urlscan.io logo urlscan.io
SecurityTrails logo

safedates.net Open in urlscan Pro
2606:4700:3035::6815:4bfe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trkcntrl.com/?a=8457&c=868&s1=010lpzz
Effective URL: http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Submission: On May 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3035::6815:4bfe, located in United States and belongs to CLOUDFLARENET, US. The main domain is safedates.net.
This is the only time safedates.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.235.28.141 14618 (AMAZON-AES)
1 1 34.233.254.70 14618 (AMAZON-AES)
9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 163.171.128.172 54994 (QUANTILNE...)
12 147.75.86.225 54825 (PACKET)
1 147.75.87.177 54825 (PACKET)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 8
1    54.235.28.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-28-141.compute-1.amazonaws.com
trkcntrl.com
1    34.233.254.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-254-70.compute-1.amazonaws.com
click-connect.com
9    2606:4700:3035::6815:4bfe (United States)

ASN13335 (CLOUDFLARENET, US)
safedates.net
2    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, US)
9e2722ab.registersafely.com
12    147.75.86.225 (Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k3-shared-ingress4
ndwhvl.com
1    147.75.87.177 (Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k3-shared-ingress3
geoip.registersafely.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
12 ndwhvl.com safedates.net
ndwhvl.com
9 safedates.net safedates.net
2 9e2722ab.registersafely.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 ssl.google-analytics.com ndwhvl.com
1 fonts.googleapis.com ndwhvl.com
1 ajax.aspnetcdn.com ndwhvl.com
1 code.jquery.com ndwhvl.com
1 geoip.registersafely.com ndwhvl.com
1 click-connect.com 1 redirects
1 trkcntrl.com 1 redirects
27 11

This site contains no links.

Subject Issuer Validity Valid
ndwhvl.com
R3		 2021-03-31 -
2021-06-29		 3 months crt.sh
geoip.registersafely.com
R3		 2021-04-03 -
2021-07-02		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Frame ID: AC8F79AC1B5BCF10E642AD1287955F34
Requests: 9 HTTP requests in this frame

Frame: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Frame ID: 118F939039403526D596D00CB4F06583
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://trkcntrl.com/?a=8457&c=868&s1=010lpzz HTTP 302
    https://click-connect.com/?a=8457&c=868&s1=010lpzz&ckmguid=c43e6efe-3618-4da5-b9a0-1fd297870b2c HTTP 302
    http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

27
Requests

67 %
HTTPS

45 %
IPv6

10
Domains

11
Subdomains

8
IPs

3
Countries

348 kB
Transfer

629 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trkcntrl.com/?a=8457&c=868&s1=010lpzz HTTP 302
    https://click-connect.com/?a=8457&c=868&s1=010lpzz&ckmguid=c43e6efe-3618-4da5-b9a0-1fd297870b2c HTTP 302
    http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz HTTP 301
  • https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz HTTP 302
  • https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
safedates.net/saferdates/
Redirect Chain
  • http://trkcntrl.com/?a=8457&c=868&s1=010lpzz
  • https://click-connect.com/?a=8457&c=868&s1=010lpzz&ckmguid=c43e6efe-3618-4da5-b9a0-1fd297870b2c
  • http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34 PleskLin
Resource Hash
dbf053ba0fd0b5e5af251c01adf3dbde9addecf6e97910c07c8161427a9db272

Request headers

Host
safedates.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175; expires=Tue, 08-Jun-21 12:26:15 GMT; path=/; domain=.safedates.net; HttpOnly; SameSite=Lax
X-Powered-By
PHP/7.2.34 PleskLin
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
CF-Cache-Status
DYNAMIC
cf-request-id
09f2b0c03200004db8e1891000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j8Jezd95WGeCmZ%2F%2BEvs4TL1nY3JvDe%2FDN6yZLS7GeiwAXnJk7y6Hcmapx4%2BYrrIhflNdcnGbrS4%2F1e76xlv%2BakH891lXDzMkxEsRaTmbmsHr0FgXoU2wtOoB"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
64caea46bb084db8-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control
private
Content-Length
203
Content-Type
text/html; charset=utf-8
Date
Sun, 09 May 2021 12:26:15 GMT
Location
http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=Axg+wHWg9SvK/p9LrQ7SqowNcVHFXMgsKAOkKW56mu8Ttyu9E+TQtg==; domain=.click-connect.com; path=/; SameSite=None; secure; HttpOnly trk=Xg8fiSg6IofK/p9LrQ7SqowNcVHFXMgsKAOkKW56mu8Ttyu9E+TQtg==; domain=.click-connect.com; expires=Sat, 09-May-2026 05:26:15 GMT; path=/; SameSite=None; secure; HttpOnly c591=Axg+wHWg9StAgetSb0w2jG0HNqnheo5B1dRmcft0FB+rLz5g0fmFzQ==; domain=.click-connect.com; expires=Tue, 08-Jun-2021 12:26:15 GMT; path=/; SameSite=None; secure; HttpOnly
Connection
close
main.css
safedates.net/saferdates/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safedates.net/saferdates/css/main.css
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0df0c161298c417b0d9b9b62cd8bf71d6d424609217953a599c6fe8181cce0be

