live-datingsforyou.com Open in urlscan Pro
5.101.45.6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mkoderators.gq/
Effective URL:
https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Submission: On March 17 via api (March 17th 2022, 6:37:40 pm UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 26 domains to perform 59 HTTP transactions. The main IP is 5.101.45.6, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is live-datingsforyou.com.
TLS certificate: Issued by R3 on January 18th 2022. Valid for: 3 months.

This is the only time live-datingsforyou.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3031::6815:34e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a01:4f8:c0:1... 2a01:4f8:c0:1440::1	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2001:67c:13c:... 2001:67c:13c::7a2:de	16075 (TAZ-AS ta...) (TAZ-AS taz die tageszeitung autonomous system)
1	192.124.249.103 192.124.249.103	30148 (SUCURI-SEC) (SUCURI-SEC)
1 1	2600:9000:211... 2600:9000:2118:5c00:e:5a66:ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
1	85.13.155.176 85.13.155.176	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1 2	80.245.152.194 80.245.152.194	35704 (ZIVIT-AS) (ZIVIT-AS)
2 2	2a02:26f0:fb:... 2a02:26f0:fb::5f65:5880	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:400e:800::2016	15169 (GOOGLE) (GOOGLE)
1	80.228.114.210 80.228.114.210	9145 (EWETEL Cl...) (EWETEL Cloppenburger Strasse 310)
1	2606:4700:10:... 2606:4700:10::ac43:26e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.72.24 192.0.72.24	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	2600:9000:225... 2600:9000:225a:2400:19:82c2:c040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a01:468:1000... 2a01:468:1000:9::173	5403 (AS5403) (AS5403)
1 2	2a01:488:42:1... 2a01:488:42:1000:50ed:8597:88:fb60	20773 (GODADDY) (GODADDY)
1 2	2a04:4e42:54::84 2a04:4e42:54::84	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:aeaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	5.101.45.6 5.101.45.6	209813 (FASTCONTENT) (FASTCONTENT)
59	21

9 2606:4700:3031::6815:34e7 (United States)

ASN13335 (CLOUDFLARENET, US)

mkoderators.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:c0:1440::1 (Germany)

ASN24940 (HETZNER-AS, DE)

img.morgenpost.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.derwesten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:67c:13c::7a2:de (Germany) 1 redirects

ASN16075 (TAZ-AS taz die tageszeitung autonomous system, DE)

taz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.taz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.103 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10103.sucuri.net

www.emerge-mag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2118:5c00:e:5a66:ac0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

files.newsnetz.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

cdn.unitycms.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.155.176 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd39438.kasserver.com

christen-in-krefeld.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.245.152.194 (Frankfurt am Main, Germany) 1 redirects

ASN35704 (ZIVIT-AS, DE)

www.deutsche-islam-konferenz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb::5f65:5880 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

p5.focus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p6.focus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400e:800::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.228.114.210 (Oldenburg, Germany)

ASN9145 (EWETEL Cloppenburger Strasse 310, DE)
PTR: img.medien-systempartner.de

img.nwzonline.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:26e2 (United States)

ASN13335 (CLOUDFLARENET, US)

ais.badische-zeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.72.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

hannibalnur.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225a:2400:19:82c2:c040:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.noz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:468:1000:9::173 (Austria)

ASN5403 (AS5403, AT)

tubestatic.orf.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:488:42:1000:50ed:8597:88:fb60 (Germany) 1 redirects

ASN20773 (GODADDY, DE)

www.ludolfdahmen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:54::84 (United States) 1 redirects

ASN54113 (FASTLY, US)

s-media-cache-ak0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aeaa (United States)

ASN13335 (CLOUDFLARENET, US)

algosit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 5.101.45.6 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

live-datingsforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	live-datingsforyou.com live-datingsforyou.com	322 KB
9	mkoderators.gq mkoderators.gq	69 KB
8	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	87 KB
4	gstatic.com fonts.gstatic.com	114 KB
4	focus.de 2 redirects p5.focus.de — Cisco Umbrella Rank: 114013 p6.focus.de — Cisco Umbrella Rank: 60420	23 KB
3	taz.de 1 redirects taz.de — Cisco Umbrella Rank: 34177 www.taz.de — Cisco Umbrella Rank: 552993	173 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	pinimg.com 1 redirects s-media-cache-ak0.pinimg.com — Cisco Umbrella Rank: 26909 i.pinimg.com — Cisco Umbrella Rank: 677	29 KB
2	ludolfdahmen.de 1 redirects www.ludolfdahmen.de	381 B
2	noz.de 1 redirects www.noz.de — Cisco Umbrella Rank: 353115	1 KB
2	wordpress.com hannibalnur.files.wordpress.com	5 MB
2	deutsche-islam-konferenz.de 1 redirects www.deutsche-islam-konferenz.de	322 B
2	unitycms.io 1 redirects cdn.unitycms.io — Cisco Umbrella Rank: 140028	14 KB
1	algosit.com algosit.com	1 KB
1	orf.at tubestatic.orf.at — Cisco Umbrella Rank: 409404	40 KB
1	derwesten.de www.derwesten.de — Cisco Umbrella Rank: 173122	46 KB
1	badische-zeitung.de ais.badische-zeitung.de — Cisco Umbrella Rank: 553159	55 KB
1	nwzonline.de img.nwzonline.de	26 KB
1	christen-in-krefeld.de christen-in-krefeld.de	958 KB
1	newsnetz.ch 1 redirects files.newsnetz.ch	311 B
1	emerge-mag.com www.emerge-mag.com	415 KB
1	morgenpost.de img.morgenpost.de — Cisco Umbrella Rank: 489890	68 KB
0	pure-mess.ro Failed www.pure-mess.ro Failed
0	akady.info Failed akady.info Failed
0	puls4.com Failed files.puls4.com Failed
0	nnz-online.de Failed www.nnz-online.de Failed
59	26

	Domain	Requested by
10	live-datingsforyou.com	algosit.com live-datingsforyou.com
9	mkoderators.gq	mkoderators.gq
8	i.ytimg.com	mkoderators.gq
4	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	mkoderators.gq live-datingsforyou.com
2	www.ludolfdahmen.de	1 redirects mkoderators.gq
2	www.noz.de	1 redirects mkoderators.gq
2	hannibalnur.files.wordpress.com	mkoderators.gq
2	p6.focus.de	mkoderators.gq
2	p5.focus.de	2 redirects
2	www.deutsche-islam-konferenz.de	1 redirects mkoderators.gq
2	cdn.unitycms.io	1 redirects mkoderators.gq
2	taz.de	mkoderators.gq
1	algosit.com	mkoderators.gq
1	i.pinimg.com	mkoderators.gq
1	s-media-cache-ak0.pinimg.com	1 redirects
1	tubestatic.orf.at	mkoderators.gq
1	www.derwesten.de	mkoderators.gq
1	ais.badische-zeitung.de	mkoderators.gq
1	img.nwzonline.de	mkoderators.gq
1	www.taz.de	1 redirects
1	christen-in-krefeld.de	mkoderators.gq
1	files.newsnetz.ch	1 redirects
1	www.emerge-mag.com	mkoderators.gq
1	img.morgenpost.de	mkoderators.gq
0	www.pure-mess.ro Failed	mkoderators.gq
0	akady.info Failed	mkoderators.gq
0	files.puls4.com Failed	mkoderators.gq
0	www.nnz-online.de Failed	mkoderators.gq
59	29

This site contains no links.

