friendr.fr Open in urlscan Pro
195.201.246.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://goo.gl/abFC43#bWFyY3RvbmdsZXQlNDBob3RtYWlsLmNvbQ==
Effective URL:
https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Submission: On March 21 via api (March 21st 2020, 5:12:11 pm UTC) from BE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 6 countries across 16 domains to perform 32 HTTP transactions. The main IP is 195.201.246.85, located in Germany and belongs to HETZNER-AS, DE. The main domain is friendr.fr.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 30th 2020. Valid for: 3 months.

This is the only time friendr.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	46.249.48.11 46.249.48.11	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	2606:4700:303... 2606:4700:3035::681b:bcc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	208.94.65.205 208.94.65.205	36529 (AXXA-RACKCO) (AXXA-RACKCO)
1 1	18.184.87.113 18.184.87.113	16509 (AMAZON-02) (AMAZON-02)
1 1	35.158.23.224 35.158.23.224	16509 (AMAZON-02) (AMAZON-02)
1 1	18.203.50.62 18.203.50.62	16509 (AMAZON-02) (AMAZON-02)
1 3	2a05:d018:244... 2a05:d018:244:5200::ab	16509 (AMAZON-02) (AMAZON-02)
1 1	212.32.249.98 212.32.249.98	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2606:4700:303... 2606:4700:3034::681c:9ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.195.149.11 18.195.149.11	16509 (AMAZON-02) (AMAZON-02)
18	195.201.246.85 195.201.246.85	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.109.72.20 2.109.72.20	3292 (TDC TDC A/S) (TDC TDC A/S)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
32	7

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

goo.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.48.11 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: amsdemo-web01.rackco.com

leenadigsya.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::681b:bcc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clickrouteright.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.94.65.205 (Toronto, Canada) 2 redirects

ASN36529 (AXXA-RACKCO, US)

datiofinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.87.113 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-87-113.eu-central-1.compute.amazonaws.com

fbdate.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.23.224 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-23-224.eu-central-1.compute.amazonaws.com

www.meetdate.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.50.62 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-50-62.eu-west-1.compute.amazonaws.com

spdate.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:244:5200::ab (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

www.yourluckyoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.volumtrk4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.249.98 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

track.backtoblack.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::681c:9ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

delivery.bb2021.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.149.11 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com

xdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 195.201.246.85 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85.246.201.195.clients.your-server.de

friendr.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.109.72.20 (Ostbirk, Denmark)

ASN3292 (TDC TDC A/S, DK)
PTR: horen.lustflirter.com

lustflirter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	friendr.fr friendr.fr	291 KB
5	lustflirter.com lustflirter.com	65 KB
4	gstatic.com fonts.gstatic.com	58 KB
2	bb2021.info 1 redirects delivery.bb2021.info	2 KB
2	volumtrk4.com www.volumtrk4.com	598 B
2	datiofinder.com 2 redirects datiofinder.com	1 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	xdom.net 1 redirects xdom.net	823 B
1	backtoblack.xyz 1 redirects track.backtoblack.xyz	216 B
1	yourluckyoffer.com 1 redirects www.yourluckyoffer.com	1019 B
1	spdate.club 1 redirects spdate.club	759 B
1	meetdate.xyz 1 redirects www.meetdate.xyz	864 B
1	fbdate.me 1 redirects fbdate.me	1 KB
1	clickrouteright.com 1 redirects clickrouteright.com	1 KB
1	leenadigsya.us leenadigsya.us	921 B
1	goo.gl 1 redirects goo.gl	573 B
32	16

	Domain	Requested by
18	friendr.fr	delivery.bb2021.info friendr.fr
5	lustflirter.com	friendr.fr
4	fonts.gstatic.com	friendr.fr
2	delivery.bb2021.info	1 redirects www.volumtrk4.com
2	www.volumtrk4.com	leenadigsya.us www.volumtrk4.com
2	datiofinder.com	2 redirects
1	cdn.onesignal.com	friendr.fr
1	xdom.net	1 redirects
1	track.backtoblack.xyz	1 redirects
1	www.yourluckyoffer.com	1 redirects
1	spdate.club	1 redirects
1	www.meetdate.xyz	1 redirects
1	fbdate.me	1 redirects
1	clickrouteright.com	1 redirects
1	leenadigsya.us
1	goo.gl	1 redirects
32	16

This site contains no links.

Subject Issuer	Validity	Valid
*.volumtrk4.com Let's Encrypt Authority X3	`2020-03-03` - `2020-06-01`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-15` - `2020-10-09`	8 months	crt.sh
friendr.fr Let's Encrypt Authority X3	`2020-01-30` - `2020-04-29`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-03-20` - `2020-09-26`	6 months	crt.sh
www.lustflirter.com Let's Encrypt Authority X3	`2020-03-03` - `2020-06-01`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Frame ID: 8B589E904B55AFE257C2BD17D0301600
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://goo.gl/abFC43 HTTP 302
http://leenadigsya.us/?&dvtyjwag Page URL
http://clickrouteright.com/start_send2.php?&affid=1004?&dvtyjwag&email=marctonglet@hotmail.com HTTP 302
http://datiofinder.com/?offerid=1007&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587 HTTP 302
http://datiofinder.com/?offerid=151&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587 HTTP 302
https://fbdate.me/tds/cpa?tdsId=p6279zol_r&tds_campaign=p6279zol&utm_source=int&utm_campaign=f... HTTP 302
https://www.meetdate.xyz/c/72942d6b800e37ad?s1=70_f97a64ef_nt&s2=f97a64ef&s3=r0299lav&s4=1004&s5=f894... HTTP 302
https://spdate.club/?a=699&c=3922&s5=184260&s2=cvtqw5e764ad5a2b52415019155 HTTP 302
https://www.yourluckyoffer.com/c/d4f399c154270ea6?aff_click_id=189788626&s1=184260&s2=699 HTTP 302
https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=... Page URL
https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=... Page URL
https://track.backtoblack.xyz/click?pid=9583&offer_id=3899&l=1576147639&sub1=lfsqg5e764ad64541e367068053&s... HTTP 302
https://delivery.bb2021.info/44319?subaffiliate_id=9583&session_id=5e764ad60046390001f80e1d HTTP 302
https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublis... Page URL
https://xdom.net/75e2abba-f1e8-4908-8157-34950d85d8bf?publisher_id=5994&LP=26&clickID=px15848... HTTP 302
https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994 Page URL