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1781
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09f2b0c13d00004db88b129000000001
Last-Modified
Thu, 20 Jul 2017 21:27:15 GMT
Server
cloudflare
ETag
W/"320970-67bd-554c6699c354c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GzoXkv8Rbt5T%2BfSqDrDM7RUtb14HglbCLLepN03bW1jT7DRlDvW0xMkRddn9zEXmi6R0TbjLB6800kn800reTS5ikm8%2Bg53Q7%2Bf4MfMexSGB3FqjDnayUMKq"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
64caea486f9a4db8-FRA
animation_css.css
safedates.net/saferdates/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safedates.net/saferdates/css/animation_css.css
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
144af2c42e72d595a6afb42917a30c47e00f2401bbfefb7fbc17b8ecb60bc5a0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1781
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09f2b0c1430000175293005000000001
Last-Modified
Thu, 20 Jul 2017 21:27:15 GMT
Server
cloudflare
ETag
W/"32096e-c35-554c669951128"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qE4reXVyWN7s6bk8unil8Xk272Ky1fe755tzVdzBLmZrWXAACxCVl2Tlyu%2BFqauWyX%2Fru6a%2Bk2ruR1jda5qEf3RifX3OZz8SeiBPf3BnM3yRUgThej8%2BQwsZ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
64caea486a191752-FRA
/
ndwhvl.com/newuser/ Frame 118F
Redirect Chain
  • http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
  • https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
  • https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1
610 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
1d2b81f35750ad7e257fc35aaa22236496b08741db996e18e15da9c6fca6d5d1

Request headers

:method
GET
:authority
ndwhvl.com
:scheme
https
:path
/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://safedates.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://safedates.net/

Response headers

date
Sun, 09 May 2021 12:26:16 GMT
content-type
text/html; charset=UTF-8
x-cache-status
NOTCACHED
x-zen-fury
d3e4b48195cf4aaaae6b6795a08b4eed5aa730da
cache-control
no-store
pragma
no-cache
set-cookie
PHPSESSID=2638677ae96fa0978981346582c4b186; path=/; secure; SameSite=None
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cdn
Served-By-Zenedge
content-encoding
gzip
x-request-id
e9ddf9b0c7e053083e9acbdc7b5f803d
vary
Accept-Encoding
x-varnish
1190659
age
0
via
1.1 varnish (Varnish/6.3)
section-io-cache
Miss
accept-ranges
bytes
section-io-id
eea93e94d0d642056226e6a89f0d33df

