datingsforyou.life Open in urlscan Pro
5.101.45.7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://glicfitarever.tk/
Effective URL:
https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Submission: On June 10 via automatic, source rescanner (June 10th 2022, 4:55:58 pm UTC) — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 18 domains to perform 44 HTTP transactions. The main IP is 5.101.45.7, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is datingsforyou.life.
TLS certificate: Issued by R3 on April 28th 2022. Valid for: 3 months.

This is the only time datingsforyou.life was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:7::... 2606:4700:7::a29f:8a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.48.171.70 194.48.171.70	48314 (IP-PROJECTS) (IP-PROJECTS)
5	217.182.187.115 217.182.187.115	16276 (OVH) (OVH)
2	91.216.108.5 91.216.108.5	39077 (ASCHENDOR...) (ASCHENDORFF DE)
1	195.30.84.222 195.30.84.222	5539 (SPACENET ...) (SPACENET SpaceNET AG)
2 2	202.61.197.206 202.61.197.206	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1 2	2001:41d0:302... 2001:41d0:302:1100::91e	16276 (OVH) (OVH)
2 3	116.202.252.171 116.202.252.171	24940 (HETZNER-AS) (HETZNER-AS)
2	159.89.214.43 159.89.214.43	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.89.35.235 104.89.35.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.245.99.152 185.245.99.152	48314 (IP-PROJECTS) (IP-PROJECTS)
1	195.43.141.21 195.43.141.21	29686 (PROBENETW...) (PROBENETWORKS-AS)
2	5.61.57.129 5.61.57.129	58061 (SCALAXY-AS) (SCALAXY-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:aeaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
10	5.101.45.7 5.101.45.7	209813 (FASTCONTENT) (FASTCONTENT)
44	15

9 2606:4700:7::a29f:8a55 (United States)

ASN13335 (CLOUDFLARENET, US)

glicfitarever.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.48.171.70 (Germany) 2 redirects

ASN48314 (IP-PROJECTS, DE)
PTR: sv-l-096.fra.wp-projects.net

www.dorstenerzeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.182.187.115 (France)

ASN16276 (OVH, FR)

old.dorstenerzeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
old.ruhrnachrichten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
old.halternerzeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.216.108.5 (Germany)

ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE)
PTR: www.wn.de

static.wn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.30.84.222 (Munich, Germany)

ASN5539 (SPACENET SpaceNET AG, DE)
PTR: cp222.sp-server.net

derspoekenkieker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.61.197.206 (Austria) 2 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v2202107149351157859.powersrv.de

www.ruhrnachrichten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:302:1100::91e (France) 1 redirects

ASN16276 (OVH, FR)

helftdenmainzelmaennchen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.helftdenmainzelmaennchen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.252.171 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dedi6171.your-server.de

die-glocke.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.die-glocke.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.214.43 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

www.muensterschezeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.wn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.35.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-35-235.deploy.static.akamaitechnologies.com

media.diepresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.245.99.152 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)
PTR: sv-l-035.fra.wp-projects.net

www.halternerzeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.43.141.21 (Germany)

ASN29686 (PROBENETWORKS-AS, DE)

www.neuverlieben.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.61.57.129 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, NL)

dranmussten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aeaa (United States)

ASN13335 (CLOUDFLARENET, US)

algosit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 5.101.45.7 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

datingsforyou.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	datingsforyou.life datingsforyou.life	322 KB
9	glicfitarever.tk glicfitarever.tk	65 KB
4	ruhrnachrichten.de 2 redirects www.ruhrnachrichten.de — Cisco Umbrella Rank: 439182 old.ruhrnachrichten.de	343 KB
4	dorstenerzeitung.de 2 redirects www.dorstenerzeitung.de old.dorstenerzeitung.de	107 KB
3	gstatic.com fonts.gstatic.com	75 KB
3	die-glocke.de 2 redirects die-glocke.de — Cisco Umbrella Rank: 638535 www.die-glocke.de — Cisco Umbrella Rank: 822164	313 B
3	wn.de static.wn.de www.wn.de — Cisco Umbrella Rank: 333039	124 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	2 KB
2	dranmussten.com dranmussten.com	23 KB
2	halternerzeitung.de 1 redirects www.halternerzeitung.de old.halternerzeitung.de	84 KB
2	helftdenmainzelmaennchen.de 1 redirects helftdenmainzelmaennchen.de www.helftdenmainzelmaennchen.de	143 B
1	algosit.com algosit.com	1 KB
1	neuverlieben.com www.neuverlieben.com	23 KB
1	diepresse.com media.diepresse.com — Cisco Umbrella Rank: 495321	138 KB
1	muensterschezeitung.de www.muensterschezeitung.de
1	derspoekenkieker.de derspoekenkieker.de	489 KB
0	necessario-oszinten.info Failed necessario-oszinten.info Failed
0	monton-foleg.biz Failed monton-foleg.biz Failed
44	18

	Domain	Requested by
10	datingsforyou.life	algosit.com datingsforyou.life
9	glicfitarever.tk	glicfitarever.tk
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	glicfitarever.tk datingsforyou.life
2	dranmussten.com	glicfitarever.tk
2	www.die-glocke.de	1 redirects
2	old.ruhrnachrichten.de	glicfitarever.tk
2	www.ruhrnachrichten.de	2 redirects
2	static.wn.de	glicfitarever.tk
2	old.dorstenerzeitung.de	glicfitarever.tk
2	www.dorstenerzeitung.de	2 redirects
1	algosit.com	glicfitarever.tk
1	www.neuverlieben.com	glicfitarever.tk
1	old.halternerzeitung.de	glicfitarever.tk
1	www.halternerzeitung.de	1 redirects
1	media.diepresse.com	glicfitarever.tk
1	www.wn.de	glicfitarever.tk
1	www.muensterschezeitung.de	glicfitarever.tk
1	die-glocke.de	1 redirects
1	www.helftdenmainzelmaennchen.de	glicfitarever.tk
1	helftdenmainzelmaennchen.de	1 redirects
1	derspoekenkieker.de	glicfitarever.tk
0	necessario-oszinten.info Failed	glicfitarever.tk
0	monton-foleg.biz Failed	glicfitarever.tk
44	24

This site contains no links.