Subject Issuer	Validity	Valid
funkedigital.de R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
taz.de R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
emerge-mag.com Go Daddy Secure Certificate Authority - G2	`2021-07-18` - `2022-08-17`	a year	crt.sh
christen-in-krefeld.de R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.nwzonline.de Sectigo RSA Organization Validation Secure Server CA	`2022-01-30` - `2023-03-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2023-01-28`	a year	crt.sh
*.orf.at Entrust Certification Authority - L1K	`2020-01-20` - `2022-04-18`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
live-datingsforyou.com R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Frame ID: 1793170FF5AD9E55CB52F79F6112376D
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zum scheissen heute Frauen aus deiner Umgebung

Page URL History Show full URLs

http://mkoderators.gq/ Page URL
https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

58 %
HTTPS

68 %
IPv6

26
Domains

29
Subdomains

21
IPs

5
Countries

8010 kB
Transfer

8266 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mkoderators.gq/ Page URL
https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://files.newsnetz.ch/story/2/5/5/25579223/6/topelement.jpg HTTP 301
https://cdn.unitycms.io/image/ocroped/1200,1200,1000,1000,0,0/64w0UP618Gk/9lDi9Zzp4di9COb7ZDBPIK.jpg HTTP 301
https://cdn.unitycms.io/images/9lDi9Zzp4di9COb7ZDBPIK.jpg?op=ocroped&val=1200,1200,1000,1000,0,0&sum=64w0UP618Gk

Request Chain 11

https://www.taz.de/picture/297666/948/wulff2.20100913-10.jpg HTTP 301
https://taz.de/picture/297666/948/wulff2.20100913-10.jpg

Request Chain 12

http://www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/erika-theissen.jpg?__blob=poster&v=3 HTTP 302
https://www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/erika-theissen.jpg?__blob=poster&v=3

Request Chain 13

https://p5.focus.de/img/fotos/crop3116819/825032379-w300-h167-o-q75-p5/Prozesse-Drei-Kommunen-hatten-Beschwerde-eingereicht.jpg HTTP 301
http://p6.focus.de/img/fotos/id_3116819/prozesse-drei-kommunen-hatten-beschwerde-eingereicht..jpg?im=Resize%3D%28300%2C167%29&hash=51d137424765d9de225be17678faef6e9116e6f1b8d4497580f88727de7f3a34

Request Chain 15

https://p5.focus.de/img/fotos/crop389088/9660321748-w300-h167-o-q75-p5/Verbraucher-Unterlagen-und-Belege-aus-selbststaendiger-Arbeit-muessen-bis-zu-zehn-Jahre-aufgehoben-werden.jpg HTTP 301
http://p6.focus.de/img/fotos/id_389088/verbraucher-unterlagen-und-belege-aus-selbststaendiger-arbeit-muessen-bis-zu-zehn-jahre-aufgehoben-werden..jpg?im=Resize%3D%28300%2C167%29&hash=2505cc7f905044246f312f14c6f3dd620a799d38334295f3367d016ee89e39b6

Request Chain 20

http://www.noz.de/media/2016/11/06/13-tatort-borowski-und-das-verlorene-maedchen_201611062156_full.jpg HTTP 301
https://www.noz.de/media/2016/11/06/13-tatort-borowski-und-das-verlorene-maedchen_201611062156_full.jpg

Request Chain 31

http://www.ludolfdahmen.de/sites/default/files/ldf-images/Konvertierte_Deutsche_01.jpg HTTP 301
https://www.ludolfdahmen.de/sites/default/files/ldf-images/Konvertierte_Deutsche_01.jpg

Request Chain 33

https://s-media-cache-ak0.pinimg.com/736x/38/c9/87/38c98732868ceba557a4163fbb01b4e1.jpg HTTP 301
https://i.pinimg.com/736x/38/c9/87/38c98732868ceba557a4163fbb01b4e1.jpg

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
mkoderators.gq/ 31 KB
9 KB 212ms
110ms Document
text/html 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 211544ff3ce6f1ad79535337ce401a6ee73fb1ffc8ca9666243ad5f973d86add

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 09 Aug 2021 12:04:12 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSTgLyKhsCUl5erjW43mwc2AsEjeBg9YnaL3uFoWOwHbGhNxNpGtXozrH8VM8PAzOnzvvZr4xW9agzZWIiYd4YRbeFpdnXaS7HMurJHckJlxjd4NbehNPRqB7lnQbQ98zFb%2FrXTh1SaRi0B%2BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6ed7d733ce8e374f-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK main.css
mkoderators.gq/images/assets/css/ 32 KB
6 KB 86ms
85ms Stylesheet
text/css 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mkoderators.gq/images/assets/css/main.css
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 13 Jan 2020 18:27:06 GMT
Server: cloudflare
ETag: W/"5e1cb67a-7f6b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2YoTvJx0F6PoDLdT9MNajL%2Bg0Uep6OiGiS%2FneMeGHW2VfLjZNVvcpN57wqLlNk%2FT0bxX%2BsPdUMlhI7T0shPwbbB3uGpzP76fndHIp8T5VWDhiEZH6RqnIrP3gqxLch9SxD2Pkv4GItP8wGUfw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 6ed7d7349932374f-MXP
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET 1280_316627_0208_57698553.jpg
www.nnz-online.de/_daten/cache/ 0
0

GET AWJFylSnkH.jpg
files.puls4.com/m3/tn1/ 0
0

GET
H2 200 zum-Islam-konvertiert-8-.jpg
img.morgenpost.de/img/berlin-aktuell/crop126624479/9062604394-w820-cv16_9-q85/ 67 KB
68 KB 124ms
58ms Image
image/jpeg 2a01:4f8:c0:1440::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.morgenpost.de/img/berlin-aktuell/crop126624479/9062604394-w820-cv16_9-q85/zum-Islam-konvertiert-8-.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c0:1440::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Funke Digital Cloud - SpeedCDN <speed@funkedigital.de> /
Resource Hash: a5695ec887ea857f2614e1f71095754c046fb16d915f757b31099224348267bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cmsid: a126624479
date: Thu, 17 Mar 2022 18:37:34 GMT
last-modified: Tue, 10 Feb 2015 22:25:44 GMT
server: Funke Digital Cloud - SpeedCDN <speed@funkedigital.de>
cache-control: public,max-age=31536000
age: 0
x-cache: HIT
content-type: image/jpeg
x-cache-path: assets
cmstype: i
content-length: 68844
expires: Tue, 29 Mar 2022 19:01:07 GMT