Page Statistics

32
Requests

97 %
HTTPS

40 %
IPv6

16
Domains

16
Subdomains

7
IPs

6
Countries

419 kB
Transfer

719 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goo.gl/abFC43 HTTP 302
http://leenadigsya.us/?&dvtyjwag Page URL
http://clickrouteright.com/start_send2.php?&affid=1004?&dvtyjwag&email=marctonglet@hotmail.com HTTP 302
http://datiofinder.com/?offerid=1007&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587 HTTP 302
http://datiofinder.com/?offerid=151&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587 HTTP 302
https://fbdate.me/tds/cpa?tdsId=p6279zol_r&tds_campaign=p6279zol&utm_source=int&utm_campaign=f97a64ef&utm_content=1004&data2=CFqNVEof&utm_sub=opnfnl&m=ps HTTP 302
https://www.meetdate.xyz/c/72942d6b800e37ad?s1=70_f97a64ef_nt&s2=f97a64ef&s3=r0299lav&s4=1004&s5=f8947ff32d67900ba4b1f8a5c19057787315dd59&s6=CFqNVEof&dci=9884eb9961c54bd34fac49eb95465389612cdb45&tds_host=fbdate.me&tds_split=b&tds_campaign=r0299lav&tds_id=r0299lav_lp_b_563192001659_adsbridge&tds_oid=905e31bc82cf7f62_&tds_cid=f8947ff32d67900ba4b1f8a5c19057787315dd59&tdsId=r0299lav_lp_b_563192001659_adsbridge&utm_source=int&utm_campaign=f97a64ef&utm_content=1004&data2=CFqNVEof&utm_sub=opnfnl&m=ps&p_tds_cid=9ebac583693d9ec8c1f5aeb0af3b9ed0551ba1e1&tds_reason=direct HTTP 302
https://spdate.club/?a=699&c=3922&s5=184260&s2=cvtqw5e764ad5a2b52415019155 HTTP 302
https://www.yourluckyoffer.com/c/d4f399c154270ea6?aff_click_id=189788626&s1=184260&s2=699 HTTP 302
https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp Page URL
https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_final Page URL
https://track.backtoblack.xyz/click?pid=9583&offer_id=3899&l=1576147639&sub1=lfsqg5e764ad64541e367068053&sub2=184260 HTTP 302
https://delivery.bb2021.info/44319?subaffiliate_id=9583&session_id=5e764ad60046390001f80e1d HTTP 302
https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1 Page URL
https://xdom.net/75e2abba-f1e8-4908-8157-34950d85d8bf?publisher_id=5994&LP=26&clickID=px15848107116be185e764ad711932063669874 HTTP 302
https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://goo.gl/abFC43 HTTP 302
http://leenadigsya.us/?&dvtyjwag

Request Chain 1

http://clickrouteright.com/start_send2.php?&affid=1004?&dvtyjwag&email=marctonglet@hotmail.com HTTP 302
http://datiofinder.com/?offerid=1007&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587 HTTP 302
http://datiofinder.com/?offerid=151&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587 HTTP 302
https://fbdate.me/tds/cpa?tdsId=p6279zol_r&tds_campaign=p6279zol&utm_source=int&utm_campaign=f97a64ef&utm_content=1004&data2=CFqNVEof&utm_sub=opnfnl&m=ps HTTP 302
https://www.meetdate.xyz/c/72942d6b800e37ad?s1=70_f97a64ef_nt&s2=f97a64ef&s3=r0299lav&s4=1004&s5=f8947ff32d67900ba4b1f8a5c19057787315dd59&s6=CFqNVEof&dci=9884eb9961c54bd34fac49eb95465389612cdb45&tds_host=fbdate.me&tds_split=b&tds_campaign=r0299lav&tds_id=r0299lav_lp_b_563192001659_adsbridge&tds_oid=905e31bc82cf7f62_&tds_cid=f8947ff32d67900ba4b1f8a5c19057787315dd59&tdsId=r0299lav_lp_b_563192001659_adsbridge&utm_source=int&utm_campaign=f97a64ef&utm_content=1004&data2=CFqNVEof&utm_sub=opnfnl&m=ps&p_tds_cid=9ebac583693d9ec8c1f5aeb0af3b9ed0551ba1e1&tds_reason=direct HTTP 302
https://spdate.club/?a=699&c=3922&s5=184260&s2=cvtqw5e764ad5a2b52415019155 HTTP 302
https://www.yourluckyoffer.com/c/d4f399c154270ea6?aff_click_id=189788626&s1=184260&s2=699 HTTP 302
https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp

