urlscan.io logo urlscan.io
SecurityTrails logo

septemberkuss.de Open in urlscan Pro
185.18.80.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://619tpc.com/v1/redirect/0.6112876691154175
Effective URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&p...
Submission: On June 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 19 HTTP transactions. The main IP is 185.18.80.100, located in France and belongs to JAGUAR-AS, FR. The main domain is septemberkuss.de.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time septemberkuss.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.160.108.161 396982 (GOOGLE-CL...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 185.18.80.100 30781 (JAGUAR-AS)
3 2a04:4e42:200... 54113 (FASTLY)
2 194.116.150.217 44949 (GIGACODES-AS)
1 195.160.203.18 44949 (GIGACODES-AS)
1 194.116.150.215 44949 (GIGACODES-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a07:ec80:211... 44949 (GIGACODES-AS)
1 2a00:1450:400... 15169 (GOOGLE)
19 11
2    2606:4700:3034::6815:1d8 (United States)

ASN13335 (CLOUDFLARENET, US)
619tpc.com
1    34.160.108.161 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.108.160.34.bc.googleusercontent.com
www.h-trck.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
harem-smrt.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    185.18.80.100 (France)

ASN30781 (JAGUAR-AS, FR)
PTR: nx1000.dynamixhost.com
septemberkuss.de
3    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    194.116.150.217 (Switzerland)

ASN44949 (GIGACODES-AS, DE)
www.flibzee.com
1    195.160.203.18 (Germany)

ASN44949 (GIGACODES-AS, DE)
www.wazazu.com
1    194.116.150.215 (Switzerland)

ASN44949 (GIGACODES-AS, DE)
www.endorico.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a07:ec80:211:1::11 (Germany)

ASN44949 (GIGACODES-AS, DE)
cdn.flibzee.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 septemberkuss.de
septemberkuss.de
1 MB
3 flibzee.com
www.flibzee.com
cdn.flibzee.com
146 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
105 KB
2 harem-smrt.com
harem-smrt.com
2 KB
2 619tpc.com
619tpc.com
1 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1004 B
1 endorico.com
www.endorico.com
924 B
1 wazazu.com
www.wazazu.com
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
6 KB
1 h-trck.com
www.h-trck.com
479 B
19 11
Domain Requested by
8 septemberkuss.de 1 redirects harem-smrt.com
septemberkuss.de
3 code.jquery.com septemberkuss.de
2 www.flibzee.com septemberkuss.de
2 harem-smrt.com 1 redirects
2 619tpc.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.flibzee.com septemberkuss.de
1 fonts.googleapis.com septemberkuss.de
1 www.endorico.com septemberkuss.de
1 www.wazazu.com septemberkuss.de
1 cdnjs.cloudflare.com harem-smrt.com
1 www.h-trck.com 1 redirects
19 12

This site contains links to these domains. Also see Links.

Domain
www.flibzee.com
www.visit-x.net
Subject Issuer Validity Valid
harem-smrt.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
septemberkuss.de
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
beianrufmica.de
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
beianrufmica.com
R3		 2024-05-15 -
2024-08-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cdn.clistory.com
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Frame ID: 6A100AD44062F6F16AAB592BAD3F3923
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Geile Camgirls live erleben!

Page URL History Show full URLs

  1. http://619tpc.com/v1/redirect/0.6112876691154175 HTTP 307
    https://619tpc.com/v1/redirect/0.6112876691154175 HTTP 307
    https://619tpc.com/v1/fallback/0.6112876691154175 HTTP 307
    https://www.h-trck.com/39S894/3QQG7?sub5= HTTP 302
    https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail= Page URL
  2. https://harem-smrt.com/offers/index.php?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c2... HTTP 302
    https://septemberkuss.de/offers/?pt=51_unknown&ct=DE Page URL
  3. https://septemberkuss.de/offers/index.php?pt=51_unknown&ct=DE&r=1 HTTP 302
    https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