GET
H/1.1 200
OK 5e5ba481cae7d9f6c633487df6e594c7_edited_68000544_33e8dca9ce.jpeg
taz.de/picture/1922599/948/ 68 KB
69 KB 71ms
18ms Image
image/jpeg 2001:67c:13c::7a2:de
TAZ-AS taz die ta...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taz.de/picture/1922599/948/5e5ba481cae7d9f6c633487df6e594c7_edited_68000544_33e8dca9ce.jpeg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:13c::7a2:de , Germany, ASN16075 (TAZ-AS taz die tageszeitung autonomous system, DE),

Reverse DNS

Software

nginx /

Resource Hash

0cad69d6d472712ff8883e8053162dba714415f97f311f58278014e84cf1e9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Via: 1.1 www.taz.de
Vary: X-Taz-Forwarded-RequestUri,X-RatioURL-Decoration,X-RatioURL-Channel,X-RatioURL-Particle,Accept-Encoding
X-Use-Gopher: gopher://taz.de
Connection: Keep-Alive
Content-Length: 69591
X-Clacks-Overhead: GNU Terry Pratchett
Last-Modified: Fri, 07 Jun 2019 12:18:28 GMT
Server: nginx
ETag: "10fd7-58abad3fc01b7"
Strict-Transport-Security: max-age=15724800;
Onion-Location: http://zervmwoc5flabhlh3heegnspbpoebbgr3kgkaarkpnz2gtsuunlxgqyd.onion/picture/1922599/948/5e5ba481cae7d9f6c633487df6e594c7_edited_68000544_33e8dca9ce.jpeg
Content-Type: image/jpeg
Cache-Control: max-age=120
Permissions-Policy: interest-cohort=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 lia01.jpg
www.emerge-mag.com/wp-content/uploads/2012/01/ 414 KB
415 KB 31ms
11ms Image
image/jpeg 192.124.249.103
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.emerge-mag.com/wp-content/uploads/2012/01/lia01.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10103.sucuri.net

Software

nginx /

Resource Hash

929bcf416f8c9a2ea2f07d0cc4f46eaf7f46012034311e6849a0dd12d8341690

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:34 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 424020
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Apr 2016 16:25:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15003
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

9lDi9Zzp4di9COb7ZDBPIK.jpg
cdn.unitycms.io/images/
Redirect Chain

https://files.newsnetz.ch/story/2/5/5/25579223/6/topelement.jpg
https://cdn.unitycms.io/image/ocroped/1200,1200,1000,1000,0,0/64w0UP618Gk/9lDi9Zzp4di9COb7ZDBPIK.jpg
https://cdn.unitycms.io/images/9lDi9Zzp4di9COb7ZDBPIK.jpg?op=ocroped&val=1200,1200,1000,1000,0,0&sum=64w0UP618Gk

13 KB
14 KB

28ms
27ms

Image
image/webp

13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unitycms.io/images/9lDi9Zzp4di9COb7ZDBPIK.jpg?op=ocroped&val=1200,1200,1000,1000,0,0&sum=64w0UP618Gk
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: daffy /
Resource Hash: 55f8c0e5834d3fff64dbb92376508a8d422e30dc36e43632045c00f6231598ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:20:38 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
server: daffy
age: 1017
x-performance: 0.134951
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
x-backend: daffy-cff76d9f4-9gtv2
content-length: 13620
x-amz-cf-id: jH6H3epVZBqlsej8PQjrAKJg58j5ApKMcbhmu2cwPs7r1vbM90LG-A==

Redirect headers

date: Thu, 17 Mar 2022 18:20:37 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
server: daffy
age: 1018
x-performance: 0.000044
x-cache: Hit from cloudfront
location: https://cdn.unitycms.io/images/9lDi9Zzp4di9COb7ZDBPIK.jpg?op=ocroped&val=1200,1200,1000,1000,0,0&sum=64w0UP618Gk
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: dYKFgxm4_gQVDTRA3pSJECI-aqgI8vN3WBFMAmJDDmrc6vTwlL5FZA==

GET 1024_316627_0208_57698553.jpg
www.nnz-online.de/_daten/cache/ 0
0

GET
H2 200 Flyer-Kann-ein-Muslim-Christ-werden-1024x484.jpg
christen-in-krefeld.de/wp-content/uploads/2018/06/ 952 KB
958 KB 338ms
27ms Image
image/jpeg 85.13.155.176
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://christen-in-krefeld.de/wp-content/uploads/2018/06/Flyer-Kann-ein-Muslim-Christ-werden-1024x484.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.155.176 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd39438.kasserver.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
last-modified: Fri, 20 Jul 2018 12:33:42 GMT
server: Apache
accept-ranges: bytes
etag: "ede2e-5716d818cbcca"
content-length: 974382
content-type: image/jpeg

GET 2239876343_deutsche-muslime-kennenlernen.jpg
akady.info/images/ 0
0

GET
H/1.1

200
OK

wulff2.20100913-10.jpg
taz.de/picture/297666/948/
Redirect Chain

https://www.taz.de/picture/297666/948/wulff2.20100913-10.jpg
https://taz.de/picture/297666/948/wulff2.20100913-10.jpg

103 KB
104 KB

17ms
16ms

Image
image/jpeg

2001:67c:13c::7a2:de
TAZ-AS taz die ta...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taz.de/picture/297666/948/wulff2.20100913-10.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

HTTP/1.1

Server

2001:67c:13c::7a2:de , Germany, ASN16075 (TAZ-AS taz die tageszeitung autonomous system, DE),

Reverse DNS

Software

nginx /

Resource Hash

1c8db62045ece8dd20f64798cbf8b176f1a2bc24e013d8f6890a21e6aeb08147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Via: 1.1 www.taz.de
Vary: X-Taz-Forwarded-RequestUri,X-RatioURL-Decoration,X-RatioURL-Channel,X-RatioURL-Particle,Accept-Encoding
X-Use-Gopher: gopher://taz.de
Connection: Keep-Alive
Content-Length: 105648
X-Clacks-Overhead: GNU Terry Pratchett
Last-Modified: Fri, 22 May 2015 06:46:48 GMT
Server: nginx
ETag: "19cb0-516a6063bdd4f"
Strict-Transport-Security: max-age=15724800;
Onion-Location: http://zervmwoc5flabhlh3heegnspbpoebbgr3kgkaarkpnz2gtsuunlxgqyd.onion/picture/297666/948/wulff2.20100913-10.jpg
Content-Type: image/jpeg
Cache-Control: max-age=120
Permissions-Policy: interest-cohort=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15724800;
Content-Type: text/html; charset=iso-8859-1
Location: https://taz.de/picture/297666/948/wulff2.20100913-10.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 341