Request Chain 3

https://track.backtoblack.xyz/click?pid=9583&offer_id=3899&l=1576147639&sub1=lfsqg5e764ad64541e367068053&sub2=184260 HTTP 302
https://delivery.bb2021.info/44319?subaffiliate_id=9583&session_id=5e764ad60046390001f80e1d HTTP 302
https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
leenadigsya.us/
Redirect Chain

https://goo.gl/abFC43
http://leenadigsya.us/?&dvtyjwag

691 B
921 B

306ms
287ms

Document
text/html

46.249.48.11
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leenadigsya.us/?&dvtyjwag
Protocol: HTTP/1.1
Server: 46.249.48.11 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: amsdemo-web01.rackco.com
Software: nginx / PHP/5.4.16 PleskLin
Resource Hash: 850d8bc405e79b264035208f0f832feeb0fb75212ebf9d257b6eaddd9901e5a6

Request headers

Host: leenadigsya.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Server: nginx
Date: Sat, 21 Mar 2020 17:11:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16 PleskLin
MS-Author-Via: DAV

Redirect headers

status: 302
content-type: application/binary
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 21 Mar 2020 17:11:46 GMT
location: http://leenadigsya.us/?&dvtyjwag
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-dN0/eHjbfI3tV8RQUofCBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-dN0/eHjbfI3tV8RQUofCBg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2

200

index Show response
www.volumtrk4.com/redirect/
Redirect Chain

http://clickrouteright.com/start_send2.php?&affid=1004?&dvtyjwag&email=marctonglet@hotmail.com
http://datiofinder.com/?offerid=1007&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587
http://datiofinder.com/?offerid=151&repid=1004&sub1=&sub5=marctonglet@hotmail.com&dcc=1938587
https://fbdate.me/tds/cpa?tdsId=p6279zol_r&tds_campaign=p6279zol&utm_source=int&utm_campaign=f97a64ef&utm_content=1004&data2=CFqNVEof&utm_sub=opnfnl&m=ps
https://www.meetdate.xyz/c/72942d6b800e37ad?s1=70_f97a64ef_nt&s2=f97a64ef&s3=r0299lav&s4=1004&s5=f8947ff32d67900ba4b1f8a5c19057787315dd59&s6=CFqNVEof&dci=9884eb9961c54bd34fac49eb95465389612cdb45&td...
https://spdate.club/?a=699&c=3922&s5=184260&s2=cvtqw5e764ad5a2b52415019155
https://www.yourluckyoffer.com/c/d4f399c154270ea6?aff_click_id=189788626&s1=184260&s2=699
https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2M...

295 B
370 B

127ms
38ms

Document
text/html

2a05:d018:244:5200::ab
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp
Requested by: Host: leenadigsya.us
URL: http://leenadigsya.us/?&dvtyjwag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a8aadff4741085de5ed0a289472526b9f68934d8e80595895c2cdf09e0bd3cd4

Request headers

:method: GET
:authority: www.volumtrk4.com
:scheme: https
:path: /redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://leenadigsya.us/?&dvtyjwag
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://leenadigsya.us/?&dvtyjwag#bWFyY3RvbmdsZXQlNDBob3RtYWlsLmNvbQ==

Response headers

status: 200
server: nginx
date: Sat, 21 Mar 2020 17:11:50 GMT
content-type: text/html; charset=UTF-8
content-length: 295

Redirect headers

status: 302 302 Found
server: nginx
date: Sat, 21 Mar 2020 17:11:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp
set-cookie: unique_2727515=unique_2727515; expires=Sun, 22-Mar-2020 17:11:50 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e764ad645422521797449; expires=Sun, 22-Mar-2020 17:11:50 GMT; Max-Age=86400; path=/; HttpOnly unique_2727515=unique_2727515; expires=Sun, 22-Mar-2020 17:11:50 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e764ad645422521797449; expires=Sun, 22-Mar-2020 17:11:50 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=509927; expires=Mon, 20-Apr-2020 17:11:50 GMT; Max-Age=2592000; path=/; HttpOnly unique_2727515=unique_2727515; expires=Sun, 22-Mar-2020 17:11:50 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e764ad645422521797449; expires=Sun, 22-Mar-2020 17:11:50 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=509927; expires=Mon, 20-Apr-2020 17:11:50 GMT; Max-Age=2592000; path=/; HttpOnly tid=lfsqg5e764ad64541e367068053; path=/; HttpOnly

GET
H2 200 index
www.volumtrk4.com/redirect/ 154 B
228 B 36ms
35ms Document
text/html 2a05:d018:244:5200::ab
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_final
Requested by: Host: www.volumtrk4.com
URL: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: www.volumtrk4.com
:scheme: https
:path: /redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_final
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_tmp

Response headers

status: 200
server: nginx
date: Sat, 21 Mar 2020 17:11:50 GMT
content-type: text/html; charset=UTF-8
content-length: 154

GET
H2

200

r Show response
delivery.bb2021.info/
Redirect Chain

https://track.backtoblack.xyz/click?pid=9583&offer_id=3899&l=1576147639&sub1=lfsqg5e764ad64541e367068053&sub2=184260
https://delivery.bb2021.info/44319?subaffiliate_id=9583&session_id=5e764ad60046390001f80e1d
https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2...

