urlscan.io logo urlscan.io
SecurityTrails logo

her-cupid.com Open in urlscan Pro
5.161.57.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track.encommerce.com/click?trcd=tc3342913385_33878404
Effective URL: https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Submission: On January 18 via api from LU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 5.161.57.190, located in Middle River, United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is her-cupid.com.
TLS certificate: Issued by R3 on January 10th 2022. Valid for: 3 months.
This is the only time her-cupid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 78.140.142.148 35415 (WEBZILLA)
1 1 216.119.156.49 32780 (HOSTINGSE...)
8 5.161.57.190 213230 (HETZNER-C...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
18 6
1    78.140.142.148 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1d2-20-d7655-148.webazilla.com
track.encommerce.com
1    216.119.156.49 (Atlanta, United States)

ASN32780 (HOSTINGSERVICES-INC, US)
PTR: 216.119.156.49.static.midphase.com
funkydaters.com
8    5.161.57.190 (Middle River, United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.190.57.161.5.clients.your-server.de
her-cupid.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3036::ac43:a647 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjam.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700:3032::6815:45ac (United States)

ASN13335 (CLOUDFLARENET, US)
app.api-push.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 her-cupid.com
her-cupid.com
329 KB
3 gstatic.com
fonts.gstatic.com
52 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 293
32 KB
2 api-push.com
app.api-push.com
1 KB
2 cdnjam.com
cdnjam.com — Cisco Umbrella Rank: 348072
13 KB
1 funkydaters.com
funkydaters.com
562 B
1 encommerce.com
track.encommerce.com
274 B
18 7
Domain Requested by
8 her-cupid.com her-cupid.com
ajax.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
2 app.api-push.com cdnjam.com
2 cdnjam.com her-cupid.com
cdnjam.com
2 fonts.googleapis.com her-cupid.com
1 ajax.googleapis.com her-cupid.com
1 funkydaters.com 1 redirects
1 track.encommerce.com 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
her-cupid.com
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-18 -
2023-01-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Frame ID: 5493D67C732B6D9456374CEFF6F2F100
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LPFind you true love here!

Page URL History Show full URLs

  1. https://track.encommerce.com/click?trcd=tc3342913385_33878404 HTTP 302
    https://funkydaters.com/HwAA?prid=tc3342913385_53846783&usid=2172&email=jackalston2000@gmail.com HTTP 302
    https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

427 kB
Transfer

523 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track.encommerce.com/click?trcd=tc3342913385_33878404 HTTP 302
    https://funkydaters.com/HwAA?prid=tc3342913385_53846783&usid=2172&email=jackalston2000@gmail.com HTTP 302
    https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 10063
her-cupid.com/BAAA/
Redirect Chain
  • https://track.encommerce.com/click?trcd=tc3342913385_33878404
  • https://funkydaters.com/HwAA?prid=tc3342913385_53846783&usid=2172&email=jackalston2000@gmail.com
  • https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
993694602996ca36cd622c475b3f5c6c1d3601ad36a96c3d9d09b086a4cfb9f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx/1.18.0 (Ubuntu)
date
Tue, 18 Jan 2022 16:29:58 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-encoding
gzip

Redirect headers

server
nginx/1.14.0 (Ubuntu)
date
Tue, 18 Jan 2022 16:29:58 GMT
content-type
text/html; charset=UTF-8
location
https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
access-control-allow-origin
*
style.css
her-cupid.com/static/BAAA/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://her-cupid.com/static/BAAA/style.css
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ae62b02ef2a9f029fe647cb691448e66048fb9f46b876285bb7b9f4df4440d59

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 18 Jan 2022 16:29:58 GMT
last-modified
Mon, 04 Mar 2019 12:10:26 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5c7d15b2-2341"
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
9025
css
fonts.googleapis.com/ 		824 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,400,700,900
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eadd0edb3d3b541d0a9d268881996796f0b387119fe0bcca24b62621a3063c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 16:29:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 18 Jan 2022 16:29:58 GMT
css
fonts.googleapis.com/ 		193 B
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:700
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e976a9da3666eaf0d89e8b00338c66c38eace0deba7ea2c06640241461da31a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 16:29:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 18 Jan 2022 16:29:58 GMT
push.min.js
cdnjam.com/cdn/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjam.com/cdn/push.min.js
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c33356f6d53d6946b3b03cd78f2be92f421a8424e68b5e53aa8f18c3c98b2cff
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 18 Jan 2022 16:29:58 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5899
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
16A547F08D914F3C
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 09:21:29 GMT
server
cloudflare
etag
W/"c23e3bd30f8197e3ee3456900f31f71d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FXD2bikFOyfBCcRw13MDcE6y0AFRcUjfcOBndL4UniuF9Iz7EdoYg9jFfN0ehp%2B2mlQBX%2B7%2BwgwBeH2qbR5PuXYfM0Izx%2FQ8drbMNGfQAPseJTFPmxxdZLwsyTqjsQTF3EKTej%2FoBMX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
content-security-policy
block-all-mixed-content
cf-ray
6cf9348a69865b92-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Sun, 16 Jan 2022 15:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Jan 2023 15:15:36 GMT
get-keys
app.api-push.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.api-push.com/get-keys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:45ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-referer
Origin
https://her-cupid.com
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Sec-Fetch-Mode
cors