GET
H/1.1

404
Not Found

erika-theissen.jpg
www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/
Redirect Chain

http://www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/erika-theissen.jpg?__blob=poster&v=3
https://www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/erika-theissen.jpg?__blob=poster&v=3

0
0

173ms
122ms

Image
text/html

80.245.152.194
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/erika-theissen.jpg?__blob=poster&v=3
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 80.245.152.194 Frankfurt am Main, Germany, ASN35704 (ZIVIT-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/erika-theissen.jpg?__blob=poster&v=3
Date: Thu, 17 Mar 2022 18:37:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

prozesse-drei-kommunen-hatten-beschwerde-eingereicht..jpg
p6.focus.de/img/fotos/id_3116819/
Redirect Chain

https://p5.focus.de/img/fotos/crop3116819/825032379-w300-h167-o-q75-p5/Prozesse-Drei-Kommunen-hatten-Beschwerde-eingereicht.jpg
http://p6.focus.de/img/fotos/id_3116819/prozesse-drei-kommunen-hatten-beschwerde-eingereicht..jpg?im=Resize%3D%28300%2C167%29&hash=51d137424765d9de225be17678faef6e9116e6f1b8d4497580f88727de7f3a34

12 KB
12 KB

73ms
33ms

Image
image/webp

2a02:26f0:6c00::210:bb63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p6.focus.de/img/fotos/id_3116819/prozesse-drei-kommunen-hatten-beschwerde-eingereicht..jpg?im=Resize%3D%28300%2C167%29&hash=51d137424765d9de225be17678faef6e9116e6f1b8d4497580f88727de7f3a34
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00::210:bb63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f0030cc8759dc179c13b91dbebe9a7b17bf93b1f336a48c8f2ec1b480c4eaa40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
X-Check-Cacheable: YES
X-Serial: 1003
ETag: "ff899393521fbd773ce4b0cdc445ae2a:1597676998.39862"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: private, no-transform, max-age=2592000
Last-Modified: Thu, 17 Mar 2022 18:21:10 GMT
Connection: keep-alive
Content-Length: 12190
Server: Akamai Image Manager
Expires: Sat, 16 Apr 2022 18:37:35 GMT

Redirect headers

x-varnish-cache: MISS
x-varnish-retries: 0
date: Thu, 17 Mar 2022 18:37:34 GMT
location: http://p6.focus.de/img/fotos/id_3116819/prozesse-drei-kommunen-hatten-beschwerde-eingereicht..jpg?im=Resize%3D%28300%2C167%29&hash=51d137424765d9de225be17678faef6e9116e6f1b8d4497580f88727de7f3a34
x-varnish-backend: goto.0000000b.(10.70.206.176).(http://origin-internal.bf-folescenic-production.aws.bfops.io:80).(ttl:10.000000)
access-control-allow-origin: *
x-varnish-restarts: 0
cache-control: max-age=60
content-length: 0
expires: Thu, 17 Mar 2022 18:38:34 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/I59FVhBakoI/ 15 KB
16 KB 61ms
27ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/I59FVhBakoI/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3726a3102d8d861419ac4d1f6b3eaeda3b710c41e4599ea8cc2de7611c976cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15385
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:34 GMT

GET
H/1.1

200
OK

verbraucher-unterlagen-und-belege-aus-selbststaendiger-arbeit-muessen-bis-zu-zehn-jahre-aufgehoben-werden..jpg
p6.focus.de/img/fotos/id_389088/
Redirect Chain

https://p5.focus.de/img/fotos/crop389088/9660321748-w300-h167-o-q75-p5/Verbraucher-Unterlagen-und-Belege-aus-selbststaendiger-Arbeit-muessen-bis-zu-zehn-Jahre-aufgehoben-werden.jpg
http://p6.focus.de/img/fotos/id_389088/verbraucher-unterlagen-und-belege-aus-selbststaendiger-arbeit-muessen-bis-zu-zehn-jahre-aufgehoben-werden..jpg?im=Resize%3D%28300%2C167%29&hash=2505cc7f905044...

10 KB
10 KB

46ms
32ms

Image
image/webp

2a02:26f0:6c00::210:bb63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p6.focus.de/img/fotos/id_389088/verbraucher-unterlagen-und-belege-aus-selbststaendiger-arbeit-muessen-bis-zu-zehn-jahre-aufgehoben-werden..jpg?im=Resize%3D%28300%2C167%29&hash=2505cc7f905044246f312f14c6f3dd620a799d38334295f3367d016ee89e39b6
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00::210:bb63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 71b7c963d93a9658ba6c15697be9a34a4695525d2eec8da2035f27a7fd998486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Last-Modified: Sat, 12 Mar 2022 17:40:39 GMT
Server: Akamai Image Manager
ETag: "5ab7a48ea5a69b22e7ac3b14009a7c11:1597493410.405724"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: private, no-transform, max-age=2592000
Connection: keep-alive
Content-Length: 10016
Expires: Sat, 16 Apr 2022 18:37:35 GMT

Redirect headers

x-varnish-cache: MISS
x-varnish-retries: 0
date: Thu, 17 Mar 2022 18:37:34 GMT
location: http://p6.focus.de/img/fotos/id_389088/verbraucher-unterlagen-und-belege-aus-selbststaendiger-arbeit-muessen-bis-zu-zehn-jahre-aufgehoben-werden..jpg?im=Resize%3D%28300%2C167%29&hash=2505cc7f905044246f312f14c6f3dd620a799d38334295f3367d016ee89e39b6
x-varnish-backend: goto.00000008.(10.70.206.176).(http://origin-internal.bf-folescenic-production.aws.bfops.io:80).(ttl:10.000000)
access-control-allow-origin: *
x-varnish-restarts: 0
cache-control: max-age=60
content-length: 0
expires: Thu, 17 Mar 2022 18:38:34 GMT

GET
H2 200 CLOPPENBURG_2_59be67af-e8f3-4f74-bca2-25d3f63d6318--458x337.jpg
img.nwzonline.de/rf/image_online/NWZ_CMS/NWZ/2014-2016/Produktion/2016/07/08/CLOPPENBURG/2/Bilder/ 26 KB
26 KB 81ms
17ms Image
image/jpeg 80.228.114.210
EWETEL Cloppenbur...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.nwzonline.de/rf/image_online/NWZ_CMS/NWZ/2014-2016/Produktion/2016/07/08/CLOPPENBURG/2/Bilder/CLOPPENBURG_2_59be67af-e8f3-4f74-bca2-25d3f63d6318--458x337.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.228.114.210 Oldenburg, Germany, ASN9145 (EWETEL Cloppenburger Strasse 310, DE),
Reverse DNS: img.medien-systempartner.de
Software: nginx /
Resource Hash: 7f755ad6ae472b365c9e0cdf9cfec99fc0f2ad07268fc188d3dd53719fab4316