Redirect headers

date
Sun, 09 May 2021 12:26:16 GMT
content-type
text/html; charset=UTF-8
x-cache-status
NOTCACHED
x-zen-fury
d3e4b48195cf4aaaae6b6795a08b4eed5aa730da
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=55f147c3a060b022d4eb06d24e6d45be; path=/; secure; SameSite=None
location
https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
ZENEDGE
x-cdn
Served-By-Zenedge
x-via
1.1 PS-SJC-01Blr173:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:9 (Cdn Cache Server V2.0)
x-ws-request-id
6097d4e7_PSdgflkfFRA1bc9_10775-18512
main.jpg
safedates.net/saferdates/images/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://safedates.net/saferdates/images/main.jpg
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
56a08d433fb4fa8b5f2a517149b27afc14da1bff906460c7ae0e237539d012ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://safedates.net/saferdates/css/main.css
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safedates.net/saferdates/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:15 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1781
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
70656
cf-request-id
09f2b0c158000017529825d000000001
Last-Modified
Thu, 20 Jul 2017 21:27:29 GMT
Server
cloudflare
ETag
"32099c-11400-554c66a6ea4cf"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3FskRkb64q%2BAdx34e7U5RLhVwh9PsZxgCbAfQfxT42zNW1w6QuoL8XFp0xDCezVIG%2FKa6Mi6tMA64y2VqxiTfqJtBkpsXUHLp%2BilvXncdvvEy3Zn2mdBRbxe"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
64caea488a4b1752-FRA
img_rpt.png
safedates.net/saferdates/images/ 		930 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://safedates.net/saferdates/images/img_rpt.png
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5fae34eb72e3fade21c15159235ca42f890cf7842892412d868c612735e13cfe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://safedates.net/saferdates/css/main.css
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safedates.net/saferdates/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:15 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1781
X-Powered-By
PleskLin
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
930
cf-request-id
09f2b0c15800004db8c4884000000001
Last-Modified
Thu, 20 Jul 2017 21:27:28 GMT
Server
cloudflare
ETag
"32099a-3a2-554c66a6467b2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BFaAIgRbsRHDkSGM48tyJOSknjABKqkjW849F8542v80DN%2BgwNhxQFOix6u9g3EMMOjgb0Y4%2Fe5uF3XoObphqY3HOdpNgd6The40O1WesxEadcYoyq%2BxpnaN"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
64caea488ffb4db8-FRA
oswald_book-webfont.woff2
safedates.net/saferdates/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/saferdates/fonts/oswald_book-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4ba3f42c44ad44c55b4fd6d9e34fe9a2a25f550a8c53f1ed6d76a97af6d26843

Request headers

Pragma
no-cache
Origin
http://safedates.net
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safedates.net/saferdates/css/main.css
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Origin
http://safedates.net
Referer
http://safedates.net/saferdates/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:16 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09f2b0c15f0000d6e519a9a000000001
Last-Modified
Thu, 20 Jul 2017 21:27:26 GMT
Server
cloudflare
ETag
W/"320994-5350-554c66a47c39b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tO%2BcYoS4d2LZ8VoOZSfhVvvVjucWaBLsmt6sWo3NEF2tMVbtlGf1ad%2FqEJXU0GIbKq%2FO9VOCUDAtz4U29TvaWjGEMcPaVmzvb74rEcK53EaO62fGB93VsGAT"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain
Cache-Control
max-age=14400
CF-RAY
64caea489f2ed6e5-FRA
opensans-bold-webfont.woff2
safedates.net/saferdates/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/saferdates/fonts/opensans-bold-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
440037c1f1d101173021fecf3894478fdc075bd9e3f44f63d2fbb000d8d5bd69

Request headers

Pragma
no-cache
Origin
http://safedates.net
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safedates.net/saferdates/css/main.css
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Origin
http://safedates.net
Referer
http://safedates.net/saferdates/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:16 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09f2b0c16200004e497e97a000000001
Last-Modified
Thu, 20 Jul 2017 21:27:19 GMT
Server
cloudflare
ETag
W/"32097b-4c18-554c669d258c7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mGqEd1vwT8bnfRivKCTquUX7yMBCMn0xOACT%2FgMWnP1Cw2j5g0d%2BgFXAdkoGnpoF%2F%2FE0mx10vVd7QADSydOI4YYaKvkUet7V8ZtQhoJm7NJR9uJaLzTRHcBs"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain
Cache-Control
max-age=14400
CF-RAY
64caea48994f4e49-FRA
oswald-bold-webfont.woff2
safedates.net/saferdates/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/saferdates/fonts/oswald-bold-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f2019770e2c666be7ca0bf0599aa2d9e6604ec1d74a64118d6b557c1c7bdf1e0