Response headers

date
Tue, 18 Jan 2022 16:29:58 GMT
vary
Origin
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type,x-referer
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch3k%2BKWybDb5mOFO7C9qN6PC2mZrEuhcfp5uJvM0FDjiwZ4aUGPgMOikiSsM7fIseCdADiYlil0hJ6xUmt8nCu8u%2B%2BA8jJtGahM3YqNJh%2F1e%2FgOXXtoVZXP5QVDl2QGlCOgea9pxW818w5msoJdy"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cf9348b19c94aa4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
get-keys
app.api-push.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.api-push.com/get-keys
Requested by
Host: cdnjam.com
URL: https://cdnjam.com/cdn/push.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:45ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a55908718d5ef3b950cc13f9df95022f935e5ff774888772545e5c9a0e52db3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
x-referer
https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Content-Type
application/json

Response headers

date
Tue, 18 Jan 2022 16:29:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HVg0RElFkjRw5%2BWUFqPTJSkxes3VEFKilL5CcPjmRXa%2BCCOPj9MY%2FZwtx6Tm%2BtyMCCUSYTkHrVLZ3VO4cTk8XiD0Mr8naDGQ8FCaKw8msNFQ3OG9r6nGiAKL3sQHL2E24B6b%2Fe0O4JYaRKOYXYF"}],"group":"cf-nel","max_age":604800}
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
6cf9348b9ab04aa4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
user-id
her-cupid.com/ 		38 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://her-cupid.com/user-id?nbl=&impression=CsV6hmHm6wY&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FBAAA%2F10063%3Fi%3DCsV6hmHm6wY%26u%3D6907748272059116293&search=%3Fi%3DCsV6hmHm6wY%26u%3D6907748272059116293&contactExists=false
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ec84fbe75c79f2712ea6d71a37ef0ac308297729b26b1bfaffd4fed7b71c3070

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

access-control-allow-origin
*
date
Tue, 18 Jan 2022 16:29:59 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/json; charset=UTF-8
fon-black-3.jpg
her-cupid.com/static/BAAA/ 		312 KB
312 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://her-cupid.com/static/BAAA/fon-black-3.jpg
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/static/BAAA/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
49e3ca223d626e90cdd7359a48a9cb992ec54cca5cc059a8e5347b61e55fda98

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://her-cupid.com/static/BAAA/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 18 Jan 2022 16:29:58 GMT
last-modified
Wed, 26 Sep 2018 08:25:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5bab427a-4df4c"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
319308
3-1.png
her-cupid.com/static/BAAA/ 		480 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://her-cupid.com/static/BAAA/3-1.png
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/static/BAAA/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://her-cupid.com/static/BAAA/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 18 Jan 2022 16:29:58 GMT
last-modified
Wed, 26 Sep 2018 08:25:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5bab427a-1e0"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
480
3-2.png
her-cupid.com/static/BAAA/ 		535 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://her-cupid.com/static/BAAA/3-2.png
Requested by
Host: her-cupid.com
URL: https://her-cupid.com/static/BAAA/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://her-cupid.com/static/BAAA/style.css
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 18 Jan 2022 16:29:58 GMT
last-modified
Wed, 26 Sep 2018 08:25:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5bab427a-217"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
535
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXw.woff
fonts.gstatic.com/s/montserrat/v21/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXw.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
480eee43eb587e7cc3a01f6f9237f0d60ca4096eca29410057601f8038eedc9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://her-cupid.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 11 Jan 2022 20:40:32 GMT
x-content-type-options
nosniff
age
589766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15864
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 20:40:32 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff
fonts.gstatic.com/s/oswald/v40/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e0af767e6764a06ce933086f62a8a2c6ce7bbc994868720e46e6570d6f71d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://her-cupid.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Wed, 12 Jan 2022 03:09:03 GMT
x-content-type-options
nosniff
age
566455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20140
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 03:09:03 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXw.woff
fonts.gstatic.com/s/montserrat/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXw.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51ac27ca18af004621ca24706315ad2520463a88fc5245f924678fc9a7e22fa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://her-cupid.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 11 Jan 2022 20:40:32 GMT
x-content-type-options
nosniff
age
589766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16008
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 20:40:32 GMT
stats
her-cupid.com/ 		11 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://her-cupid.com/stats
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
67c4099130079a8ad34a58f7b4ada3ab8cf853d5eb39d69c3bea1478cfd4fddd