Subject Issuer	Validity	Valid
*.glicfitarever.tk E1	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.wn.de R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
www.derspoekenkieker.spoekimail.de R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
www.muensterschezeitung.de R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
www.wn.de R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
diepresse.com R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
neuverlieben.com R3	`2022-06-10` - `2022-09-08`	3 months	crt.sh
dranmussten.com R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-13` - `2023-04-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
datingsforyou.life R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Frame ID: 140AE89E72AE7CE6E142198A54994899
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zum scheissen heute Frauen aus deiner Umgebung

Page URL History Show full URLs

https://glicfitarever.tk/ Page URL
https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

77 %
HTTPS

29 %
IPv6

18
Domains

24
Subdomains

15
IPs

5
Countries

1672 kB
Transfer

1945 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://glicfitarever.tk/ Page URL
https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.dorstenerzeitung.de/bilder/martin-ritz-trainiert-aktuell-den-tus-ascheberg-das-soll-2152286m.jpg HTTP 301
https://old.dorstenerzeitung.de/bilder/martin-ritz-trainiert-aktuell-den-tus-ascheberg-das-soll-2152286m.jpg

Request Chain 5

https://www.ruhrnachrichten.de/bilder/im-kreis-warendorf-hat-die-anzahl-an-corona-infektionen-in-2148700og.jpg HTTP 301
https://old.ruhrnachrichten.de/bilder/im-kreis-warendorf-hat-die-anzahl-an-corona-infektionen-in-2148700og.jpg

Request Chain 6

https://www.dorstenerzeitung.de/bilder/die-polizei-warendorf-hat-am-wochenende-eine-illegale-2453847.jpg HTTP 301
https://old.dorstenerzeitung.de/bilder/die-polizei-warendorf-hat-am-wochenende-eine-illegale-2453847.jpg

Request Chain 7

https://helftdenmainzelmaennchen.de/images/68820756ecbdb3957ea8d2c1c9f40a15.jpg HTTP 301
https://www.helftdenmainzelmaennchen.de/

Request Chain 8

https://die-glocke.de/portalsuite/image/9f7c580d-7e76-4c0a-b626-824eac8647a0/lip_Naturland.jpg/mainMediaSize=800x0_type=image_publish=true_ HTTP 301
https://www.die-glocke.de/portalsuite/image/9f7c580d-7e76-4c0a-b626-824eac8647a0/lip_Naturland.jpg/mainMediaSize=800x0_type=image_publish=true_ HTTP 302
https://www.die-glocke.de/404-fehlerseite

Request Chain 10

https://www.ruhrnachrichten.de/bilder/die-mehr-als-1500-corona-infektionen-im-toennies-2150869.jpg HTTP 301
https://old.ruhrnachrichten.de/bilder/die-mehr-als-1500-corona-infektionen-im-toennies-2150869.jpg

Request Chain 15

https://www.halternerzeitung.de/bilder/luis-krampe-l-vom-sv-herbern-im-sprintduell-mit-einem-2150752.jpg HTTP 301
https://old.halternerzeitung.de/bilder/luis-krampe-l-vom-sv-herbern-im-sprintduell-mit-einem-2150752.jpg

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
glicfitarever.tk/ 23 KB
7 KB 245ms
140ms Document
text/html 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cdb70ee163b664761346ac5e47d9dc74f72ecaa7220643be82590cc5e306685

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=315360000
cf-cache-status: DYNAMIC
cf-ray: 7193a2ed50a96919-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Jun 2022 16:55:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 19 Aug 2021 09:37:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roVGDha6f5AFyxqXcqfexXRR7Q4nrwDbmGinu814fSuKrOs2eCw%2B3xTTcZeJw%2BkNciLv93Ia9GcwANRBFsSaqDSiL6Gd03gwmiYT9uzeLQreEENGNeAolYJsZDbAbcGcNVgTx1829l66Zkyvf5Vd"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 main.css
glicfitarever.tk/images/assets/css/ 32 KB
5 KB 75ms
74ms Stylesheet
text/css 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glicfitarever.tk/images/assets/css/main.css
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Jan 2020 18:27:06 GMT
server: cloudflare
etag: W/"5e1cb67a-7f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzRDd7K%2BeHAvqBZfX01FIIuJdvT9aMgklusUWMtz8tfM%2F0SfGc0VMs35axDU%2FZHsDslTi6QyNhXHSu%2FQxb%2ByzhBVwhW2IcfwWdDB9kMo0FLl9Qd2YqsDENN5WRrpjcoBc1Vu1xSO%2FLhY%2F2IT9gqA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7193a2ee41316919-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

martin-ritz-trainiert-aktuell-den-tus-ascheberg-das-soll-2152286m.jpg
old.dorstenerzeitung.de/bilder/
Redirect Chain

https://www.dorstenerzeitung.de/bilder/martin-ritz-trainiert-aktuell-den-tus-ascheberg-das-soll-2152286m.jpg
https://old.dorstenerzeitung.de/bilder/martin-ritz-trainiert-aktuell-den-tus-ascheberg-das-soll-2152286m.jpg