964 B
714 B

173ms
173ms

Document
text/html

2606:4700:3034::681c:9ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1
Requested by: Host: www.volumtrk4.com
URL: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_final
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:9ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.11.1
Resource Hash: 7fff88a1ea55da52f1af4fc6943f82bcc1b6e1a8ddeb1ab3b9690326a5ae8a1f

Request headers

:method: GET
:authority: delivery.bb2021.info
:scheme: https
:path: /r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_final
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d350e7ab399132a6d22f3a5ec0e1009641584810710; 51D_Bandwidth=1584810711.0172; ubbc=eyJpdiI6IlJkdTd1RUxFK2x0SDlQbHJrWWV4aFE9PSIsInZhbHVlIjoiQzRUTm5jb05uMjFUNVdqUXE3a1l1Zz09IiwibWFjIjoiOWY0YTk1NDc0NTIyMDQzNzQyMTkzNmM3MmI5NTdkOGJiOTAyNzcwZTczOTYwOTcxNWRjNDdmNWMyYjA5ZjNiNCJ9; bbuc=eyJpdiI6InoxUkt3M2lTMG85ZmxUYTd0T3Y4WGc9PSIsInZhbHVlIjoiemFQVUNLa2NLdUE5ZENydWJhc3BJSit1Mk5YYnA4VGs0aEt5anE3ZmFxWT0iLCJtYWMiOiI3MDVlM2VjMzUzNTUyMmY4ODBmMjc3MGMwYTU2Yzc0Mjg5MjMzNDY3N2UxMDZiMjExNjYwMzlhODBjOGIwZDMzIn0%3D; bbrc=eyJpdiI6ImhsQW53b2NGYktoN2J1bHUrOE81VWc9PSIsInZhbHVlIjoiWWV4ZGZSY3NSR05oNExtK0RoYnIxQT09IiwibWFjIjoiZDMzMGQ5MjcyMzNjZDc4Y2ZjOGZlNjUzYzg0ZmViZmEyZDhkYTkwYmFkN2RkNTdmNGI3Mzg0NWRjZWU0ZmJkNyJ9; laravel_session=eyJpdiI6ImJESHVqV01HZVNIK0ZubDZMNklaV0E9PSIsInZhbHVlIjoibVY1NVJGSlZLNWtCazl1WmttNDY0N3l6VTVRcDBvMys2ZHBjQVFCY2xxTFkzeCt4bTBYcmRnRDd6WHA1K0d3cmU3TWpSS3R1NEJrVTJNUGlmbXdScnc9PSIsIm1hYyI6ImM1ZmE4ZGJkYjc2OTA2Mjg0ZDAyNjk0ZDZkNzEzNDkzMWU1NjUyOGYyYjQ5ZTkxYjc4YWZkMTZkMDQ4MzcwZjIifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://www.volumtrk4.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cudm9sdW10cms0LmNvbQ%3D%3D&data=aHR0cHM6Ly90cmFjay5iYWNrdG9ibGFjay54eXovY2xpY2s%2FcGlkPTk1ODMmb2ZmZXJfaWQ9Mzg5OSZsPTE1NzYxNDc2Mzkmc3ViMT1sZnNxZzVlNzY0YWQ2NDU0MWUzNjcwNjgwNTMmc3ViMj0xODQyNjA%3D&action=action_final

Response headers

status: 200
date: Sat, 21 Mar 2020 17:11:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: laravel_session=eyJpdiI6IlpKTzdoNXlBSUlicXVidkNCeTNGSnc9PSIsInZhbHVlIjoiQ1VhM0Jmb2Z2WVNQWHZkbVpOcjVsbDcwU3A3R0NwNEhBM0M4SllPMFM1a2lLS1BKK3Q2TGg4NzF0eXhWNjFwSVZoMGMrczg0UElBMVhhUXI3WFNvdmc9PSIsIm1hYyI6IjBhNzRlNjlkN2NjNTk4ZjFiZDNkNTYzNTRkNjM3OGEzNGIwMTQ1M2ExYTU4NDUyZTAzM2FkNDQxYzVkZjZkNzYifQ%3D%3D; path=/; httponly
x-powered-by: HHVM/3.11.1
vary: Accept-Encoding
cache-control: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57794b608cb7d711-FRA
content-encoding: br

Redirect headers

status: 302
date: Sat, 21 Mar 2020 17:11:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d350e7ab399132a6d22f3a5ec0e1009641584810710; expires=Mon, 20-Apr-20 17:11:50 GMT; path=/; domain=.bb2021.info; HttpOnly; SameSite=Lax 51D_Bandwidth=1584810711.0172 ubbc=eyJpdiI6IlJkdTd1RUxFK2x0SDlQbHJrWWV4aFE9PSIsInZhbHVlIjoiQzRUTm5jb05uMjFUNVdqUXE3a1l1Zz09IiwibWFjIjoiOWY0YTk1NDc0NTIyMDQzNzQyMTkzNmM3MmI5NTdkOGJiOTAyNzcwZTczOTYwOTcxNWRjNDdmNWMyYjA5ZjNiNCJ9; expires=Sun, 22-Mar-2020 17:11:51 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6InoxUkt3M2lTMG85ZmxUYTd0T3Y4WGc9PSIsInZhbHVlIjoiemFQVUNLa2NLdUE5ZENydWJhc3BJSit1Mk5YYnA4VGs0aEt5anE3ZmFxWT0iLCJtYWMiOiI3MDVlM2VjMzUzNTUyMmY4ODBmMjc3MGMwYTU2Yzc0Mjg5MjMzNDY3N2UxMDZiMjExNjYwMzlhODBjOGIwZDMzIn0%3D; expires=Sun, 22-Mar-2020 17:11:51 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6ImhsQW53b2NGYktoN2J1bHUrOE81VWc9PSIsInZhbHVlIjoiWWV4ZGZSY3NSR05oNExtK0RoYnIxQT09IiwibWFjIjoiZDMzMGQ5MjcyMzNjZDc4Y2ZjOGZlNjUzYzg0ZmViZmEyZDhkYTkwYmFkN2RkNTdmNGI3Mzg0NWRjZWU0ZmJkNyJ9; expires=Sun, 22-Mar-2020 00:11:51 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6ImJESHVqV01HZVNIK0ZubDZMNklaV0E9PSIsInZhbHVlIjoibVY1NVJGSlZLNWtCazl1WmttNDY0N3l6VTVRcDBvMys2ZHBjQVFCY2xxTFkzeCt4bTBYcmRnRDd6WHA1K0d3cmU3TWpSS3R1NEJrVTJNUGlmbXdScnc9PSIsIm1hYyI6ImM1ZmE4ZGJkYjc2OTA2Mjg0ZDAyNjk0ZDZkNzEzNDkzMWU1NjUyOGYyYjQ5ZTkxYjc4YWZkMTZkMDQ4MzcwZjIifQ%3D%3D; path=/; httponly
location: https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1
cache-control: no-cache
vary: Accept-Encoding
x-powered-by: HHVM/3.11.1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57794b5dfcd0d711-FRA