Request headers

Pragma
no-cache
Origin
http://safedates.net
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safedates.net/saferdates/css/main.css
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Origin
http://safedates.net
Referer
http://safedates.net/saferdates/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:16 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09f2b0c15f00004a9dee061000000001
Last-Modified
Thu, 20 Jul 2017 21:27:25 GMT
Server
cloudflare
ETag
W/"32098f-47d0-554c66a2f133f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fCA7wNgVfPfI8TU4nmQuljuYjyDkLllmBuBSS9lCXOWh9%2BQOFX%2F0ZhaPigEwYgD1NH4DE5b8XG%2F8p1b0w6U3n4D5PiQk1EKQWwMGKZS7clRMpQ5wM4XNg9e9"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain
Cache-Control
max-age=14400
CF-RAY
64caea489c924a9d-FRA
opensans-regular-webfont.woff2
safedates.net/saferdates/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://safedates.net/saferdates/fonts/opensans-regular-webfont.woff2
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/css/main.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
27bce382dc57da3b801dac7bd4778b48c5c9ee0704642a63186cd2072e4f5ec2

Request headers

Pragma
no-cache
Origin
http://safedates.net
Accept-Encoding
gzip, deflate
Host
safedates.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safedates.net/saferdates/css/main.css
Cookie
__cfduid=d6b92664a157ec9ff42f4c461398653d71620563175
Connection
keep-alive
Cache-Control
no-cache
Origin
http://safedates.net
Referer
http://safedates.net/saferdates/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 12:26:16 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09f2b0c16000003240ac8d8000000001
Last-Modified
Thu, 20 Jul 2017 21:27:22 GMT
Server
cloudflare
ETag
W/"320985-494c-554c66a032ce0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KddxIs6LEpw%2B5p7%2BCOFXTtYcvoHbPpNfHMwGxsm3aiv9i5QXo%2BH%2FRzSHlhR8zmGyBigMdoVwwFa3tlTTGR3q%2FFA5o3yWi%2F4Vo8SJ96%2BPvxXm9BmRCvvgRFJJ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain
Cache-Control
max-age=14400
CF-RAY
64caea4898ec3240-FRA
f.js
ndwhvl.com/__zenedge/assets/ Frame 118F 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/__zenedge/assets/f.js?v=1541158593
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
64ef86f970680e7322c71974fe2e9bd9a1da71f4d02578a60d9d883ceebb5af0

Request headers

Referer
https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:16 GMT
content-encoding
gzip
section-io-cache-id
b2b0731b66b9b7dfc3760562b1c3724d
age
12270
section-io-cache
Hit
content-length
7741
x-request-id
0399a45e48deee98ff0064bab56150f2
x-zen-fury
d3e4b48195cf4aaaae6b6795a08b4eed5aa730da
last-modified
Fri, 02 Nov 2018 11:37:21 GMT
etag
"5bdc36f1-59e1"
vary
Accept-Encoding
x-varnish
3404356 2152202
via
1.1 varnish (Varnish/6.3)
section-io-id
f747f94503834a9212d8320b0e9abdfb
accept-ranges
bytes
content-type
application/javascript
/
ndwhvl.com/newuser/ Frame 118F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Requested by
Host: safedates.net
URL: http://safedates.net/saferdates/?x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
7041f2c34ab36c148d3667429b1c5a8d153f10d8888b7d79d6f3c352c7d6692b

Request headers

:method
GET
:authority
ndwhvl.com
:scheme
https
:path
/newuser/?SID=2638677ae96fa0978981346582c4b186
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=2638677ae96fa0978981346582c4b186
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ndwhvl.com/newuser/?ofid=18&a_aid=9e2722ab&a_bid=23c378e9&x_r=32537250&x_o=591&x_a=8457&x_c=010lpzz&sitekey=810b0a167f84ca09&rtr=1

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-type
text/html; charset=UTF-8
x-cache-status
NOTCACHED
x-zen-fury
bcc31b918833b164fcbc380a34ced70c2b8e6997
cache-control
no-store
pragma
no-cache
set-cookie
PHPSESSID=2638677ae96fa0978981346582c4b186; path=/; secure; SameSite=None
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cdn
Served-By-Zenedge
content-encoding
gzip
x-request-id
576964205aae868e12f747783b3da64b
vary
Accept-Encoding
x-varnish
4279526
age
0
via
1.1 varnish (Varnish/6.3)
section-io-cache
Miss
accept-ranges
bytes
section-io-id
12218ada587f0002c0af1cbfaeb27285
/
geoip.registersafely.com/ Frame 118F 		385 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.registersafely.com/?v=1
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.177 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress3
Software
/
Resource Hash
d98f2c8f95c70eef3c5f6b3c994ae82b03141f88870275ee6f636bad3a5381e9