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
content-encoding: gzip
last-modified: Sat, 12 Mar 2022 17:40:29 GMT
server: nginx
etag: W/"622cdb0d-681d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: http://www.nwzonline.de
cache-control: max-age=604800
expires: Thu, 24 Mar 2022 18:37:35 GMT

GET
H2 200 57566756.jpg
ais.badische-zeitung.de/piece/03/6e/66/24/ 55 KB
55 KB 90ms
41ms Image
image/jpeg 2606:4700:10::ac43:26e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ais.badische-zeitung.de/piece/03/6e/66/24/57566756.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:26e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4ef8302ad314601e181fca2344fd1c23de9464380d9c0bd1dcbad008405457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
cf-cache-status: HIT
x-cacheable: YES:Cache-Control=max-age
age: 1017
cf-polished: origSize=62435
x-cache: MISS@bz-prod2-cache101.dmz.freinet.de
x-cache-hits: 0
content-length: 56017
x-ais-rule: 3 - Original file found
last-modified: Sat, 31 Mar 2012 04:04:23 GMT
server: cloudflare
etag: "4f768247-f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 17 Mar 2022 19:20:38 GMT
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6ed7d7360ca9cc56-ZRH
x-stage: prod2
cf-bgj: imgq:100,h2pri

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/vdkvP3HO4vE/ 9 KB
9 KB 31ms
30ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vdkvP3HO4vE/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

009c48b314d359c38c0ce6d3855d8cbef76382c0d46e533be6b5eb7c6459037f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9661
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:35 GMT

GET
H2 200 ich-bin-muslim.jpg
hannibalnur.files.wordpress.com/2011/02/ 2 MB
2 MB 48ms
7ms Image
image/jpeg 192.0.72.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannibalnur.files.wordpress.com/2011/02/ich-bin-muslim.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

66a495ea07dbdc9c5f5093ade541d28b2e5ba39c7e31a8059096d6e974324afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn 24 np
date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Aug 2015 10:15:24 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/jpeg
access-control-allow-origin: https://hannibalnur.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 1862519
expires: Sat, 23 Apr 2022 03:21:51 GMT

GET
H2

200

13-tatort-borowski-und-das-verlorene-maedchen_201611062156_full.jpg
www.noz.de/media/2016/11/06/
Redirect Chain

http://www.noz.de/media/2016/11/06/13-tatort-borowski-und-das-verlorene-maedchen_201611062156_full.jpg
https://www.noz.de/media/2016/11/06/13-tatort-borowski-und-das-verlorene-maedchen_201611062156_full.jpg

631 B
713 B

94ms
33ms

Image
image/jpeg

2600:9000:225a:2400:19:82c2:c040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noz.de/media/2016/11/06/13-tatort-borowski-und-das-verlorene-maedchen_201611062156_full.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Server: 2600:9000:225a:2400:19:82c2:c040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f5c9f7b14117f4050ce7618aef81aa14b03b705b14028326d62fb469eb0af446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
via: 1.1 8ba5a7db0f86d152bf852f67ddf89e84.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
content-encoding: gzip
x-amz-cf-id: 7vldq6_VXU9QgqQl76JqNggxp5cXV77NNGjT4R9-I7cMddlJxOAxlw==

Redirect headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Via: 1.1 96d2df8d2655bf1d48c2f4e4db090ae6.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: TXL50-P1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://www.noz.de/media/2016/11/06/13-tatort-borowski-und-das-verlorene-maedchen_201611062156_full.jpg
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: QNmByBEANCfbmvS6aEco-If2R7MKX_WySiPquuylmXjVZkZN8teVcQ==

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/C63pknXusLo/ 12 KB
12 KB 30ms
28ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/C63pknXusLo/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ed130530a4ef8c470f4487f0dd963d353a32d6cd60a8e1477267ee7e45c071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12698
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:35 GMT

GET
H2 200 20161011_140239.jpg
hannibalnur.files.wordpress.com/2016/10/ 4 MB
4 MB 46ms
7ms Image
image/jpeg 192.0.72.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannibalnur.files.wordpress.com/2016/10/20161011_140239.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a9aeb521f72bbe8da6b57ae336c6cc2d0d81ec89087ec0867e1405935402a20e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn 24 np
date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2016 12:06:58 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/jpeg
access-control-allow-origin: https://hannibalnur.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 3832556
expires: Fri, 22 Apr 2022 03:56:33 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/eBCgl4l8qCg/ 10 KB
11 KB 28ms
27ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eBCgl4l8qCg/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1184426f702e8d3e03ed926cf4c1fa8ec1e08981ec752a4fa8233c4279440086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10697
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:35 GMT

GET
H2 200 33959929-020.jpg
www.derwesten.de/img/incoming/origs3790208/5783583524-w552-bF3F3F3-st/ 46 KB
46 KB 44ms
35ms Image
image/jpeg 2a01:4f8:c0:1440::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/img/incoming/origs3790208/5783583524-w552-bF3F3F3-st/33959929-020.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c0:1440::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Funke Digital Cloud - SpeedCDN <speed@funkedigital.de> /
Resource Hash: 2820eefa1960fb727a8eb5035002995c91d7f10cacc242d1341e01165b5fa07e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cmsid: a3790208
date: Thu, 17 Mar 2022 18:37:35 GMT
last-modified: Thu, 03 Nov 2016 19:08:04 GMT
server: Funke Digital Cloud - SpeedCDN <speed@funkedigital.de>
cache-control: public,max-age=31536000
age: 0
vary: Accept-Encoding,User-Agent,Cookie
x-cache: HIT
content-type: image/jpeg
x-cache-path: assets
cmstype: i
content-length: 47100
expires: Tue, 29 Mar 2022 19:01:08 GMT

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/7COSRoLEXi8/ 12 KB
12 KB 51ms
50ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7COSRoLEXi8/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6ecb9780d95f6e7cbc9fb1e89ca28709b2c8abab9c4334f6adef0941906681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12298
x-xss-protection: 0
server: sffe
etag: "1493838090"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:35 GMT

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/cPl98vR4k00/ 12 KB
12 KB 28ms
27ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/cPl98vR4k00/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a655238e6639e020662237cc5d1578aaab0ee2b0d1d5e68e76f1e78bcac5b56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12042
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:35 GMT

GET
H/1.1 200
OK baghajati_body.5294338.jpg
tubestatic.orf.at/static/images/site/tube/20141040/ 40 KB
40 KB 101ms
29ms Image
image/jpeg 2a01:468:1000:9::173
AS5403

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tubestatic.orf.at/static/images/site/tube/20141040/baghajati_body.5294338.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:468:1000:9::173 , Austria, ASN5403 (AS5403, AT),
Reverse DNS
Software: Apache /
Resource Hash: 9d6203dcf1881c7b90b207c400c9f997985597b1979752fb563203b82178eaf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Last-Modified: Fri, 03 Oct 2014 11:07:00 GMT
Server: Apache
ETag: "9e63-50482bb687d00"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 40547
Expires: Sat, 16 Apr 2022 18:37:35 GMT