GET
H/1.1

200
OK

Primary Request / Show response
friendr.fr/bb/go26/
Redirect Chain

https://xdom.net/75e2abba-f1e8-4908-8157-34950d85d8bf?publisher_id=5994&LP=26&clickID=px15848107116be185e764ad711932063669874
https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

49 KB
12 KB

517ms
228ms

Document
text/html

195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Requested by

Host: delivery.bb2021.info
URL: https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

7977d07acbbf796b3b662d176278d8f23bb771ce14b1bc0c542cc22153925092

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Host: friendr.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://delivery.bb2021.info/r?url=https%3A%2F%2Fxdom.net%2F75e2abba-f1e8-4908-8157-34950d85d8bf%3Fpublisher_id%3D5994%26LP%3D26%26clickID%3Dpx15848107116be185e764ad711932063669874&redirect_back=%2F%2Fdelivery.bb2021.info%2F44319%2F%3Fsubaffiliate_id%3D9583%26session_id%3D5e764ad60046390001f80e1d%26tt%3D1

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Server: Apache/2.4.25 (Debian)
Strict-Transport-Security: max-age=0
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12101
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Server: nginx
Date: Sat, 21 Mar 2020 17:11:52 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Pragma: no-cache
Set-Cookie: 75e2abba-f1e8-4908-8157-34950d85d8bf-v4=75e2abba-f1e8-4908-8157-34950d85d8bf; Max-Age=86400; Expires=Sun, 22-Mar-2020 17:11:52 GMT; Domain=xdom.net; Path=/; Secure; HttpOnly;SameSite=None cc-v4=WJgKEk76UHycA%2F%2FSo%2Be83oKoIUWReyTvoxrAPHJkWC5jISodl68Lzx2QqC%2FXcjdfj%2Fs8pogrKBAuQ9Si6DFOOJklZ4n%2Fczys7jHoEMwzlDYNPP%2F8NWbuREHoO41sqUddvxZvdPOM9MZ8JDUptMZJFw%3D%3D; Max-Age=31536000; Expires=Sun, 21-Mar-2021 17:11:52 GMT; Domain=xdom.net; Path=/; Secure; HttpOnly;SameSite=None

GET
H/1.1 200
OK css__jW_gEVTgCbMu1Vjj88_ScIxj4Ob257WiR8Wsd6LCi7E__aJxONxxUlk.css
friendr.fr/bb/go26/Dateien/ 51 KB
10 KB 39ms
37ms Stylesheet
text/css 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/css__jW_gEVTgCbMu1Vjj88_ScIxj4Ob257WiR8Wsd6LCi7E__aJxONxxUlk.css

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

866f0620f02643b91e8e8488eee18092a393a0df85556598f11fefdbca94736e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Feb 2018 08:41:55 GMT
Server: Apache/2.4.25 (Debian)
ETag: "cde2-564af624fbac0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 10249

GET
H/1.1 200
OK js_thhFjX8xlcWsDNOhd3nGVetfFnqaK6ppC1x8AhNDEk0.js Show response
friendr.fr/bb/go26/Dateien/ 112 KB
39 KB 148ms
79ms Script
application/javascript 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/js_thhFjX8xlcWsDNOhd3nGVetfFnqaK6ppC1x8AhNDEk0.js

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

b618458d7f3195c5ac0cd3a17779c655eb5f167a9a2baa690b5c7c021343124d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "1bf54-5649eb54ebd40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 39937

GET
H/1.1 200
OK steps.js Show response
friendr.fr/ 145 KB
48 KB 157ms
88ms Script
application/javascript 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/steps.js

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

568980a1f76d95fb93a5c740c28998e35f9651814cbcea5817ba66286b5eb855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2017 10:32:46 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2436a-560c31aad2f80-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 48582

GET
H/1.1 200
OK style5.css
friendr.fr/bb/go26/ 13 KB
3 KB 79ms
35ms Stylesheet
text/css 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/style5.css

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

467ab541c0ea2ece07273668b55ec2a77370ea6021ac4e7dcd4d2ec987592ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 21:51:58 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3342-564a64de8bb80-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3190

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 41ms
22ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 21 Mar 2020 17:11:52 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 89
etag: W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 57794b6a8f2c974e-FRA
expires: Sun, 22 Mar 2020 05:11:52 GMT