19
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

1378 kB
Transfer

1714 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://619tpc.com/v1/redirect/0.6112876691154175 HTTP 307
    https://619tpc.com/v1/redirect/0.6112876691154175 HTTP 307
    https://619tpc.com/v1/fallback/0.6112876691154175 HTTP 307
    https://www.h-trck.com/39S894/3QQG7?sub5= HTTP 302
    https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail= Page URL
  2. https://harem-smrt.com/offers/index.php?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=&r=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&ua_pm=Windows&fw=1600&fh=1200&wdw_d={%22name%22:%22%22,%22status%22:%22%22,%22closed%22:false,%22length%22:0,%22origin%22:%22https://harem-smrt.com%22,%22innerWidth%22:1600,%22innerHeight%22:1200,%22scrollX%22:0,%22pageXOffset%22:0,%22scrollY%22:0,%22pageYOffset%22:0,%22screenX%22:1570,%22screenY%22:1170,%22outerWidth%22:1600,%22outerHeight%22:1200,%22devicePixelRatio%22:1,%22screenLeft%22:1570,%22screenTop%22:1170,%22isSecureContext%22:true,%22crossOriginIsolated%22:false,%22originAgentCluster%22:true,%22credentialless%22:false,%22fhe%22:%22Europe/Berlin%22,%22prop%22:%22prop%22,%22TEMPORARY%22:0,%22PERSISTENT%22:1}&ngt_d={%22vendorSub%22:%22%22,%22productSub%22:%2220030107%22,%22vendor%22:%22Google%20Inc.%22,%22maxTouchPoints%22:0,%22scheduling%22:{},%22userActivation%22:{},%22doNotTrack%22:null,%22geolocation%22:{},%22connection%22:{},%22plugins%22:{%220%22:{%220%22:{},%221%22:{}},%221%22:{%220%22:{},%221%22:{}},%222%22:{%220%22:{},%221%22:{}},%223%22:{%220%22:{},%221%22:{}},%224%22:{%220%22:{},%221%22:{}}},%22mimeTypes%22:{%220%22:{},%221%22:{}},%22pdfViewerEnabled%22:true,%22webkitTemporaryStorage%22:{},%22webkitPersistentStorage%22:{},%22windowControlsOverlay%22:{},%22hardwareConcurrency%22:12,%22cookieEnabled%22:true,%22appCodeName%22:%22Mozilla%22,%22appName%22:%22Netscape%22,%22appVersion%22:%225.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22platform%22:%22Win32%22,%22product%22:%22Gecko%22,%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22language%22:%22de-DE%22,%22languages%22:[%22en-US%22,%22en%22],%22onLine%22:true,%22webdriver%22:false,%22storageBuckets%22:{},%22clipboard%22:{},%22credentials%22:{},%22keyboard%22:{},%22managed%22:{},%22mediaDevices%22:{},%22storage%22:{},%22serviceWorker%22:{},%22virtualKeyboard%22:{},%22wakeLock%22:{},%22deviceMemory%22:8,%22userAgentData%22:{%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22platform%22:%22Win32%22},%22login%22:{},%22ink%22:{},%22mediaCapabilities%22:{},%22hid%22:{},%22locks%22:{},%22gpu%22:{},%22mediaSession%22:{},%22permissions%22:{},%22presentation%22:{},%22usb%22:{},%22xr%22:{},%22serial%22:{}}&hs_d={%22length%22:2,%22scrollRestoration%22:%22auto%22,%22state%22:null}&sc_d={%22availWidth%22:1600,%22availHeight%22:1200,%22width%22:1600,%22height%22:1200,%22colorDepth%22:24,%22pixelDepth%22:24,%22availLeft%22:0,%22availTop%22:0,%22orientation%22:{},%22onchange%22:null,%22isExtended%22:false}&fhe_d=Europe/Berlin&plg_d=[%22PDF%20Viewer%22,%22Chrome%20PDF%20Viewer%22,%22Chromium%20PDF%20Viewer%22,%22Microsoft%20Edge%20PDF%20Viewer%22,%22WebKit%20built-in%20PDF%22] HTTP 302
    https://septemberkuss.de/offers/?pt=51_unknown&ct=DE Page URL