Request headers

Referer
https://ndwhvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
x-cdn
Served-By-Zenedge
age
0
x-cache-status
NOTCACHED
section-io-cache
Miss
content-length
171
via
1.1 varnish (Varnish/6.3)
x-request-id
8f5e05aa6ec9e20df36c9d3ddcef7bc1
x-zen-fury
bcc31b918833b164fcbc380a34ced70c2b8e6997
vary
Accept-Encoding
x-varnish
3948002
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
section-io-id
334143c6f93ff026406d8cd5233d7acb
accept-ranges
bytes
content-type
application/javascript
expires
0
sl_red.css
ndwhvl.com/common_tpls/compact/css/ Frame 118F 		129 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/common_tpls/compact/css/sl_red.css
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
c72a1fad67245b26ca6054a791f4ef6380aa13671fde82ecfc170a5934d91bda

Request headers

Referer
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
section-io-cache-id
fced0f6cbc57ad55285a6f09deb6727a
x-cdn
Served-By-Zenedge
age
4949
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
27113
x-request-id
ddf55ae9c2b50e89acadcf369f21a0b5
x-zen-fury
d3e4b48195cf4aaaae6b6795a08b4eed5aa730da
last-modified
Tue, 16 Jun 2020 16:45:06 GMT
etag
W/"5ee8f712-203c8"
vary
Accept-Encoding
x-varnish
4507706 3794232
via
1.1 varnish (Varnish/6.3)
section-io-id
1970477fdcab2f966793869c1b100bde
accept-ranges
bytes
content-type
text/css
jquery-3.4.1.min.js
code.jquery.com/ Frame 118F 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
https://ndwhvl.com
Referer
https://ndwhvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1620563177.dop056.fr8.t,1620563177.cds210.fr8.hn,1620563177.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ Frame 118F 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FEA) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://ndwhvl.com
Referer
https://ndwhvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19046807
x-cache
HIT
content-length
12247
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (frc/8FEA)
etag
"194598e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
ndwhvl.com/common_tpls/js/ Frame 118F 		977 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00

Request headers

Referer
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
section-io-cache-id
13275bb04c0b42318193bed2f288f044
x-cdn
Served-By-Zenedge
age
12265
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
525
x-request-id
88ff24c19e432a50e537510c0dfc9e52
x-zen-fury
bcc31b918833b164fcbc380a34ced70c2b8e6997
last-modified
Tue, 19 Jan 2021 00:12:19 GMT
etag
"600623e3-3d1"
vary
Accept-Encoding
x-varnish
4272479 2751465
via
1.1 varnish (Varnish/6.3)
section-io-id
b721119a9ef8e9e956f29261ee03e3e5
accept-ranges
bytes
content-type
application/javascript
validate_form_v2.js
ndwhvl.com/common_tpls/js/ Frame 118F 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/common_tpls/js/validate_form_v2.js?jsv=17
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
71619b1a61ef77a86e5eea4a0416d9735dbfa9b668f77db09a26b7397d521b1f

Request headers

Referer
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
section-io-cache-id
037be77e9f8f9ce4a49313306be16e0f
x-cdn
Served-By-Zenedge
age
12269
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
5543
x-request-id
a8b35abec5c3f071a67d9d7fc736c151
x-zen-fury
8af8c284a97e93fe874d0a0c29fd74a37cc80936
last-modified
Mon, 26 Apr 2021 15:55:30 GMT
etag
"6086e272-5509"
vary
Accept-Encoding
x-varnish
3600527 2875127
via
1.1 varnish (Varnish/6.3)
section-io-id
b44c633ec7378e5db5e0a2678bff7171
accept-ranges
bytes
content-type
application/javascript
ajax-loader.gif
ndwhvl.com/common_tpls/images/ Frame 118F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndwhvl.com/common_tpls/images/ajax-loader.gif
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