GET
H/1.1 200
OK casualdating-logo-65x45-grey.png
friendr.fr/bb/go26/Dateien/ 2 KB
3 KB 115ms
34ms Image
image/png 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friendr.fr/bb/go26/Dateien/casualdating-logo-65x45-grey.png

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

bcd62c5119d99b017a1e47fcf7c4b3ca70504af5a2402d8ba413c2d74dbb31da

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Last-Modified: Thu, 08 Feb 2018 08:35:09 GMT
Server: Apache/2.4.25 (Debian)
ETag: "974-564af4a1ca940"
Strict-Transport-Security: max-age=0
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2420

GET
H/1.1 200
OK male.svg
friendr.fr/bb/go26/Dateien/ 967 B
1 KB 261ms
261ms Image
image/svg+xml 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friendr.fr/bb/go26/Dateien/male.svg

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

3015e5053ed5a3a3a709915beb424bf50ff53183ac2555f31b1a5be6efb5a79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3c7-5649eb54ebd40"
Strict-Transport-Security: max-age=0
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 967

GET
H/1.1 200
OK female.svg
friendr.fr/bb/go26/Dateien/ 1006 B
1 KB 34ms
33ms Image
image/svg+xml 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friendr.fr/bb/go26/Dateien/female.svg

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

c06a94c46db28082312e9ad966268b5ecef67b2f7241c6e4400e03e5e19f0e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3ee-5649eb54ebd40"
Strict-Transport-Security: max-age=0
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1006

GET
H/1.1 200
OK css.css
friendr.fr/bb/go26/Dateien/ 8 KB
1 KB 53ms
34ms Stylesheet
text/css 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/css.css

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

47424009c4091830c0d13779a2ebe95650942cd250dbdc1fd6cfaf072c1f3dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "1fd7-5649eb54ebd40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1044

GET
H/1.1 200
OK js__dKUmbMB-pxJEKhnIk8wJTkd5-kgAEPnC3q9kn0r7S6M__3wXn65MfNHfN.js Show response
friendr.fr/bb/go26/Dateien/ 8 KB
4 KB 263ms
262ms Script
application/javascript 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/js__dKUmbMB-pxJEKhnIk8wJTkd5-kgAEPnC3q9kn0r7S6M__3wXn65MfNHfN.js

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

96d0e47b682f0474e25ca818f79a0672dd87651a5a43bfcf1be684784dc30f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2077-5649eb54ebd40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3516

GET
H/1.1 200
OK js__ujc7SdJwrFUtcsvYccV36JCGuTybx3Q66rR8HN7ZXy8__XxcVnD87UtRs.js Show response
friendr.fr/bb/go26/Dateien/ 9 KB
3 KB 749ms
749ms Script
application/javascript 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/js__ujc7SdJwrFUtcsvYccV36JCGuTybx3Q66rR8HN7ZXy8__XxcVnD87UtRs.js

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

370cfe69b798db0d259e81e42c176f89380d4d6da3aad3f3f1f7b8bdd739aaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2473-5649eb54ebd40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3195

GET
H/1.1 200
OK js__8g5FVgdHwI0z5VqwvnuzJyx01tNCuR10otj5Ob_jlSw__FHB9rN0X69N6.js Show response
friendr.fr/bb/go26/Dateien/ 8 KB
3 KB 34ms
34ms Script
application/javascript 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/js__8g5FVgdHwI0z5VqwvnuzJyx01tNCuR10otj5Ob_jlSw__FHB9rN0X69N6.js

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

cbb2427034a46765e5caedf20671f4be598baa2cea568a7e39115f8cfd64109a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "1fdc-5649eb54ebd40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3004

GET
H/1.1 200
OK js__0n5aUrYhXZauAfY3aYjZTs2dEgLjA8Cv-ZL2ptc3u7k__7GvLxdauoe1L.js Show response
friendr.fr/bb/go26/Dateien/ 12 KB
6 KB 261ms
261ms Script
application/javascript 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/js__0n5aUrYhXZauAfY3aYjZTs2dEgLjA8Cv-ZL2ptc3u7k__7GvLxdauoe1L.js

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

067da61b4a281beafc376035cbba1695d3c1a5278285eca15db475643c313afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 12:48:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "313f-5649eb54ebd40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 5567

GET
H/1.1 200
OK js__-qdSQhukFFzu61rju6xmycLaeP4XzUJa9F0koHpisw8__9dJiVtIUn3_F.js Show response
friendr.fr/bb/go26/Dateien/ 20 KB
6 KB 133ms
35ms Script
application/javascript 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friendr.fr/bb/go26/Dateien/js__-qdSQhukFFzu61rju6xmycLaeP4XzUJa9F0koHpisw8__9dJiVtIUn3_F.js

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

c6db475e682dc0d0e1b09d5c502e18de5e814edb1a0ba880f775d9fc1a4557c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2018 18:52:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "50c5-564a3ca4c5400-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 5658

GET
H/1.1 200
OK LP.jpg
friendr.fr/bb/go26/Dateien/ 98 KB
98 KB 59ms
33ms Image
image/jpeg 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friendr.fr/bb/go26/Dateien/LP.jpg

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

af7a74d1f63fe810712a9a2e73fa3d2027bc9da93a5844c2041a143836ca0d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Last-Modified: Tue, 25 Apr 2017 13:50:38 GMT
Server: Apache/2.4.25 (Debian)
ETag: "188b7-54dfe023ae780"
Strict-Transport-Security: max-age=0
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 100535