  3. https://septemberkuss.de/offers/index.php?pt=51_unknown&ct=DE&r=1 HTTP 302
    https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://619tpc.com/v1/redirect/0.6112876691154175 HTTP 307
  • https://619tpc.com/v1/redirect/0.6112876691154175 HTTP 307
  • https://619tpc.com/v1/fallback/0.6112876691154175 HTTP 307
  • https://www.h-trck.com/39S894/3QQG7?sub5= HTTP 302
  • https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=
Request Chain 2
  • https://harem-smrt.com/offers/index.php?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=&r=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&ua_pm=Windows&fw=1600&fh=1200&wdw_d={%22name%22:%22%22,%22status%22:%22%22,%22closed%22:false,%22length%22:0,%22origin%22:%22https://harem-smrt.com%22,%22innerWidth%22:1600,%22innerHeight%22:1200,%22scrollX%22:0,%22pageXOffset%22:0,%22scrollY%22:0,%22pageYOffset%22:0,%22screenX%22:1570,%22screenY%22:1170,%22outerWidth%22:1600,%22outerHeight%22:1200,%22devicePixelRatio%22:1,%22screenLeft%22:1570,%22screenTop%22:1170,%22isSecureContext%22:true,%22crossOriginIsolated%22:false,%22originAgentCluster%22:true,%22credentialless%22:false,%22fhe%22:%22Europe/Berlin%22,%22prop%22:%22prop%22,%22TEMPORARY%22:0,%22PERSISTENT%22:1}&ngt_d={%22vendorSub%22:%22%22,%22productSub%22:%2220030107%22,%22vendor%22:%22Google%20Inc.%22,%22maxTouchPoints%22:0,%22scheduling%22:{},%22userActivation%22:{},%22doNotTrack%22:null,%22geolocation%22:{},%22connection%22:{},%22plugins%22:{%220%22:{%220%22:{},%221%22:{}},%221%22:{%220%22:{},%221%22:{}},%222%22:{%220%22:{},%221%22:{}},%223%22:{%220%22:{},%221%22:{}},%224%22:{%220%22:{},%221%22:{}}},%22mimeTypes%22:{%220%22:{},%221%22:{}},%22pdfViewerEnabled%22:true,%22webkitTemporaryStorage%22:{},%22webkitPersistentStorage%22:{},%22windowControlsOverlay%22:{},%22hardwareConcurrency%22:12,%22cookieEnabled%22:true,%22appCodeName%22:%22Mozilla%22,%22appName%22:%22Netscape%22,%22appVersion%22:%225.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22platform%22:%22Win32%22,%22product%22:%22Gecko%22,%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22language%22:%22de-DE%22,%22languages%22:[%22en-US%22,%22en%22],%22onLine%22:true,%22webdriver%22:false,%22storageBuckets%22:{},%22clipboard%22:{},%22credentials%22:{},%22keyboard%22:{},%22managed%22:{},%22mediaDevices%22:{},%22storage%22:{},%22serviceWorker%22:{},%22virtualKeyboard%22:{},%22wakeLock%22:{},%22deviceMemory%22:8,%22userAgentData%22:{%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22platform%22:%22Win32%22},%22login%22:{},%22ink%22:{},%22mediaCapabilities%22:{},%22hid%22:{},%22locks%22:{},%22gpu%22:{},%22mediaSession%22:{},%22permissions%22:{},%22presentation%22:{},%22usb%22:{},%22xr%22:{},%22serial%22:{}}&hs_d={%22length%22:2,%22scrollRestoration%22:%22auto%22,%22state%22:null}&sc_d={%22availWidth%22:1600,%22availHeight%22:1200,%22width%22:1600,%22height%22:1200,%22colorDepth%22:24,%22pixelDepth%22:24,%22availLeft%22:0,%22availTop%22:0,%22orientation%22:{},%22onchange%22:null,%22isExtended%22:false}&fhe_d=Europe/Berlin&plg_d=[%22PDF%20Viewer%22,%22Chrome%20PDF%20Viewer%22,%22Chromium%20PDF%20Viewer%22,%22Microsoft%20Edge%20PDF%20Viewer%22,%22WebKit%20built-in%20PDF%22] HTTP 302
  • https://septemberkuss.de/offers/?pt=51_unknown&ct=DE