29 KB
29 KB

337ms
198ms

Image
image/jpeg

217.182.187.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://old.dorstenerzeitung.de/bilder/martin-ritz-trainiert-aktuell-den-tus-ascheberg-das-soll-2152286m.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Server: 217.182.187.115 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9032fe2983b00a836e97d15e90322af5d6305c6652fc7c6592718f363f813849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:46 GMT
content-encoding: gzip
etag: W/"-1941051693"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=864000, public
from: 15
expires: Mon, 20 Jun 2022 16:55:52 GMT

Redirect headers

location: https://old.dorstenerzeitung.de/bilder/martin-ritz-trainiert-aktuell-den-tus-ascheberg-das-soll-2152286m.jpg
date: Fri, 10 Jun 2022 16:55:45 GMT
server: LiteSpeed
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html

GET
H/1.1 503
Service Unavailable Landwirtschaftlicher-Infopfad-Rundkurs-durch-alle-Bauerschaften1_opengraph.jpg
static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2013/04/landwirtschaftlicher-infopfad-rundkurs-durch-alle-bauerschaften/36431808-1-ger-DE/ 62 B
62 B 211ms
45ms Image
text/html 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2013/04/landwirtschaftlicher-infopfad-rundkurs-durch-alle-bauerschaften/36431808-1-ger-DE/Landwirtschaftlicher-Infopfad-Rundkurs-durch-alle-Bauerschaften1_opengraph.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 9030d69eb49ea5277cf33996d1a2f0fc14dfdebfa59bad9fb251662cf547d254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store
Connection: close
Content-Length: 62

GET
H2 200 Stritter.jpg
derspoekenkieker.de/wp-content/uploads/2020/06/ 489 KB
489 KB 154ms
41ms Image
image/jpeg 195.30.84.222
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://derspoekenkieker.de/wp-content/uploads/2020/06/Stritter.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.30.84.222 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: cp222.sp-server.net
Software: LiteSpeed /
Resource Hash: 9822e153f205845e2aca5ca7a733864f5853dae91c1d80a0f5bb6c3ce43c613b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
last-modified: Tue, 02 Jun 2020 15:42:46 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 500428
expires: Fri, 17 Jun 2022 16:55:45 GMT

GET
H2

200

im-kreis-warendorf-hat-die-anzahl-an-corona-infektionen-in-2148700og.jpg
old.ruhrnachrichten.de/bilder/
Redirect Chain

https://www.ruhrnachrichten.de/bilder/im-kreis-warendorf-hat-die-anzahl-an-corona-infektionen-in-2148700og.jpg
https://old.ruhrnachrichten.de/bilder/im-kreis-warendorf-hat-die-anzahl-an-corona-infektionen-in-2148700og.jpg

304 KB
303 KB

187ms
47ms

Image
image/jpeg

217.182.187.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://old.ruhrnachrichten.de/bilder/im-kreis-warendorf-hat-die-anzahl-an-corona-infektionen-in-2148700og.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Server: 217.182.187.115 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 5288573dc7e8e4a2aff9ac57911207739a9a295e97ef9de7bcec23057cdbe3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:46 GMT
content-encoding: gzip
etag: W/"367966964"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=864000, public
from: 11
expires: Mon, 20 Jun 2022 16:54:48 GMT

Redirect headers

location: https://old.ruhrnachrichten.de/bilder/im-kreis-warendorf-hat-die-anzahl-an-corona-infektionen-in-2148700og.jpg
date: Fri, 10 Jun 2022 16:55:45 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=iso-8859-1
content-length: 406
x-proxy-cache: MISS

GET
H2

200

die-polizei-warendorf-hat-am-wochenende-eine-illegale-2453847.jpg
old.dorstenerzeitung.de/bilder/
Redirect Chain

https://www.dorstenerzeitung.de/bilder/die-polizei-warendorf-hat-am-wochenende-eine-illegale-2453847.jpg
https://old.dorstenerzeitung.de/bilder/die-polizei-warendorf-hat-am-wochenende-eine-illegale-2453847.jpg

78 KB
77 KB

290ms
151ms

Image
image/jpeg

217.182.187.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://old.dorstenerzeitung.de/bilder/die-polizei-warendorf-hat-am-wochenende-eine-illegale-2453847.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Server: 217.182.187.115 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b0fc713eebff6191293e6b9cc415d8a4b48e804fb26294be0a9b625318742578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:46 GMT
content-encoding: gzip
etag: W/"-912976473"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=864000, public
from: 10
expires: Mon, 20 Jun 2022 16:55:52 GMT

Redirect headers

location: https://old.dorstenerzeitung.de/bilder/die-polizei-warendorf-hat-am-wochenende-eine-illegale-2453847.jpg
date: Fri, 10 Jun 2022 16:55:45 GMT
server: LiteSpeed
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html

GET
H2

200

/
www.helftdenmainzelmaennchen.de/
Redirect Chain

https://helftdenmainzelmaennchen.de/images/68820756ecbdb3957ea8d2c1c9f40a15.jpg
https://www.helftdenmainzelmaennchen.de/