GET
H/1.1 200
OK /
friendr.fr/bb/go26/ 49 KB
49 KB 230ms
230ms Image
text/html 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Strict-Transport-Security: max-age=0
Keep-Alive: timeout=5
Content-Length: 12099

GET
H/1.1 200
OK headline-shine.png
friendr.fr/g/Dateien/ 935 B
1 KB 96ms
33ms Image
image/png 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friendr.fr/g/Dateien/headline-shine.png

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

be40546572577e2c885ab5001418333a81cf69684c792281062c8eb148457abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/Dateien/css__jW_gEVTgCbMu1Vjj88_ScIxj4Ob257WiR8Wsd6LCi7E__aJxONxxUlk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:52 GMT
Last-Modified: Wed, 07 Feb 2018 13:18:05 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3a7-5649f201e7d40"
Strict-Transport-Security: max-age=0
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 935

GET
H/1.1 200
OK 6
lustflirter.com/profile-image/blanka_92/ 13 KB
14 KB 766ms
132ms Image
image/webp 2.109.72.20
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lustflirter.com/profile-image/blanka_92/6
Requested by: Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.20 Ostbirk, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: horen.lustflirter.com
Software: nginx /
Resource Hash: 2a81ecb3cdfb759ef90406cf24cf48a3c022b74a6bbddca6c56face6d5eed228

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Last-Modified: Sat, 21 Mar 2020 17:11:53 GMT
Server: nginx
Content-Type: image/webp
Cache-Control: public, must-revalidate, max-age=3600
Content-Disposition: filename=65797_main_230x300.webp
Connection: keep-alive
Content-Length: 13500
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 6
lustflirter.com/profile-image/zayda/ 14 KB
14 KB 748ms
98ms Image
image/webp 2.109.72.20
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lustflirter.com/profile-image/zayda/6
Requested by: Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.20 Ostbirk, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: horen.lustflirter.com
Software: nginx /
Resource Hash: 4cb60ca32844214321f897d570c89a5ab0b95ea8ecf32408dbcbf68a28306f4e

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Last-Modified: Sat, 21 Mar 2020 17:10:53 GMT
Server: nginx
Content-Type: image/webp
Cache-Control: public, must-revalidate, max-age=3600
Content-Disposition: filename=67136_main_230x300.webp
Connection: keep-alive
Content-Length: 13840
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 6
lustflirter.com/profile-image/JessicaAS/ 9 KB
9 KB 1297ms
548ms Image
image/webp 2.109.72.20
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lustflirter.com/profile-image/JessicaAS/6
Requested by: Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.20 Ostbirk, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: horen.lustflirter.com
Software: nginx /
Resource Hash: fc912006fd56219a63729b193ac7281f30180b78819ca5afd526c78fff9fbef4

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:54 GMT
Last-Modified: Fri, 20 Mar 2020 19:46:22 GMT
Server: nginx
Content-Type: image/webp
Cache-Control: public, must-revalidate, max-age=3600
Content-Disposition: filename=46588_main_230x300.webp
Connection: keep-alive
Content-Length: 9288
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 6
lustflirter.com/profile-image/evgeniah/ 16 KB
16 KB 988ms
219ms Image
image/webp 2.109.72.20
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lustflirter.com/profile-image/evgeniah/6
Requested by: Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.20 Ostbirk, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: horen.lustflirter.com
Software: nginx /
Resource Hash: 72161f7d9ad59f5def5ebd9b223b515832d21426a4e9320e50e791c3e9af3f6e

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Last-Modified: Sat, 21 Mar 2020 17:11:53 GMT
Server: nginx
Content-Type: image/webp
Cache-Control: public, must-revalidate, max-age=3600
Content-Disposition: filename=64675_main_230x300.webp
Connection: keep-alive
Content-Length: 16282
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 6
lustflirter.com/profile-image/ohara/ 12 KB
12 KB 1085ms
96ms Image
image/webp 2.109.72.20
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lustflirter.com/profile-image/ohara/6
Requested by: Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.20 Ostbirk, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: horen.lustflirter.com
Software: nginx /
Resource Hash: 44fed35a4c2e265cc8d67012d414ae765eff467eee1b48046ef02acef2fdcc45

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Last-Modified: Sat, 21 Mar 2020 03:35:01 GMT
Server: nginx
Content-Type: image/webp
Cache-Control: public, must-revalidate, max-age=3600
Content-Disposition: filename=62371_main_230x300.webp
Connection: keep-alive
Content-Length: 11856
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 iU65JP9acQHPDLkdalCF7iJccsb45t3MJKcv5BJtrIs.woff2
fonts.gstatic.com/s/juliussansone/v6/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/juliussansone/v6/iU65JP9acQHPDLkdalCF7iJccsb45t3MJKcv5BJtrIs.woff2

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c22668e0fe6fc981b503985365a132949c036ab34b51c9b034515d5334752ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friendr.fr/bb/go26/Dateien/css.css
Origin: https://friendr.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 20:18:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 21:44:49 GMT
server: sffe
age: 2235225
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15876
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:18:07 GMT

GET
H2 200 MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friendr.fr/bb/go26/Dateien/css.css
Origin: https://friendr.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 07:07:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
server: sffe
age: 1332257
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14544
x-xss-protection: 0
expires: Sat, 06 Mar 2021 07:07:35 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friendr.fr/bb/go26/Dateien/css.css
Origin: https://friendr.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 03:45:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:45 GMT
server: sffe
age: 1430772
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14048
x-xss-protection: 0
expires: Fri, 05 Mar 2021 03:45:40 GMT