Referer
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
via
1.1 varnish (Varnish/6.3)
section-io-cache-id
fe609f960baf9258ae32b299ef1a1684
x-cdn
Served-By-Zenedge
age
20558
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
3208
x-request-id
5d12fac6c6bc4a69504586810d6c7c93
x-zen-fury
d3e4b48195cf4aaaae6b6795a08b4eed5aa730da
last-modified
Mon, 07 Oct 2013 22:49:23 GMT
etag
"52533a73-c88"
x-varnish
4830935 3499559
section-io-id
f5f7363cd3f2d98adfe11fa19e921298
accept-ranges
bytes
content-type
image/gif
css
fonts.googleapis.com/ Frame 118F 		366 B
390 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Baumans
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3487d9596f0520ecee5be9985592e7889bc2210f42dbb4dd4f9f57ce77bd17a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ndwhvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 May 2021 12:26:17 GMT
server
ESF
date
Sun, 09 May 2021 12:26:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 May 2021 12:26:17 GMT
iframeResizer.contentWindow.min.js
ndwhvl.com/common_tpls/js/ Frame 118F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

Referer
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
section-io-cache-id
309b47d17aa023f0847d84882c656620
x-cdn
Served-By-Zenedge
age
12264
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
5094
x-request-id
a70a1cb0ef8a63ca6662e1dfa682ff7e
x-zen-fury
8af8c284a97e93fe874d0a0c29fd74a37cc80936
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
etag
W/"5ee8f716-3445"
vary
Accept-Encoding
x-varnish
4272486 3611204
via
1.1 varnish (Varnish/6.3)
section-io-id
0501ef31b49ad31ceb3fb12e3a5675b2
accept-ranges
bytes
content-type
application/javascript
f.js
ndwhvl.com/__zenedge/assets/ Frame 118F 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/__zenedge/assets/f.js?v=1541158593
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
64ef86f970680e7322c71974fe2e9bd9a1da71f4d02578a60d9d883ceebb5af0

Request headers

Referer
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
content-encoding
gzip
section-io-cache-id
b2b0731b66b9b7dfc3760562b1c3724d
age
12271
section-io-cache
Hit
content-length
7741
x-request-id
0399a45e48deee98ff0064bab56150f2
x-zen-fury
d3e4b48195cf4aaaae6b6795a08b4eed5aa730da
last-modified
Fri, 02 Nov 2018 11:37:21 GMT
etag
"5bdc36f1-59e1"
vary
Accept-Encoding
x-varnish
4272490 2152202
via
1.1 varnish (Varnish/6.3)
section-io-id
70958de8ab44bbb5702c6d9dfaaba4ba
accept-ranges
bytes
content-type
application/javascript
ga.js
ssl.google-analytics.com/ Frame 118F 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ndwhvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1274
date
Sun, 09 May 2021 12:05:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 09 May 2021 14:05:03 GMT
btn_sl_red.png
ndwhvl.com/common_tpls/images/ Frame 118F 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndwhvl.com/common_tpls/images/btn_sl_red.png
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/common_tpls/compact/css/sl_red.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
d5807c22b7bac89fa4ed3751249428fa639af039680b33a433d6e6ecc73f164d

Request headers

Referer
https://ndwhvl.com/common_tpls/compact/css/sl_red.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:26:17 GMT
via
1.1 varnish (Varnish/6.3)
section-io-cache-id
e92dab1a016edb8d34ffa8b0671124a5
x-cdn
Served-By-Zenedge
age
13942
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
27733
x-request-id
797ae41829fd06fd40e6c6f6ced00cd1
x-zen-fury
8af8c284a97e93fe874d0a0c29fd74a37cc80936
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
etag
"5ee8f716-6c55"
x-varnish
2471976 4108624
section-io-id
9771d83954b2b4c1cd9d637eba9f0457
accept-ranges
bytes
content-type
image/png
-W_-XJj9QyTd3Qfpd_04aw.woff2
fonts.gstatic.com/s/baumans/v10/ Frame 118F 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baumans/v10/-W_-XJj9QyTd3Qfpd_04aw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baumans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e37fc8d0667d560c75c82baadd95ca33d5e95b04191bba2df6864ec6b43cd834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ndwhvl.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 05:06:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:40:51 GMT
server
sffe
age
285561
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18924
x-xss-protection
0
expires
Fri, 06 May 2022 05:06:56 GMT
glyphicons-halflings-regular.woff2
ndwhvl.com/common_tpls/common/fonts/ Frame 118F 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/common_tpls/compact/css/sl_red.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin
https://ndwhvl.com
Referer
https://ndwhvl.com/common_tpls/compact/css/sl_red.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
d3e4b48195cf4aaaae6b6795a08b4eed5aa730da
date
Sun, 09 May 2021 12:26:18 GMT
via
1.1 varnish (Varnish/6.3)
last-modified
Tue, 16 Jun 2020 16:45:05 GMT
x-cdn
Served-By-Zenedge
age
0
etag
"5ee8f711-466c"
x-cache-status
NOTCACHED
content-type
application/octet-stream
x-varnish
4955403
content-length
18028
accept-ranges
bytes
section-io-id
6735c9fda03b26a477e9ba6e16c7bc7b
section-io-cache
Miss
x-request-id
757c08b41a4a0484674d1c853dc08426
f
ndwhvl.com/__zenedge/ Frame 118F 		25 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ndwhvl.com/__zenedge/f
Requested by
Host: ndwhvl.com
URL: https://ndwhvl.com/__zenedge/assets/f.js?v=1541158593
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.86.225 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress4
Software
/
Resource Hash
905cfd18d8a2167f26f7b434370397a5ba426278b47b7e53e0bab4fb52707db4