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
harem-smrt.com/offers/
Redirect Chain
  • http://619tpc.com/v1/redirect/0.6112876691154175
  • https://619tpc.com/v1/redirect/0.6112876691154175
  • https://619tpc.com/v1/fallback/0.6112876691154175?
  • https://www.h-trck.com/39S894/3QQG7?sub5=
  • https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f018179ea21657bbc98694faffe15c5f39dd0feafdd4f0d8f6d9e1a9dc06ca2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-Prefers-Color-Scheme, Sec-CH-Viewport-Width, Sec-CH-DPR, Sec-CH-Width
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
896afcce3c281ac5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Jun 2024 10:13:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TuwSWBCQVvc8uRuJm%2BJfpV0llE9oxs4rzMRtiJW9avemtIF8h4GnqucJNA9TZvvqkiLipg1KfGZUYCXri9%2BtThf19iAqMzK9FpGiNHaRhLGo2qtJV33G7oegvBo60v25ivxPQLhu6X6kbchprA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
content-type
text/html; charset=utf-8
date
Thu, 20 Jun 2024 10:13:40 GMT
location
https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
026c5dbf-f8d2-4b0b-86bc-f8c43b9dab9c
platform.min.js
cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/platform.min.js
Requested by
Host: harem-smrt.com
URL: https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://harem-smrt.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:13:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
365209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5648
last-modified
Sat, 04 Jul 2020 11:56:15 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f006e5f-38b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=er%2FyQOKtZN%2FarHIaN1XZ78brl1v7k%2FYOHfpCja9HuFC8%2BiWVNy3LErdl0sm%2BXSp2dxsPEVZ%2BmLcwK1OrXZ%2BKxZNtidzEQu3jLl2Xw1S4qlOh09YIMkwEQxv0gm9lOnV%2BaPfdJv4bqdqpRikPk51pSd3G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
896afccf0b8e3a96-FRA
expires
Tue, 10 Jun 2025 10:13:40 GMT
/
septemberkuss.de/offers/
Redirect Chain
  • https://harem-smrt.com/offers/index.php?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=&r=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTM...
  • https://septemberkuss.de/offers/?pt=51_unknown&ct=DE
204 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://septemberkuss.de/offers/?pt=51_unknown&ct=DE
Requested by
Host: harem-smrt.com
URL: https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.18.80.100 , France, ASN30781 (JAGUAR-AS, FR),
Reverse DNS
nx1000.dynamixhost.com
Software
nginx / PleskLin
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://harem-smrt.com/offers/?id=39&affid=51&source=&clickid=6282805d7ac64c629037cb2e89c26d39&mail=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-viewport-width
1600

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
174
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jun 2024 10:13:41 GMT
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PleskLin