GET
H2 200 DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friendr.fr/bb/go26/Dateien/css.css
Origin: https://friendr.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 02:46:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
server: sffe
age: 2211931
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14564
x-xss-protection: 0
expires: Wed, 24 Feb 2021 02:46:21 GMT

GET
H/1.1 404
Not Found cross.svg
friendr.fr/bb/go26/Dateien/images/ 273 B
273 B 35ms
34ms Image
text/html 195.201.246.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friendr.fr/bb/go26/Dateien/images/cross.svg

Requested by

Host: friendr.fr
URL: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.246.85 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85.246.201.195.clients.your-server.de

Software

Apache/2.4.25 (Debian) /

Resource Hash

86757b2327c10ac0fbb50b199d3c745c04a803e9eacaabd7e6f15885c073c2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 21 Mar 2020 17:11:53 GMT
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 273
Strict-Transport-Security: max-age=0
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			friendr.fr/	1969-12-31 23:59:59	Name: has_js Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://friendr.fr/steps.js(Line 2) Message: jQuery.Deferred exception: initIpxRegAPI is not defined ReferenceError: initIpxRegAPI is not defined at HTMLDocument.<anonymous> (https://friendr.fr/bb/go26/?cid=wn7b65cfk5aqahpt1doaogpe&publisher_id=5994:621:6) at j (https://friendr.fr/steps.js:2:29999) at k (https://friendr.fr/steps.js:2:30313) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
clickrouteright.com
datiofinder.com
delivery.bb2021.info
fbdate.me
fonts.gstatic.com
friendr.fr
goo.gl
leenadigsya.us
lustflirter.com
spdate.club
track.backtoblack.xyz
www.meetdate.xyz
www.volumtrk4.com
www.yourluckyoffer.com
xdom.net
18.184.87.113
18.195.149.11
18.203.50.62
195.201.246.85
2.109.72.20
208.94.65.205
212.32.249.98
2606:4700:3034::681c:9ee
2606:4700:3035::681b:bcc2
2606:4700::6812:e134
2a00:1450:4001:814::2003
2a00:1450:4001:815::200e
2a05:d018:244:5200::ab
35.158.23.224
46.249.48.11
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
067da61b4a281beafc376035cbba1695d3c1a5278285eca15db475643c313afc
2a81ecb3cdfb759ef90406cf24cf48a3c022b74a6bbddca6c56face6d5eed228
3015e5053ed5a3a3a709915beb424bf50ff53183ac2555f31b1a5be6efb5a79a
370cfe69b798db0d259e81e42c176f89380d4d6da3aad3f3f1f7b8bdd739aaf9
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
44fed35a4c2e265cc8d67012d414ae765eff467eee1b48046ef02acef2fdcc45
467ab541c0ea2ece07273668b55ec2a77370ea6021ac4e7dcd4d2ec987592ab6
47424009c4091830c0d13779a2ebe95650942cd250dbdc1fd6cfaf072c1f3dd2
4cb60ca32844214321f897d570c89a5ab0b95ea8ecf32408dbcbf68a28306f4e
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
568980a1f76d95fb93a5c740c28998e35f9651814cbcea5817ba66286b5eb855
72161f7d9ad59f5def5ebd9b223b515832d21426a4e9320e50e791c3e9af3f6e
7977d07acbbf796b3b662d176278d8f23bb771ce14b1bc0c542cc22153925092
7fff88a1ea55da52f1af4fc6943f82bcc1b6e1a8ddeb1ab3b9690326a5ae8a1f
850d8bc405e79b264035208f0f832feeb0fb75212ebf9d257b6eaddd9901e5a6
866f0620f02643b91e8e8488eee18092a393a0df85556598f11fefdbca94736e
86757b2327c10ac0fbb50b199d3c745c04a803e9eacaabd7e6f15885c073c2f1
96d0e47b682f0474e25ca818f79a0672dd87651a5a43bfcf1be684784dc30f8b
a8aadff4741085de5ed0a289472526b9f68934d8e80595895c2cdf09e0bd3cd4
af7a74d1f63fe810712a9a2e73fa3d2027bc9da93a5844c2041a143836ca0d53
b618458d7f3195c5ac0cd3a17779c655eb5f167a9a2baa690b5c7c021343124d
bcd62c5119d99b017a1e47fcf7c4b3ca70504af5a2402d8ba413c2d74dbb31da
be40546572577e2c885ab5001418333a81cf69684c792281062c8eb148457abb
c06a94c46db28082312e9ad966268b5ecef67b2f7241c6e4400e03e5e19f0e7d
c22668e0fe6fc981b503985365a132949c036ab34b51c9b034515d5334752ce5
c6db475e682dc0d0e1b09d5c502e18de5e814edb1a0ba880f775d9fc1a4557c2
cbb2427034a46765e5caedf20671f4be598baa2cea568a7e39115f8cfd64109a
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc912006fd56219a63729b193ac7281f30180b78819ca5afd526c78fff9fbef4

friendr.fr Open in urlscan Pro 195.201.246.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

32 Requests

97 %HTTPS

40 %IPv6

16 Domains

16 Subdomains

7 IPs

6 Countries

419 kBTransfer

719 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

friendr.fr Open in urlscan Pro
195.201.246.85 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

40 %
IPv6

16
Domains

16
Subdomains

7
IPs

6
Countries

419 kB
Transfer

719 kB
Size

1
Cookies

32 HTTP transactions
0 data transactions