GET sich--offnen-aussen.jpg
www.pure-mess.ro/wp-content/uploads/ 0
0

GET 2239876166_deutsche-muslime-kennenlernen.jpg
akady.info/images/ 0
0

GET 668_316627_0208_57698553.jpg
www.nnz-online.de/_daten/cache/ 0
0

GET
H/1.1

404
Not Found

Konvertierte_Deutsche_01.jpg
www.ludolfdahmen.de/sites/default/files/ldf-images/
Redirect Chain

http://www.ludolfdahmen.de/sites/default/files/ldf-images/Konvertierte_Deutsche_01.jpg
https://www.ludolfdahmen.de/sites/default/files/ldf-images/Konvertierte_Deutsche_01.jpg

0
0

197ms
176ms

Image
text/html

2a01:488:42:1000:50ed:8597:88:fb60
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ludolfdahmen.de/sites/default/files/ldf-images/Konvertierte_Deutsche_01.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2a01:488:42:1000:50ed:8597:88:fb60 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.ludolfdahmen.de/sites/default/files/ldf-images/Konvertierte_Deutsche_01.jpg
Cache-Control: max-age=1209600
Connection: keep-alive
Content-Length: 295
Expires: Thu, 31 Mar 2022 18:37:35 GMT

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/STg7BBi_KCU/ 9 KB
9 KB 53ms
51ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/STg7BBi_KCU/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3556d12f766798a77740ff988fcb7e80754cb63a22a01a5a58b87df7db755a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8888
x-xss-protection: 0
server: sffe
etag: "1493838169"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:35 GMT

GET
H2

200

38c98732868ceba557a4163fbb01b4e1.jpg
i.pinimg.com/736x/38/c9/87/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/38/c9/87/38c98732868ceba557a4163fbb01b4e1.jpg
https://i.pinimg.com/736x/38/c9/87/38c98732868ceba557a4163fbb01b4e1.jpg

28 KB
29 KB

41ms
40ms

Image
image/jpeg

2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/38/c9/87/38c98732868ceba557a4163fbb01b4e1.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: H2
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-pinterest-cache: MISS
x-cdn: fastly
etag: "9a52284ac1bae43d0c3a6355265ce9cc"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
fastly-original-body-size: 29056
accept-ranges: bytes
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 29056

Redirect headers

location: https://i.pinimg.com/736x/38/c9/87/38c98732868ceba557a4163fbb01b4e1.jpg
date: Thu, 17 Mar 2022 18:37:35 GMT
x-cdn: fastly
accept-ranges: bytes
content-length: 0
vary: Origin
retry-after: 0

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/YN_t8L_DPMA/ 6 KB
6 KB 33ms
31ms Image
image/jpeg 2a00:1450:400e:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/YN_t8L_DPMA/hqdefault.jpg

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b4cf08e3f6e53b94a5b399b1bef0f8e0f2692bc1c67f8d29c2e607ae009d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:37:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6408
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Mar 2022 20:37:35 GMT

GET
H/1.1 200
OK pic2.jpg
mkoderators.gq/images/ 9 KB
10 KB 138ms
136ms Image
image/jpeg 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mkoderators.gq/images/pic2.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9218
Last-Modified: Mon, 13 Jan 2020 09:38:40 GMT
Server: cloudflare
ETag: "5e1c3aa0-2402"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8qKsgdf0NB7x7hbibwVxqiHGaTnc44%2Bjj%2FKkk0Lk9egmWaDKq8dc7GIbmjbigdPIcCzDiWKSzC6%2FbBXMQbgUd%2BgZyun3ZJEpfzFIDXOMhnvkK1MlDW0OMSkusLyBi97hsxOz3%2FLUut3N%2B137A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6ed7d735ca021047-MRS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pic1.jpg
mkoderators.gq/images/ 5 KB
6 KB 77ms
76ms Image
image/jpeg 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mkoderators.gq/images/pic1.jpg
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5021
Last-Modified: Mon, 13 Jan 2020 09:35:22 GMT
Server: cloudflare
ETag: "5e1c39da-139d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFPp5%2FUPgMdUUzQ6ubuerQuX6eZD4nLFaHwkbifxZiLuGFLUcWCLmYe5JYR1AeM0UuU8E5ek0NJpMcKgksV9oouGK0tTfh73lXNckLHeE60%2BIXMxsnZMyMXFRlSj1LR1iiRuA1fBW2C5fPskuA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6ed7d735cbe1374f-MXP
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
mkoderators.gq/images/assets/js/ 86 KB
31 KB 48ms
32ms Script
application/javascript 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mkoderators.gq/images/assets/js/jquery.min.js
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1017
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 06 Jun 2019 14:17:00 GMT
Server: cloudflare
ETag: W/"5cf9205c-15851"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkuthq950ptYgbCAPA7zfZd5onJ9UsrL8G%2F9WRMBOg3hFCo150GHhAw9FxLKPsPDFp0iexN4xA2C4w%2Bdbk80jXPlpIsKqOcGBrkEfpIaM%2FmAgJg5RsxcLeFdwC5irW%2B3Lgk4qKkSWJGJFLS2AA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 6ed7d734b9f291ea-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK browser.min.js Show response
mkoderators.gq/images/assets/js/ 2 KB
2 KB 49ms
32ms Script
application/javascript 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mkoderators.gq/images/assets/js/browser.min.js
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1017
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 06 Jun 2019 14:17:00 GMT
Server: cloudflare
ETag: W/"5cf9205c-73b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMe8sFHrJztBz3hr8CGZRZGlQcHeJp9sV1VNteBMvLGl39Mn03FjvdnycGE95bclK%2FMDbj%2B3h7ZIhnvNfU9PtJXZ8oRlseyeo7a%2BSUiKv3KwCH5Qt%2F8QG46rg17CzKYp7nCFBdoQEQjS5PkSCg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 6ed7d734b9459274-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK breakpoints.min.js Show response
mkoderators.gq/images/assets/js/ 2 KB
2 KB 45ms
27ms Script
application/javascript 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mkoderators.gq/images/assets/js/breakpoints.min.js
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1017
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 06 Jun 2019 14:17:00 GMT
Server: cloudflare
ETag: W/"5cf9205c-987"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vitHWKJfKzt24AXjdZz0IYt9pR1qb9%2B7qJWuEt82Fy1MBLFzmOmY%2BAUkqbS12VOeyO%2F9M%2FapyNDkg%2BIlSW9Y7Whbm26H6B9YXj%2F3JK148pL9I3VxAxNXB7fj18wRBGSx%2FyYxuZ1ieQoIWBzoA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 6ed7d734bed0924d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK util.js Show response
mkoderators.gq/images/assets/js/ 12 KB
4 KB 74ms
54ms Script
application/javascript 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mkoderators.gq/images/assets/js/util.js
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 06 Jun 2019 14:17:00 GMT
Server: cloudflare
ETag: W/"5cf9205c-3091"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii%2BN5Dmr564dQQmpQu4NR%2BAC%2FH%2BRy9YpAd15Zy15ohLVKhFUW8fOB3Vx6JUp3ht8I6rq%2FRNyYg%2Bipgz4AeTsyBkZAzYBTR5qhUeNHFXvqKq7PaBvPClY6veeqERieQSzA3jjh4OIJJmcPdJSzA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 6ed7d734cfb09229-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
mkoderators.gq/images/assets/js/ 1 KB
1 KB 121ms
98ms Script
application/javascript 2606:4700:3031::6815:34e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mkoderators.gq/images/assets/js/main.js
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:34 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 06 Jun 2019 14:17:00 GMT
Server: cloudflare
ETag: W/"5cf9205c-405"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IONAGOsv%2FGParkmLRglpdJsJ%2FDmsHedwvrZfmsrPXItGzLJA5h1MTd5r2XlfxrqkfCpYuRsBYdzmr%2FmHLl0p1hu%2FKl%2FBp1OrfXkBmYJKeVQSh5n7zzezTx0OtlbLJbeAj5mBNBQZffxU%2FJPLpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 6ed7d734c83f1047-MRS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1007 B 63ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Requested by