0
0

101ms
84ms

Image
text/html

2001:41d0:302:1100::91e
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helftdenmainzelmaennchen.de/
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Server: 2001:41d0:302:1100::91e , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

location: https://www.helftdenmainzelmaennchen.de/
date: Fri, 10 Jun 2022 16:55:45 GMT
server: nginx
x-powered-by: PHP/7.3.33, PleskLin
content-length: 0
content-type: text/html;charset=utf-8

GET
H2

404

404-fehlerseite
www.die-glocke.de/
Redirect Chain

https://die-glocke.de/portalsuite/image/9f7c580d-7e76-4c0a-b626-824eac8647a0/lip_Naturland.jpg/mainMediaSize=800x0_type=image_publish=true_
https://www.die-glocke.de/portalsuite/image/9f7c580d-7e76-4c0a-b626-824eac8647a0/lip_Naturland.jpg/mainMediaSize=800x0_type=image_publish=true_
https://www.die-glocke.de/404-fehlerseite

0
0

123ms
123ms

Image
text/html

116.202.252.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.die-glocke.de/404-fehlerseite
Protocol: H2
Server: 116.202.252.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi6171.your-server.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 10 Jun 2022 16:55:45 GMT
x-content-type-options: nosniff
server: Apache
content-type: text/html; charset=utf-8
location: /404-fehlerseite
cache-control: max-age=0
x-ua-compatible: IE=edge
content-length: 0
expires: Fri, 10 Jun 2022 16:55:45 GMT

GET
H2 404 Zahlreiche-Feuerwehr-Einsaetze-im-Kreis-Warendorf-Frau-bei-Unwetter-in-Dortmund-toedlich-verletzt_image_630_420f.jpg
www.muensterschezeitung.de/var/storage/images/wn/startseite/nrw/2913879-zahlreiche-feuerwehr-einsaetze-im-kreis-warendorf-frau-bei-unwetter-in-dortmund-toedlich-verletzt/85522259-20-ger-DE/ 0
0 138ms
40ms Image
text/html 159.89.214.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.muensterschezeitung.de/var/storage/images/wn/startseite/nrw/2913879-zahlreiche-feuerwehr-einsaetze-im-kreis-warendorf-frau-bei-unwetter-in-dortmund-toedlich-verletzt/85522259-20-ger-DE/Zahlreiche-Feuerwehr-Einsaetze-im-Kreis-Warendorf-Frau-bei-Unwetter-in-Dortmund-toedlich-verletzt_image_630_420f.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.214.43 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2

200

die-mehr-als-1500-corona-infektionen-im-toennies-2150869.jpg
old.ruhrnachrichten.de/bilder/
Redirect Chain

https://www.ruhrnachrichten.de/bilder/die-mehr-als-1500-corona-infektionen-im-toennies-2150869.jpg
https://old.ruhrnachrichten.de/bilder/die-mehr-als-1500-corona-infektionen-im-toennies-2150869.jpg

41 KB
40 KB

283ms
143ms

Image
image/jpeg

217.182.187.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://old.ruhrnachrichten.de/bilder/die-mehr-als-1500-corona-infektionen-im-toennies-2150869.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Server: 217.182.187.115 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c33db7e957d86b33a7d1667d2998bd54a294ca9e59c5bdb84d9567369cc169d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:46 GMT
content-encoding: gzip
etag: W/"-1781504676"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=864000, public
from: 15
expires: Mon, 20 Jun 2022 16:54:48 GMT

Redirect headers

location: https://old.ruhrnachrichten.de/bilder/die-mehr-als-1500-corona-infektionen-im-toennies-2150869.jpg
date: Fri, 10 Jun 2022 16:55:45 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=iso-8859-1
content-length: 394
x-proxy-cache: MISS

GET IXEnA6zPNcEWqcg61kB_QwEgDY.jpg
monton-foleg.biz/cir/ 0
0

GET
H2 404 Bahnhaltepunkt-Einen-Muessingen-Erster-Spatenstich-im-Spaetherbst_image_630_420f_wn.jpg
www.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/1826800-bahnhaltepunkt-einen-muessingen-erster-spatenstich-im-spaetherbst/55945950-1-ger-DE/ 0
0 131ms
39ms Image
text/html 159.89.214.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/1826800-bahnhaltepunkt-einen-muessingen-erster-spatenstich-im-spaetherbst/55945950-1-ger-DE/Bahnhaltepunkt-Einen-Muessingen-Erster-Spatenstich-im-Spaetherbst_image_630_420f_wn.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.214.43 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 B07E7C60-6236-45EB-AFB1-A3B2B90B7DE8_v0_l.jpg
media.diepresse.com/images/uploads/f/1/5/5693205/ 137 KB
138 KB 341ms
172ms Image
image/jpeg 104.89.35.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.diepresse.com/images/uploads/f/1/5/5693205/B07E7C60-6236-45EB-AFB1-A3B2B90B7DE8_v0_l.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.35.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-35-235.deploy.static.akamaitechnologies.com
Software: Thumbor/6.4.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:46 GMT
cache-control: public, max-age=86400
server: Thumbor/6.4.1
content-type: image/jpeg
etag: "6faca10cf41bd376af72990e3c0fe40a75f562a1"
content-length: 140505
expires: Sat, 11 Jun 2022 16:55:46 GMT