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-Prefers-Color-Scheme, Sec-CH-Viewport-Width, Sec-CH-DPR, Sec-CH-Width
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
896afccfde801ac5-FRA
content-type
text/html; charset=UTF-8
date
Thu, 20 Jun 2024 10:13:40 GMT
location
https://septemberkuss.de/offers/?pt=51_unknown&ct=DE
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sd93Wuh%2BDxoE%2F6mAZFsNfRtRVZgL271KuyiTNivL%2FpbvI3X6Ok00mSkZTbDgZFtHcG0SNWNXouCNZgMPpZ%2Bm%2BKIp1RoANtJSjDoF4PVRRe%2BWJPba%2BCgIPI%2B04mmCZX19WV8Q2tIHd8BGNvvqAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request landers.php
septemberkuss.de/live/
Redirect Chain
  • https://septemberkuss.de/offers/index.php?pt=51_unknown&ct=DE&r=1
  • https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee8...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/offers/?pt=51_unknown&ct=DE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.18.80.100 , France, ASN30781 (JAGUAR-AS, FR),
Reverse DNS
nx1000.dynamixhost.com
Software
nginx / PleskLin
Resource Hash
a4897a37734cdc7b04edc39316caef0ca5c4f945f77ce6ab995a435805e2a062

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://septemberkuss.de/offers/?pt=51_unknown&ct=DE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2495
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jun 2024 10:13:41 GMT
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PleskLin

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jun 2024 10:13:41 GMT
Location
https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Server
nginx
X-Powered-By
PleskLin
antiBounce.js
septemberkuss.de/live/js/ 		1 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://septemberkuss.de/live/js/antiBounce.js
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.18.80.100 , France, ASN30781 (JAGUAR-AS, FR),
Reverse DNS
nx1000.dynamixhost.com
Software
nginx / PleskLin
Resource Hash
ed72d7ffae6e9efc2577a0bb5079785273262e342efb1b4d0e07953b65dd094a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 20 Jun 2024 10:13:41 GMT
Content-Encoding
br
Last-Modified
Mon, 15 Aug 2016 09:41:28 GMT
Server
nginx
ETag
W/"57b18e48-530"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
styles.css
septemberkuss.de/live/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://septemberkuss.de/live/css/styles.css?v=667400d53b2d4
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.18.80.100 , France, ASN30781 (JAGUAR-AS, FR),
Reverse DNS
nx1000.dynamixhost.com
Software
nginx / PleskLin
Resource Hash
e37828456f032cfb22b1bb89dd2e2ceb9c58548b20c57dae4d1e6f5af09e49bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 20 Jun 2024 10:13:41 GMT
Content-Encoding
br
Last-Modified
Sat, 08 Jun 2024 16:00:10 GMT
Server
nginx
ETag
W/"6664800a-1bd2"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:13:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3559226
x-cache
HIT, HIT
content-length
8323
x-served-by
cache-lga13627-LGA, cache-fra-etou8220143-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1718878422.541628,VS0,VE0
etag
W/"28feccc0-8c85"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
30, 6444
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:13:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
282992
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-etou8220143-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1718878422.541940,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 46840
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:13:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1912039
x-cache
HIT, HIT
content-length
67751
x-served-by
cache-lga13623-LGA, cache-fra-etou8220143-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1718878422.541953,VS0,VE0
etag
W/"28feccc0-3dee4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
38, 5774
API
www.flibzee.com/VX/SI/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flibzee.com/VX/SI/API?w=24556&ws=2406002&pfm=2107&pc=CHAT41TOP&key=41960039865b89f34fa341835e130e1a
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.116.150.217 , Switzerland, ASN44949 (GIGACODES-AS, DE),
Reverse DNS
Software
adserver /
Resource Hash
c8472bdeac6086b02b3b23ce6ffd9cace0e5bdc4732f5c21f3d12bf07c7584d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 20 Jun 2024 10:13:41 GMT
content-encoding
gzip
server
adserver
content-length
1039
vary
Accept-Encoding
content-type
text/html; charset=utf-8
Webpush
www.wazazu.com/Dyn/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wazazu.com/Dyn/Webpush?w=24556&ws=septemberkuss_push&js=1
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.160.203.18 , Germany, ASN44949 (GIGACODES-AS, DE),
Reverse DNS
Software
adserver /
Resource Hash
d4986c54ade2bd3f782ebe524162d44c2c8f1df30a88b38d7f0873f749eee9f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 20 Jun 2024 10:13:40 GMT
content-encoding
gzip
server
adserver
content-length
7015
vary
Accept-Encoding
content-type
text/html; charset=utf-8
pu_zononi.js
www.endorico.com/js/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.endorico.com/js/pu_zononi.js
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.116.150.215 , Switzerland, ASN44949 (GIGACODES-AS, DE),
Reverse DNS
Software
adserver /
Resource Hash
2cdd5db594e2580130babddfd08d3688952214ec3f1219790b83ecac7f2c41f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:13:40 GMT
content-encoding
br
last-modified
Thu, 24 Aug 2023 11:12:03 GMT
server
adserver
etag
"3221229097-br"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
content-length
768
ClosePage
www.flibzee.com/Dyn/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flibzee.com/Dyn/ClosePage?js=1&w=24556&ws=septemberkuss_close
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.116.150.217 , Switzerland, ASN44949 (GIGACODES-AS, DE),
Reverse DNS
Software
adserver /
Resource Hash
09b1454d44652d9fce8d867b786c28b6911d94b762c3a9812f08b7e514ac371d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 20 Jun 2024 10:13:41 GMT
content-encoding
gzip
server
adserver
content-length
18070
vary
Accept-Encoding
content-type
text/html; charset=utf-8
css2
fonts.googleapis.com/ 		4 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/css/styles.css?v=667400d53b2d4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jun 2024 10:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 09:26:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jun 2024 10:13:41 GMT
webpush_abfrage_3_6117658.jpg
cdn.flibzee.com/dynbanner/webpush/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flibzee.com/dynbanner/webpush/webpush_abfrage_3_6117658.jpg
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a07:ec80:211:1::11 , Germany, ASN44949 (GIGACODES-AS, DE),
Reverse DNS
Software
/
Resource Hash
8be5ce94ff6bd5a14181612d505a8b40ed4a9beb88e13d2618dd4d1258d72565