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 18 Jan 2022 16:29:59 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/json; charset=UTF-8
stats
her-cupid.com/ 		152 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://her-cupid.com/stats
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.57.190 Middle River, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.190.57.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2915aecfd0ca7a09e32738bcb4f15bcf88df4a4182cac70959b5529cfe1e5523

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 18 Jan 2022 16:29:59 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/json; charset=UTF-8
sdialog.min.css
cdnjam.com/cdn/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjam.com/cdn/sdialog.min.css?_=4
Requested by
Host: cdnjam.com
URL: https://cdnjam.com/cdn/push.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b166a734afae0dc08360d98763cada6f1a437c00daabec9b0bdbce19afcc17
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Response headers

date
Tue, 18 Jan 2022 16:30:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4614
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
16C45A1E703B7D60
x-xss-protection
1; mode=block
last-modified
Mon, 22 Nov 2021 08:00:52 GMT
server
cloudflare
etag
W/"1d16caacad4ad6c40a99319a5d183947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu%2BYgQENaL%2Bwp8TO4tpsBYsNxMllaX9CdqP%2Fue67iTIn2mKyWFtYYn4LiaJmlDHab3TgqCBva3tRS8ajx9zU%2F1GNoo2%2F4JqVY%2Bdb3w0QSKyRez1%2FNQ4hXQXV%2BsgAvt7I%2BcpulPZg%2BdIQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Origin, Accept-Encoding
cache-control
max-age=14400
content-security-policy
block-all-mixed-content
cf-ray
6cf93493ee17fb5c-DUS

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WPush function| $ function| jQuery object| Slapp function| slappGSignin function| nextStep

4 Cookies

Domain/Path Name / Value
funkydaters.com/ Name: trbarid
Value: 0437a066936bcff0f4a8d07c4c695e7a6f46485de15721884fc5307cce86f894a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A6907748272059116293%3B%7D
funkydaters.com/ Name: tbar_uc1
Value: 795dd159221c46ea30d520b2874fdd156337a05cefce5e8a16967e821fa6d20ba%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22tbar_uc1%22%3Bi%3A1%3Bs%3A32%3A%22amFja2Fsc3RvbjIwMDBAZ21haWwuY29t%22%3B%7D
her-cupid.com/ Name: userid
Value: d4fc71c4cf90557efc8cef4b6bc9912e0f85be6822a0614c8c7bf8132c09f70ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A741391359645%3B%7D
her-cupid.com/ Name: slappInfo_CsV6hmHm6wY
Value: {"nbl":null,"impression":"CsV6hmHm6wY","finishClicksCount":0,"landingConfig":{"trafficWithEmailCascadeId":true,"mainCascade":true,"backCascade":true,"secondClickCascade":false,"popsCascade":false,"popsCount":1},"showedPops":0,"uri":"https://her-cupid.com/BAAA/10063?i=CsV6hmHm6wY&u=6907748272059116293","search":"?i=CsV6hmHm6wY&u=6907748272059116293","contactExists":false,"event":"load","data":null,"luid":741391359645}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.api-push.com
cdnjam.com
fonts.googleapis.com
fonts.gstatic.com
funkydaters.com
her-cupid.com
track.encommerce.com
216.119.156.49
2606:4700:3032::6815:45ac
2606:4700:3036::ac43:a647
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
5.161.57.190
78.140.142.148
1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
2915aecfd0ca7a09e32738bcb4f15bcf88df4a4182cac70959b5529cfe1e5523
480eee43eb587e7cc3a01f6f9237f0d60ca4096eca29410057601f8038eedc9c
49e3ca223d626e90cdd7359a48a9cb992ec54cca5cc059a8e5347b61e55fda98
51ac27ca18af004621ca24706315ad2520463a88fc5245f924678fc9a7e22fa0
5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
67c4099130079a8ad34a58f7b4ada3ab8cf853d5eb39d69c3bea1478cfd4fddd
7a55908718d5ef3b950cc13f9df95022f935e5ff774888772545e5c9a0e52db3
84e0af767e6764a06ce933086f62a8a2c6ce7bbc994868720e46e6570d6f71d1
993694602996ca36cd622c475b3f5c6c1d3601ad36a96c3d9d09b086a4cfb9f5
ae62b02ef2a9f029fe647cb691448e66048fb9f46b876285bb7b9f4df4440d59
c33356f6d53d6946b3b03cd78f2be92f421a8424e68b5e53aa8f18c3c98b2cff
e6b166a734afae0dc08360d98763cada6f1a437c00daabec9b0bdbce19afcc17
e976a9da3666eaf0d89e8b00338c66c38eace0deba7ea2c06640241461da31a2
eadd0edb3d3b541d0a9d268881996796f0b387119fe0bcca24b62621a3063c59
ec84fbe75c79f2712ea6d71a37ef0ac308297729b26b1bfaffd4fed7b71c3070
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d