GET j_t8b_vvEk-BZtFBZW-JAQAAAA.jpg
necessario-oszinten.info/xgbjw/ 0
0

GET
H2

200

luis-krampe-l-vom-sv-herbern-im-sprintduell-mit-einem-2150752.jpg
old.halternerzeitung.de/bilder/
Redirect Chain

https://www.halternerzeitung.de/bilder/luis-krampe-l-vom-sv-herbern-im-sprintduell-mit-einem-2150752.jpg
https://old.halternerzeitung.de/bilder/luis-krampe-l-vom-sv-herbern-im-sprintduell-mit-einem-2150752.jpg

84 KB
84 KB

249ms
93ms

Image
image/jpeg

217.182.187.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://old.halternerzeitung.de/bilder/luis-krampe-l-vom-sv-herbern-im-sprintduell-mit-einem-2150752.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Server: 217.182.187.115 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:46 GMT
content-encoding: gzip
etag: W/"1356351303"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=864000, public
from: 12
expires: Mon, 20 Jun 2022 16:54:49 GMT

Redirect headers

date: Fri, 10 Jun 2022 16:55:45 GMT
server: nginx
x-powered-by: PleskLin
x-cache-status: BYPASS
content-type: text/html; charset=iso-8859-1
location: https://old.halternerzeitung.de/bilder/luis-krampe-l-vom-sv-herbern-im-sprintduell-mit-einem-2150752.jpg
cache-control: max-age=0
content-length: 386
expires: Fri, 10 Jun 2022 16:55:45 GMT

GET
H/1.1 503
Service Unavailable Beratung-zum-Schutz-vor-Einbrechern-Den-Riegel-vorschieben1_opengraph.jpg
static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2012/10/beratung-zum-schutz-vor-einbrechern-den-riegel-vorschieben/32657859-1-ger-DE/ 62 B
62 B 137ms
46ms Image
text/html 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2012/10/beratung-zum-schutz-vor-einbrechern-den-riegel-vorschieben/32657859-1-ger-DE/Beratung-zum-Schutz-vor-Einbrechern-Den-Riegel-vorschieben1_opengraph.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 9030d69eb49ea5277cf33996d1a2f0fc14dfdebfa59bad9fb251662cf547d254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store
Connection: close
Content-Length: 62

GET
H2 200 849278.jpg
www.neuverlieben.com/pics/0/84/92/ 23 KB
23 KB 183ms
81ms Image
image/jpeg 195.43.141.21
PROBENETWORKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.neuverlieben.com/pics/0/84/92/849278.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.43.141.21 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ee98818a9b8de8f3aadb2cff1d670b0b4f99a5add362279c57f19551e8e59a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
last-modified: Fri, 08 Feb 2019 19:40:01 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c5ddb11-5cad"
content-type: image/jpeg
accept-ranges: bytes
content-length: 23725

GET
H/1.1 200
OK ubp2AbV2WdeD3jjSqPfK3wHaEK.jpg
dranmussten.com/bsg/ 10 KB
10 KB 273ms
156ms Image
image/jpeg 5.61.57.129
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dranmussten.com/bsg/ubp2AbV2WdeD3jjSqPfK3wHaEK.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.61.57.129 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8c47d657030c70d559bb2bfb7a13af8df2fcf95e51bbc2dbdd3b5345352ed442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:46 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET _t9i3lbSrZNjGAiutoMQ_AAAAA.jpg
monton-foleg.biz/cir/ 0
0