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 16:43:30 GMT
Last-Modified
Tue, 12 Jul 2022 12:34:34 GMT
Access-Control-Allow-Methods
*
P3p
CP="OTI DSP COR IVDo IVAo PSA PSD TAI DEV ADM CUR CONo OUR IND PHY ONL UNI PUR FIN COM NAV INT CNT PRE", policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Content-Range,If-Range,Range,Content-Type,Authorization,X-Request,Accept
Content-Length
129236
truncated
/ 		653 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d3f7a91a000d4e18e43235110bab7520e7105ffceb891bb8ceb64fd0248445a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
1.gif
septemberkuss.de/live/images/main/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://septemberkuss.de/live/images/main/1.gif
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.18.80.100 , France, ASN30781 (JAGUAR-AS, FR),
Reverse DNS
nx1000.dynamixhost.com
Software
nginx / PleskLin
Resource Hash
5163744c6ef029ccc5f16bf36d4dcc0040ac2b5c3e031c6199e3075a42e0cad7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 20 Jun 2024 10:13:41 GMT
Last-Modified
Fri, 07 Jun 2024 16:16:15 GMT
Server
nginx
ETag
"6663324f-109978"
X-Powered-By
PleskLin
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1087864
logo.png
septemberkuss.de/live/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://septemberkuss.de/live/images/logo.png
Requested by
Host: septemberkuss.de
URL: https://septemberkuss.de/live/css/styles.css?v=667400d53b2d4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.18.80.100 , France, ASN30781 (JAGUAR-AS, FR),
Reverse DNS
nx1000.dynamixhost.com
Software
nginx / PleskLin
Resource Hash
4401036dd90e46b26ec336d4d9bf43ee39d74164c5610d43cd4e25e647874c21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/live/css/styles.css?v=667400d53b2d4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 20 Jun 2024 10:13:41 GMT
Last-Modified
Sat, 08 Jun 2024 09:42:48 GMT
Server
nginx
ETag
"66642798-1df6"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7670
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://septemberkuss.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:27:45 GMT
x-content-type-options
nosniff
age
153956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:27:45 GMT
jump-favicon.ico
septemberkuss.de/live/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://septemberkuss.de/live/images/jump-favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.18.80.100 , France, ASN30781 (JAGUAR-AS, FR),
Reverse DNS
nx1000.dynamixhost.com
Software
nginx / PleskLin
Resource Hash
dedda483c1ee58da9fb3d6f9f9ba972db18d893554a53673a32221bb3d93a701