Request headers

Referer
https://ndwhvl.com/newuser/?SID=2638677ae96fa0978981346582c4b186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-zen-fury
8af8c284a97e93fe874d0a0c29fd74a37cc80936
date
Sun, 09 May 2021 12:26:19 GMT
via
1.1 varnish (Varnish/6.3)
content-type
image/png
x-cdn
Served-By-Zenedge
age
0
accept-ranges
bytes
x-varnish
4768045
cache-control
no-store
section-io-id
b3323eac9413ca28c23fc3139307aa85
section-io-cache
Miss
content-length
25
x-request-id
fd7ef5c1058ecbd577f7f60d3bb17593

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
ndwhvl.com/ Name: PHPSESSID
Value: 2638677ae96fa0978981346582c4b186
.safedates.net/ Name: __cfduid
Value: d6b92664a157ec9ff42f4c461398653d71620563175

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e2722ab.registersafely.com
ajax.aspnetcdn.com
click-connect.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
geoip.registersafely.com
ndwhvl.com
safedates.net
ssl.google-analytics.com
trkcntrl.com
147.75.86.225
147.75.87.177
152.199.19.160
163.171.128.172
2001:4de0:ac18::1:a:3a
2606:4700:3035::6815:4bfe
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
34.233.254.70
54.235.28.141
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0df0c161298c417b0d9b9b62cd8bf71d6d424609217953a599c6fe8181cce0be
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
144af2c42e72d595a6afb42917a30c47e00f2401bbfefb7fbc17b8ecb60bc5a0
1d2b81f35750ad7e257fc35aaa22236496b08741db996e18e15da9c6fca6d5d1
27bce382dc57da3b801dac7bd4778b48c5c9ee0704642a63186cd2072e4f5ec2
440037c1f1d101173021fecf3894478fdc075bd9e3f44f63d2fbb000d8d5bd69
4ba3f42c44ad44c55b4fd6d9e34fe9a2a25f550a8c53f1ed6d76a97af6d26843
56a08d433fb4fa8b5f2a517149b27afc14da1bff906460c7ae0e237539d012ac
5fae34eb72e3fade21c15159235ca42f890cf7842892412d868c612735e13cfe
64ef86f970680e7322c71974fe2e9bd9a1da71f4d02578a60d9d883ceebb5af0
7041f2c34ab36c148d3667429b1c5a8d153f10d8888b7d79d6f3c352c7d6692b
71619b1a61ef77a86e5eea4a0416d9735dbfa9b668f77db09a26b7397d521b1f
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
905cfd18d8a2167f26f7b434370397a5ba426278b47b7e53e0bab4fb52707db4
c72a1fad67245b26ca6054a791f4ef6380aa13671fde82ecfc170a5934d91bda
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
d3487d9596f0520ecee5be9985592e7889bc2210f42dbb4dd4f9f57ce77bd17a
d5807c22b7bac89fa4ed3751249428fa639af039680b33a433d6e6ecc73f164d
d98f2c8f95c70eef3c5f6b3c994ae82b03141f88870275ee6f636bad3a5381e9
dbf053ba0fd0b5e5af251c01adf3dbde9addecf6e97910c07c8161427a9db272
e37fc8d0667d560c75c82baadd95ca33d5e95b04191bba2df6864ec6b43cd834
f2019770e2c666be7ca0bf0599aa2d9e6604ec1d74a64118d6b557c1c7bdf1e0
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c