GET
H/1.1 200
OK liGrmoc0-y0.jpeg
dranmussten.com/bsg/ 12 KB
12 KB 182ms
79ms Image
image/jpeg 5.61.57.129
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dranmussten.com/bsg/liGrmoc0-y0.jpeg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.61.57.129 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 305294024716ba9ca479f5fd5a64efdea9bbea143bc5e263cfbc0edcb0eae0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:46 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H2 200 pic2.jpg
glicfitarever.tk/images/ 9 KB
9 KB 78ms
77ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glicfitarever.tk/images/pic2.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Jan 2020 09:38:40 GMT
server: cloudflare
etag: "5e1c3aa0-2402"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq5hBNIeX4N%2Fwb25BIM4A9EDtUegBwD9%2FnHo6oUTVdamfBYO8GGOkb9o8IWJtjXIbHZE6SsUuDF3Q7IGXzNogeelW8s8X5Q3%2FADOXhAooirNNtIt8ShBGiK9nWLyhUqbik%2BJiTwiHfKzCCMTpHBf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7193a2ee81516919-FRA
content-length: 9218
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pic1.jpg
glicfitarever.tk/images/ 5 KB
5 KB 68ms
68ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glicfitarever.tk/images/pic1.jpg
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Jan 2020 09:35:22 GMT
server: cloudflare
etag: "5e1c39da-139d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bn7IJy75O7cyGokHQPvDygBVwVsHPPpksqFKxZo5%2FC2jaGa5V%2Bcqvme5QpSkz5GflOkPsfCS2yaYXrTq55m4a4immg2XxChMRNJmVg5Vdpu0TVolKxl9Y%2FWnURnSCsMAvuuRaYKlDAErijAu0iux"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7193a2ee814c6919-FRA
content-length: 5021
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
glicfitarever.tk/images/assets/js/ 86 KB
31 KB 112ms
109ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glicfitarever.tk/images/assets/js/jquery.min.js
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rW6iz%2BPW3W3GO1Hz87P1z9DfFu%2BabAAvvjc2Du64mQuipaz2EdYkuEilfwUDFzsbgv%2BwqiYPfpWWO%2Ffw2Fa1Ay7HzoISbO0RE76uLHzbm7bNvtNhRXc7oCThqV2ZXX4z16TbQEug%2Biu7fmRhYVyn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7193a2ee71486919-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 browser.min.js Show response
glicfitarever.tk/images/assets/js/ 2 KB
1 KB 84ms
81ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glicfitarever.tk/images/assets/js/browser.min.js
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-73b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7my6I%2B5IZRDzRRcYsd2vA6JirWFtUyDZj6puIs1FtlC4ZHAVdW98cG5VMovpXJcrWKQpO6hJowIs72RTR26QuVJbtvXv1hRVuC3v4wPuOvRmvvZQ6zi4gysEmFk6CdWgKImoH1VSfs6ET1Y1uVNF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7193a2ee814f6919-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 breakpoints.min.js Show response
glicfitarever.tk/images/assets/js/ 2 KB
1 KB 123ms
120ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glicfitarever.tk/images/assets/js/breakpoints.min.js
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gc8SDipfjwMSXailm%2BF5oOTiEhg5jJTMdQiE3vcY3%2FU2gNtb3uHVkaZj4rTS2kmDtaY3qPRLfNATbZ0HTXHuwYJj%2BOCzOsVvfJMrD1NVVQm49Sly70Rs8lporEVpmFFrPZE%2F5OE7bIO29CYB6HjN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7193a2ee814a6919-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 util.js Show response
glicfitarever.tk/images/assets/js/ 12 KB
4 KB 78ms
75ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glicfitarever.tk/images/assets/js/util.js
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-3091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwOzww2OrAIZ%2BgaxFhHmaFap8Xf0kCd%2Bhq9%2Fc3uf5%2BVDREHJtleYNhQ6RCvbHVz8b16bQhc8y0JcQNV0nmIZqs2RSc4BSNcsUn620WZ0Qhk90RKJB39%2B9H6vG%2BHjdx5ur0ZoBLzSZWVMLGnIpIN9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7193a2ee81506919-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
glicfitarever.tk/images/assets/js/ 1 KB
890 B 76ms
73ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://glicfitarever.tk/images/assets/js/main.js
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 16:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 14:17:00 GMT
server: cloudflare
etag: W/"5cf9205c-405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n62exjsFgTtWNQTGvY6%2F2njcGjZB8QlQx%2FvNcKE5w2h3vOfCU4NS%2Bu%2FUtMQFMYKgnWH7WHqlJ7aatZloLf4C%2BwitHigdiXzrtm7%2FUtD9npkcvCD25hkuy2%2F4YwKwU9jl%2BjptYc34rpX17RwHa5ua"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7193a2ee814e6919-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1010 B 131ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Requested by

Host: glicfitarever.tk
URL: https://glicfitarever.tk/images/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e71e810c089ddf4bd2cbdf025e6f5703b06ff2547e4f3410f76a58d8beab5bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 15:57:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Jun 2022 16:55:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Jun 2022 16:55:45 GMT

GET
H2 200 KjXhYN
algosit.com/ 458 B
1 KB 243ms
150ms Script
application/javascript 2606:4700:3032::ac43:aeaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algosit.com/KjXhYN?se_referrer=&default_keyword=Single%20kreis%20warendorf&&frm610bbd2f3af8d=script610bbd2f3af8e&_cid=a53f2f4c-ef52-b491-035a-6baf9ce8e7ad
Requested by: Host: glicfitarever.tk
URL: https://glicfitarever.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aeaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glicfitarever.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jun 2022 16:55:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 10 Jun 2022 16:55:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St%2BwOQMzPZsuFIEOr%2FYf7kGJw1zdvJZeEGDcLy12qq9HY3KlkOPIvvVVA5FT1gY8rp4bhD6nFIk6gk0DAiqUGqwVy%2BlyXFo%2F9ujEnhFzdmdD7GpZj1fDQXrzFWjMYS7hcO11Fyrt%2B3hy7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-ray: 7193a2f149169b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 29 KB
29 KB 120ms
38ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glicfitarever.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:41:52 GMT
x-content-type-options: nosniff
age: 162833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29252
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:41:52 GMT

GET
H/1.1 200
OK Primary Request / Show response
datingsforyou.life/ 7 KB
7 KB 629ms
60ms Document
text/html 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Requested by: Host: algosit.com
URL: https://algosit.com/KjXhYN?se_referrer=&default_keyword=Single%20kreis%20warendorf&&frm610bbd2f3af8d=script610bbd2f3af8e&_cid=a53f2f4c-ef52-b491-035a-6baf9ce8e7ad
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8f0f8a9dbbb2c924c32f4c192e60d05fcbcbc6e05414c4c00847f7097717dbd9

Request headers

Referer: https://glicfitarever.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private no-transform
Connection: keep-alive
Content-Length: 7284
Content-Type: text/html
Date: Fri, 10 Jun 2022 16:55:46 GMT
Server: nginx