Host: mkoderators.gq
URL: http://mkoderators.gq/images/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d83f5dd72fd22a364420ba7bf34d87a6ed5c44b415d80bc569ccb82802f4989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 17:43:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 18:37:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 18:37:34 GMT

GET
H/1.1 200
OK KjXhYN
algosit.com/ 466 B
1 KB 176ms
125ms Script
application/javascript 2606:4700:3032::ac43:aeaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://algosit.com/KjXhYN?se_referrer=&default_keyword=Zum%20islam%20konvertierte%20deutsche%20kennenlernen&&frm610bbd2f3af8d=script610bbd2f3af8e&_cid=a53f2f4c-ef52-b491-035a-6baf9ce8e7ad
Requested by: Host: mkoderators.gq
URL: http://mkoderators.gq/
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:aeaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pragma: no-cache
Last-Modified: Thu, 17 Mar 2022 18:37:35 GMT
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlMhzHVfWcLDvsbWqNSNt9pg%2BFMZyvK17VSpiaCVa1u5jo2etFAy0MXq%2Boli%2FWCLVsniId%2FW42tXym9w3JTYFnWoxmx2B0ax1m%2F3YuG%2BPD9tfj2Di9N0R0X%2BIXf%2FzHgf%2Bfdsnhsf2bZ4KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
CF-RAY: 6ed7d736eb4940d5-CDG
Expires: 0

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v15/ 29 KB
29 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v15/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mkoderators.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:03 GMT
x-content-type-options: nosniff
age: 81991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29252
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:51:03 GMT

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-7fq8Ho.woff2
fonts.gstatic.com/s/ubuntucondensed/v15/ 39 KB
39 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v15/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-7fq8Ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54562f1d5c00a291b9fb5ef9dc13b44629018602f2a131168a4c081a595314de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mkoderators.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 00:26:48 GMT
x-content-type-options: nosniff
age: 65446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:06 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 00:26:48 GMT

GET
H/1.1 200
OK Primary Request / Show response
live-datingsforyou.com/ 7 KB
8 KB 241ms
73ms Document
text/html 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Requested by: Host: algosit.com
URL: http://algosit.com/KjXhYN?se_referrer=&default_keyword=Zum%20islam%20konvertierte%20deutsche%20kennenlernen&&frm610bbd2f3af8d=script610bbd2f3af8e&_cid=a53f2f4c-ef52-b491-035a-6baf9ce8e7ad
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: efd7be08a1e351d2ec0d51d2215427c71f34835b5915a6d47b7b525bbfd768e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mkoderators.gq/

Response headers

Server: nginx
Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Type: text/html
Content-Length: 7477
Connection: keep-alive
Cache-Control: private no-transform

GET
H/1.1 200
OK animate.min.css
live-datingsforyou.com/media/dating/toon2/css/ 52 KB
4 KB 14ms
14ms Stylesheet
text/css 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/dating/toon2/css/animate.min.css
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-ce35"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK style.css
live-datingsforyou.com/media/dating/toon2/css/ 8 KB
2 KB 54ms
14ms Stylesheet
text/css 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/dating/toon2/css/style.css
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-21a0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK js.cookie.js Show response
live-datingsforyou.com/cookie/ 4 KB
2 KB 54ms
14ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/cookie/js.cookie.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:38:46 GMT
Server: nginx
ETag: W/"60a506d6-10a8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK utils.js Show response
live-datingsforyou.com/util/ 7 KB
3 KB 95ms
25ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/util/utils.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Mon, 21 Jun 2021 15:49:14 GMT
Server: nginx
ETag: W/"60d0b4fa-1d57"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK 123.jpg
live-datingsforyou.com/media/dating/toon2/images/ 175 KB
166 KB 59ms
13ms Image
image/jpeg 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-datingsforyou.com/media/dating/toon2/images/123.jpg
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-2bbe8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
live-datingsforyou.com/media/dating/toon2/js/ 84 KB
29 KB 54ms
13ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK bb.js Show response
live-datingsforyou.com/media/ 639 B
642 B 54ms
14ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/bb.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:39:28 GMT
Server: nginx
ETag: W/"60a50700-27f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK exit1.js Show response
live-datingsforyou.com/media/exit-new/ 3 KB
1 KB 54ms
14ms Script
application/javascript 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://live-datingsforyou.com/media/exit-new/exit1.js
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/?u=8bfp605&o=4f30vvg&cid=2k5dj2i46llm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Mon, 31 May 2021 11:57:39 GMT
Server: nginx
ETag: W/"60b4cf33-d91"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H3 200 css
fonts.googleapis.com/ 30 KB
1 KB 34ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/media/dating/toon2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b71ee0d102354ec921f15ff7647b87d565ce922a163d7ee31fd238eae9b2814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 18:30:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 18:37:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 18:37:35 GMT

GET
H/1.1 200
OK bg.jpg
live-datingsforyou.com/media/dating/toon2/images/ 117 KB
108 KB 88ms
23ms Image
image/jpeg 5.101.45.6
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-datingsforyou.com/media/dating/toon2/images/bg.jpg
Requested by: Host: live-datingsforyou.com
URL: https://live-datingsforyou.com/media/dating/toon2/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.6 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live-datingsforyou.com/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 18:37:35 GMT
Content-Encoding: br
Last-Modified: Thu, 20 May 2021 06:04:50 GMT
Server: nginx
ETag: W/"60a5fc02-1d3ca"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://live-datingsforyou.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 83224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 27ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://live-datingsforyou.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 83225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.nnz-online.de
URL: https://www.nnz-online.de/_daten/cache/1280_316627_0208_57698553.jpg

