.22665095066142205
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://api.share.baidu.com/s.gif?l=https://safe-window.com/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.share.baidu.com
safe-window.com
www.gd4441.com
www.gd4488.com
www.gd567a.com
api.share.baidu.com
www.gd4441.com
162.253.67.147
172.67.197.49
23.225.166.66
03aec23a103cc08b3050fa9cd61101969e94a6b57b74336cab0debb6ea735e69
0ca7656a30c6d75bb129044384faa739ceea73489e880f8c0968c9bd00b1145f
1b5d233d73b3dc830f01805d8b4127ced17589ad9d08ca4828e7ab4bff3bb6fb
1d7568a2a0f799b7758a8d9a8401c3255663545e49343f5ef750c623d5e3a4e6
2029042dee55aa20a4d537964085a39743535a640fa3ef962597174aece10124
2163b45e21417a1ee09043531daba7780d80bc6557b28e88307c2d5b67d18fab
223519329bcbdeb4242c42dddbb4b92a13e4564faf1f7d99eb5ace3ed63969ac
22e8ecd0f688133e4526bba1c6c61aeda0aca6ced2feb35d0235fca2773589b0
29c35189672eb91a39b07cb3c9d1ce72eb75f2defe2b2fec001b65b999dfdaa2
36bc03f7dbaa24ee11c1ce76cab9add260fe0bfbf85b2f21c19ea3598f243e97
38d171899d30cb190353cf62e6f4d778fad6d1992b65fd9ad7fe91c400e9a454
47b91902c59262250db002c8abe686cf6e791414416f95a232be300768452349
538e449689b787cce7e10206b054ca8e3f418170019ec332e5fed29838dbc393
5a72c4772e129fe4717d992e8e1304c00c0c9d233ec2863ab1971194d69e961e
5cd4c8ea26cde48c3d162bd2b8314cb8b6af83a23038ff00094e5437ae934d00
5ef75d03e9a15c949f4845f48e3efa664f68b7f10bcdbd0a79506b57d33f38c4
65dac24a067149cbaff147cfe216a0691742c403b9e3bf055bbf9deaefc0f837
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6cc3bb9d3640722a7549755f2703a1f3db41ce7d31dd3bd46c92e9c7c7437b5f
7df1a256c4f264d94893c20ca1707e93c951c67cf501df8dc19b908c77852c8e
8a384fef5845bce0cec4ba35859eeedf3bae2fdfeb95d0657d591ff0f4bfe37d
8f6e335e46d4dd0d484b67ab111ebc2460196b217fb7163d551200f7ed7ff5fe
91c9a7cab3859cd6569beb33c328cf8ec33c0dd96c0b0d54c941a0de1b1f0488
923b0d55bca36eea7167c81b444988116a475fad8eb8cf2d9219092ec4602f62
94f60648f20a3ae958dfaa78e3c9b38d139477df09bbbf4af3f4834963ea22e8
965bb0d2f192b4a98aa0c199300fb9188691dadb71ef9cf6f8983f045c5dbaf0
9acfa1262aa76605749404992f2567ec3d880f67c61dbf9974c9e42e942456b4
9cca469ca67f563614aa1551080500e11298b62683869cc882d57243a69c0bea
a5dc2d7243f879ca3315b7e9fc308519d8736b82e1dd51cf9222c81bd96d5dfe
bfeebdce62e344a6b13e0b8591d123ee333420776922a6b7a0b2fe13f94403f4
c0174563869fc0fc49d56134d81cf76863b640adb76783b1324a517f4422d2c6
c4421dbc0cca7a29d995d5529b06982f45c8bb5f37f6d3051fdfe8b9da7cfe06
d80341488d095eb36d16874fa3b3ccb667909dd53506d40944f503be053d986d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e0da929c262eca73fedf6614208321f704154b0ac6ef18e7c0347b2ed69349
f6b080b61491673c463e3a0acff81ac0e8a3da1ee007c80b212de0d3d405901a
fe894a84572fef698b6bd6348b8f6af3497121b80527d2183a0358083951c4ff