GET
H/1.1 200
OK animate.min.css
datingsforyou.life/media/dating/toon2/css/ 52 KB
4 KB 53ms
53ms Stylesheet
text/css 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/media/dating/toon2/css/animate.min.css
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:46 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 06:04:50 GMT
Server: nginx
ETag: W/"60a5fc02-ce35"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK style.css
datingsforyou.life/media/dating/toon2/css/ 8 KB
2 KB 213ms
53ms Stylesheet
text/css 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/media/dating/toon2/css/style.css
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 06:04:50 GMT
Server: nginx
ETag: W/"60a5fc02-21a0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK js.cookie.js Show response
datingsforyou.life/cookie/ 4 KB
2 KB 215ms
53ms Script
application/javascript 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/cookie/js.cookie.js
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 05:56:32 GMT
Server: nginx
ETag: W/"60a5fa10-10a8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK utils.js Show response
datingsforyou.life/util/ 7 KB
3 KB 215ms
53ms Script
application/javascript 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/util/utils.js
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Mon, 21 Jun 2021 15:49:14 GMT
Server: nginx
ETag: W/"60d0b4fa-1d57"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK 123.jpg
datingsforyou.life/media/dating/toon2/images/ 175 KB
166 KB 217ms
56ms Image
image/jpeg 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datingsforyou.life/media/dating/toon2/images/123.jpg
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 06:04:50 GMT
Server: nginx
ETag: W/"60a5fc02-2bbe8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
datingsforyou.life/media/dating/toon2/js/ 84 KB
29 KB 213ms
53ms Script
application/javascript 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 06:04:50 GMT
Server: nginx
ETag: W/"60a5fc02-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK bb.js Show response
datingsforyou.life/media/ 639 B
642 B 213ms
53ms Script
application/javascript 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/media/bb.js
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 05:56:44 GMT
Server: nginx
ETag: W/"60a5fa1c-27f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK exit1.js Show response
datingsforyou.life/media/exit-new/ 3 KB
1 KB 214ms
53ms Script
application/javascript 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsforyou.life/media/exit-new/exit1.js
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/?u=8bfp605&o=4f30vvg&cid=3s39o9h58p10b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Mon, 31 May 2021 11:57:41 GMT
Server: nginx
ETag: W/"60b4cf35-d91"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 48ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: datingsforyou.life
URL: https://datingsforyou.life/media/dating/toon2/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1ff9c98e8501501384a084e1257d6509264d70286f637b8f605e8cd7fed8fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 16:54:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Jun 2022 16:55:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Jun 2022 16:55:47 GMT

GET
H/1.1 200
OK bg.jpg
datingsforyou.life/media/dating/toon2/images/ 117 KB
108 KB 215ms
55ms Image
image/jpeg 5.101.45.7
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datingsforyou.life/media/dating/toon2/images/bg.jpg
Requested by: Host: datingsforyou.life
URL: https://datingsforyou.life/media/dating/toon2/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingsforyou.life/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 16:55:47 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 06:04:50 GMT
Server: nginx
ETag: W/"60a5fc02-1d3ca"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://datingsforyou.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 258513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:07:14 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://datingsforyou.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 258513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:07:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: monton-foleg.biz
URL: https://monton-foleg.biz/cir/IXEnA6zPNcEWqcg61kB_QwEgDY.jpg

Domain: necessario-oszinten.info
URL: https://necessario-oszinten.info/xgbjw/j_t8b_vvEk-BZtFBZW-JAQAAAA.jpg

Domain: monton-foleg.biz
URL: https://monton-foleg.biz/cir/_t9i3lbSrZNjGAiutoMQ_AAAAA.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			datingsforyou.life/	1969-12-31 23:59:59	Name: sid Value: t3~p4c5ndr3rc2wg1isucrqbebz

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://glicfitarever.tk/ Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2013/04/landwirtschaftlicher-infopfad-rundkurs-durch-alle-bauerschaften/36431808-1-ger-DE/Landwirtschaftlicher-Infopfad-Rundkurs-durch-alle-Bauerschaften1_opengraph.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/ Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://helftdenmainzelmaennchen.de/images/68820756ecbdb3957ea8d2c1c9f40a15.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/ Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.muensterschezeitung.de/var/storage/images/wn/startseite/nrw/2913879-zahlreiche-feuerwehr-einsaetze-im-kreis-warendorf-frau-bei-unwetter-in-dortmund-toedlich-verletzt/85522259-20-ger-DE/Zahlreiche-Feuerwehr-Einsaetze-im-Kreis-Warendorf-Frau-bei-Unwetter-in-Dortmund-toedlich-verletzt_image_630_420f.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/ Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/1826800-bahnhaltepunkt-einen-muessingen-erster-spatenstich-im-spaetherbst/55945950-1-ger-DE/Bahnhaltepunkt-Einen-Muessingen-Erster-Spatenstich-im-Spaetherbst_image_630_420f_wn.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/ Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://necessario-oszinten.info/xgbjw/j_t8b_vvEk-BZtFBZW-JAQAAAA.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/ Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2012/10/beratung-zum-schutz-vor-einbrechern-den-riegel-vorschieben/32657859-1-ger-DE/Beratung-zum-Schutz-vor-Einbrechern-Den-Riegel-vorschieben1_opengraph.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.muensterschezeitung.de/var/storage/images/wn/startseite/nrw/2913879-zahlreiche-feuerwehr-einsaetze-im-kreis-warendorf-frau-bei-unwetter-in-dortmund-toedlich-verletzt/85522259-20-ger-DE/Zahlreiche-Feuerwehr-Einsaetze-im-Kreis-Warendorf-Frau-bei-Unwetter-in-Dortmund-toedlich-verletzt_image_630_420f.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://glicfitarever.tk/(Line 58) Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2013/04/landwirtschaftlicher-infopfad-rundkurs-durch-alle-bauerschaften/36431808-1-ger-DE/Landwirtschaftlicher-Infopfad-Rundkurs-durch-alle-Bauerschaften1_opengraph.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/(Line 58) Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://helftdenmainzelmaennchen.de/images/68820756ecbdb3957ea8d2c1c9f40a15.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/(Line 58) Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.muensterschezeitung.de/var/storage/images/wn/startseite/nrw/2913879-zahlreiche-feuerwehr-einsaetze-im-kreis-warendorf-frau-bei-unwetter-in-dortmund-toedlich-verletzt/85522259-20-ger-DE/Zahlreiche-Feuerwehr-Einsaetze-im-Kreis-Warendorf-Frau-bei-Unwetter-in-Dortmund-toedlich-verletzt_image_630_420f.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/(Line 97) Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://www.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/1826800-bahnhaltepunkt-einen-muessingen-erster-spatenstich-im-spaetherbst/55945950-1-ger-DE/Bahnhaltepunkt-Einen-Muessingen-Erster-Spatenstich-im-Spaetherbst_image_630_420f_wn.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/(Line 97) Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://necessario-oszinten.info/xgbjw/j_t8b_vvEk-BZtFBZW-JAQAAAA.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://glicfitarever.tk/(Line 97) Message: Mixed Content: The page at 'https://glicfitarever.tk/' was loaded over HTTPS, but requested an insecure element 'http://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2012/10/beratung-zum-schutz-vor-einbrechern-den-riegel-vorschieben/32657859-1-ger-DE/Beratung-zum-Schutz-vor-Einbrechern-Den-Riegel-vorschieben1_opengraph.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2013/04/landwirtschaftlicher-infopfad-rundkurs-durch-alle-bauerschaften/36431808-1-ger-DE/Landwirtschaftlicher-Infopfad-Rundkurs-durch-alle-Bauerschaften1_opengraph.jpg Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://necessario-oszinten.info/xgbjw/j_t8b_vvEk-BZtFBZW-JAQAAAA.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/1826800-bahnhaltepunkt-einen-muessingen-erster-spatenstich-im-spaetherbst/55945950-1-ger-DE/Bahnhaltepunkt-Einen-Muessingen-Erster-Spatenstich-im-Spaetherbst_image_630_420f_wn.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.wn.de/var/storage/images/wn/startseite/muensterland/kreis-warendorf/warendorf/2012/10/beratung-zum-schutz-vor-einbrechern-den-riegel-vorschieben/32657859-1-ger-DE/Beratung-zum-Schutz-vor-Einbrechern-Den-Riegel-vorschieben1_opengraph.jpg Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://monton-foleg.biz/cir/IXEnA6zPNcEWqcg61kB_QwEgDY.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://monton-foleg.biz/cir/_t9i3lbSrZNjGAiutoMQ_AAAAA.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://www.die-glocke.de/404-fehlerseite Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