Domain: files.puls4.com
URL: http://files.puls4.com/m3/tn1/AWJFylSnkH.jpg

Domain: www.nnz-online.de
URL: http://www.nnz-online.de/_daten/cache/1024_316627_0208_57698553.jpg

Domain: akady.info
URL: https://akady.info/images/2239876343_deutsche-muslime-kennenlernen.jpg

Domain: www.pure-mess.ro
URL: http://www.pure-mess.ro/wp-content/uploads/sich--offnen-aussen.jpg

Domain: akady.info
URL: https://akady.info/images/2239876166_deutsche-muslime-kennenlernen.jpg

Domain: www.nnz-online.de
URL: https://www.nnz-online.de/_daten/cache/668_316627_0208_57698553.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.deutsche-islam-konferenz.de/	1969-12-31 23:59:59	Name: AL_BALANCE-S Value: $xc/9BETL_HAvqzmtQagG6uI4FS!RPoJ7n_mD6jH6eWlWSPhxlsm
			live-datingsforyou.com/	1969-12-31 23:59:59	Name: sid Value: t3~yqotluqcx5xse1yplw2xyw1q

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://akady.info/images/2239876343_deutsche-muslime-kennenlernen.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://akady.info/images/2239876166_deutsche-muslime-kennenlernen.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.deutsche-islam-konferenz.de/SharedDocs/Bilder/DIK/DE/Bilderpool/erika-theissen.jpg?__blob=poster&v=3 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.ludolfdahmen.de/sites/default/files/ldf-images/Konvertierte_Deutsche_01.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ais.badische-zeitung.de
akady.info
algosit.com
cdn.unitycms.io
christen-in-krefeld.de
files.newsnetz.ch
files.puls4.com
fonts.googleapis.com
fonts.gstatic.com
hannibalnur.files.wordpress.com
i.pinimg.com
i.ytimg.com
img.morgenpost.de
img.nwzonline.de
live-datingsforyou.com
mkoderators.gq
p5.focus.de
p6.focus.de
s-media-cache-ak0.pinimg.com
taz.de
tubestatic.orf.at
www.derwesten.de
www.deutsche-islam-konferenz.de
www.emerge-mag.com
www.ludolfdahmen.de
www.nnz-online.de
www.noz.de
www.pure-mess.ro
www.taz.de
akady.info
files.puls4.com
www.nnz-online.de
www.pure-mess.ro
13.32.121.38
192.0.72.24
192.124.249.103
2001:67c:13c::7a2:de
2600:9000:2118:5c00:e:5a66:ac0:93a1
2600:9000:225a:2400:19:82c2:c040:93a1
2606:4700:10::ac43:26e2
2606:4700:3031::6815:34e7
2606:4700:3032::ac43:aeaa
2a00:1450:4001:803::2003
2a00:1450:4001:82b::200a
2a00:1450:400e:800::2016
2a01:468:1000:9::173
2a01:488:42:1000:50ed:8597:88:fb60
2a01:4f8:c0:1440::1
2a02:26f0:6c00::210:bb63
2a02:26f0:fb::5f65:5880
2a04:4e42:54::84
5.101.45.6
80.228.114.210
80.245.152.194
85.13.155.176
009c48b314d359c38c0ce6d3855d8cbef76382c0d46e533be6b5eb7c6459037f
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0cad69d6d472712ff8883e8053162dba714415f97f311f58278014e84cf1e9f1
1184426f702e8d3e03ed926cf4c1fa8ec1e08981ec752a4fa8233c4279440086
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
1c8db62045ece8dd20f64798cbf8b176f1a2bc24e013d8f6890a21e6aeb08147
211544ff3ce6f1ad79535337ce401a6ee73fb1ffc8ca9666243ad5f973d86add
2820eefa1960fb727a8eb5035002995c91d7f10cacc242d1341e01165b5fa07e
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
3556d12f766798a77740ff988fcb7e80754cb63a22a01a5a58b87df7db755a7d
3726a3102d8d861419ac4d1f6b3eaeda3b710c41e4599ea8cc2de7611c976cae
3b71ee0d102354ec921f15ff7647b87d565ce922a163d7ee31fd238eae9b2814
3d83f5dd72fd22a364420ba7bf34d87a6ed5c44b415d80bc569ccb82802f4989
422f5bf6b0cb0ce851d4777c79f0d0760e566632175f70c10b52baff4c0a5432
4a6ecb9780d95f6e7cbc9fb1e89ca28709b2c8abab9c4334f6adef0941906681
54562f1d5c00a291b9fb5ef9dc13b44629018602f2a131168a4c081a595314de
55f8c0e5834d3fff64dbb92376508a8d422e30dc36e43632045c00f6231598ce
60b4cf08e3f6e53b94a5b399b1bef0f8e0f2692bc1c67f8d29c2e607ae009d49
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
66a495ea07dbdc9c5f5093ade541d28b2e5ba39c7e31a8059096d6e974324afa
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
71b7c963d93a9658ba6c15697be9a34a4695525d2eec8da2035f27a7fd998486
7f755ad6ae472b365c9e0cdf9cfec99fc0f2ad07268fc188d3dd53719fab4316
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
929bcf416f8c9a2ea2f07d0cc4f46eaf7f46012034311e6849a0dd12d8341690
96ed130530a4ef8c470f4487f0dd963d353a32d6cd60a8e1477267ee7e45c071
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7
9d6203dcf1881c7b90b207c400c9f997985597b1979752fb563203b82178eaf7
a5695ec887ea857f2614e1f71095754c046fb16d915f757b31099224348267bd
a655238e6639e020662237cc5d1578aaab0ee2b0d1d5e68e76f1e78bcac5b56c
a7b4210839d65fd60c0027d01f59f4e885f026ca6315b7e2ac46ddb5e2ff38fb
a9aeb521f72bbe8da6b57ae336c6cc2d0d81ec89087ec0867e1405935402a20e
af65aaee67c766471d9470e755b60c2adfb3f74f2b57c54b692400504118580b
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc4ef8302ad314601e181fca2344fd1c23de9464380d9c0bd1dcbad008405457
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3b856eed5915a7ef4e5186b6ace5f2fd2e8a518520a312a9cd9ff84a679a3c
efd7be08a1e351d2ec0d51d2215427c71f34835b5915a6d47b7b525bbfd768e5
f0030cc8759dc179c13b91dbebe9a7b17bf93b1f336a48c8f2ec1b480c4eaa40
f5c9f7b14117f4050ce7618aef81aa14b03b705b14028326d62fb469eb0af446
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

live-datingsforyou.com Open in urlscan Pro 5.101.45.6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

58 %HTTPS

68 %IPv6

26 Domains

29 Subdomains

21 IPs

5 Countries

8010 kBTransfer

8266 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

live-datingsforyou.com Open in urlscan Pro
5.101.45.6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

58 %
HTTPS

68 %
IPv6

26
Domains

29
Subdomains

21
IPs

5
Countries

8010 kB
Transfer

8266 kB
Size

2
Cookies

59 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!