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 20 Jun 2024 10:13:42 GMT
Last-Modified
Thu, 03 Dec 2020 11:14:02 GMT
Server
nginx
ETag
"5fc8c87a-47e"
X-Powered-By
PleskLin
Content-Type
image/vnd.microsoft.icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| BantiOunce function| $ function| jQuery object| vxApi function| vxcashStartOnReadyWebpush object| VXWebpush object| VXWebpushConfig function| initWebPush function| popunder function| isPopUnderTime function| setCookie function| openCloseWindow function| openCloseTab string| targetLink boolean| isLink number| minutes number| seconds function| updateCountdown number| countdownInterval string| w string| ws string| targetUrl

3 Cookies

Domain/Path Name / Value
619tpc.com/ Name: __cflb
Value: 04dToSpp2arni9sZih8fWkjkaNtjFSThng3otSV9as
www.h-trck.com/ Name: uniqueClick_3QQG7
Value: 77f27d60-4dff-405e-90cb-845f2fa50634:1718878419
www.h-trck.com/ Name: transaction_id
Value: 6282805d7ac64c629037cb2e89c26d39

1 Console Messages

Source Level URL
Text
rendering warning URL: https://septemberkuss.de/live/landers.php?idv=494EB7ECAEBB61A6B7D35A063F5B7BED65EB697BF90F8827DAAB19C95B140006&p=363067&prid=1503735&nas=666c6636272fea000193f903&pi=132_681_1d5d13c2b1730f8f057c9ee80a75b0ee_6b6a79d7554d1eb032253a501a925886(Line 7)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

619tpc.com
cdn.flibzee.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
harem-smrt.com
septemberkuss.de
www.endorico.com
www.flibzee.com
www.h-trck.com
www.wazazu.com
185.18.80.100
194.116.150.215
194.116.150.217
195.160.203.18
2606:4700:3034::6815:1d8
2606:4700::6811:180e
2a00:1450:4001:806::200a
2a00:1450:4001:82f::2003
2a04:4e42:200::649
2a06:98c1:3121::3
2a07:ec80:211:1::11
34.160.108.161
09b1454d44652d9fce8d867b786c28b6911d94b762c3a9812f08b7e514ac371d
0f018179ea21657bbc98694faffe15c5f39dd0feafdd4f0d8f6d9e1a9dc06ca2
2cdd5db594e2580130babddfd08d3688952214ec3f1219790b83ecac7f2c41f2
4401036dd90e46b26ec336d4d9bf43ee39d74164c5610d43cd4e25e647874c21
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
5163744c6ef029ccc5f16bf36d4dcc0040ac2b5c3e031c6199e3075a42e0cad7
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
6d3f7a91a000d4e18e43235110bab7520e7105ffceb891bb8ceb64fd0248445a
8be5ce94ff6bd5a14181612d505a8b40ed4a9beb88e13d2618dd4d1258d72565
a4897a37734cdc7b04edc39316caef0ca5c4f945f77ce6ab995a435805e2a062
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c8472bdeac6086b02b3b23ce6ffd9cace0e5bdc4732f5c21f3d12bf07c7584d0
d4986c54ade2bd3f782ebe524162d44c2c8f1df30a88b38d7f0873f749eee9f6
dedda483c1ee58da9fb3d6f9f9ba972db18d893554a53673a32221bb3d93a701
e37828456f032cfb22b1bb89dd2e2ceb9c58548b20c57dae4d1e6f5af09e49bb
ed72d7ffae6e9efc2577a0bb5079785273262e342efb1b4d0e07953b65dd094a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e