algosit.com
datingsforyou.life
derspoekenkieker.de
die-glocke.de
dranmussten.com
fonts.googleapis.com
fonts.gstatic.com
glicfitarever.tk
helftdenmainzelmaennchen.de
media.diepresse.com
monton-foleg.biz
necessario-oszinten.info
old.dorstenerzeitung.de
old.halternerzeitung.de
old.ruhrnachrichten.de
static.wn.de
www.die-glocke.de
www.dorstenerzeitung.de
www.halternerzeitung.de
www.helftdenmainzelmaennchen.de
www.muensterschezeitung.de
www.neuverlieben.com
www.ruhrnachrichten.de
www.wn.de
monton-foleg.biz
necessario-oszinten.info
104.89.35.235
116.202.252.171
159.89.214.43
185.245.99.152
194.48.171.70
195.30.84.222
195.43.141.21
2001:41d0:302:1100::91e
202.61.197.206
217.182.187.115
2606:4700:3032::ac43:aeaa
2606:4700:7::a29f:8a55
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200a
5.101.45.7
5.61.57.129
91.216.108.5
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
2cdb70ee163b664761346ac5e47d9dc74f72ecaa7220643be82590cc5e306685
305294024716ba9ca479f5fd5a64efdea9bbea143bc5e263cfbc0edcb0eae0de
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432
5288573dc7e8e4a2aff9ac57911207739a9a295e97ef9de7bcec23057cdbe3c7
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
8c47d657030c70d559bb2bfb7a13af8df2fcf95e51bbc2dbdd3b5345352ed442
8f0f8a9dbbb2c924c32f4c192e60d05fcbcbc6e05414c4c00847f7097717dbd9
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9030d69eb49ea5277cf33996d1a2f0fc14dfdebfa59bad9fb251662cf547d254
9032fe2983b00a836e97d15e90322af5d6305c6652fc7c6592718f363f813849
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9822e153f205845e2aca5ca7a733864f5853dae91c1d80a0f5bb6c3ce43c613b
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7
a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb
af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b
b0fc713eebff6191293e6b9cc415d8a4b48e804fb26294be0a9b625318742578
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c33db7e957d86b33a7d1667d2998bd54a294ca9e59c5bdb84d9567369cc169d5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71e810c089ddf4bd2cbdf025e6f5703b06ff2547e4f3410f76a58d8beab5bfb
ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c
ee98818a9b8de8f3aadb2cff1d670b0b4f99a5add362279c57f19551e8e59a2f
f1ff9c98e8501501384a084e1257d6509264d70286f637b8f605e8cd7fed8fb4
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

datingsforyou.life Open in urlscan Pro 5.101.45.7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

77 %HTTPS

29 %IPv6

18 Domains

24 Subdomains

15 IPs

5 Countries

1672 kBTransfer

1945 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

datingsforyou.life Open in urlscan Pro
5.101.45.7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

77 %
HTTPS

29 %
IPv6

18
Domains

24
Subdomains

15
IPs

5
Countries

1672 kB
Transfer

1945 kB
Size

1
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!