Submitted URL: http://xnxx.it/
Effective URL: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc16...
Submission: On September 08 via manual from IT — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 13 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3034::ac43:9d40, located in United States and belongs to CLOUDFLARENET, US. The main domain is t49.hemmungslos.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2021. Valid for: a year.
This is the only time t49.hemmungslos.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.9.60.247 24940 (HETZNER-AS)
2 2 208.91.198.16 394695 (PUBLIC-DO...)
1 13.225.25.38 16509 (AMAZON-02)
2 205.185.216.10 20446 (HIGHWINDS3)
2 2 18.192.108.151 16509 (AMAZON-02)
1 52.222.149.23 16509 (AMAZON-02)
1 2 128.0.45.252 60657 (CAPITAL-F...)
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
5 151.139.237.33 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 162.247.243.146 13335 (CLOUDFLAR...)
18 9
Domain Requested by
4 static-01-2ug82pacs7u3bksy.netdna-ssl.com t49.hemmungslos.net
static-01-2ug82pacs7u3bksy.netdna-ssl.com
4 t49.hemmungslos.net dlvr.xcash.com
t49.hemmungslos.net
2 www.google-analytics.com t49.hemmungslos.net
www.google-analytics.com
2 dlvr.xcash.com 1 redirects s.aslnk.link
2 a.vfgtg.com 2 redirects
2 ckstatic.com t.adating.link
s.aslnk.link
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com t49.hemmungslos.net
1 static-03-2ug82pacs7u3bksy.netdna-ssl.com t49.hemmungslos.net
1 trk.hemmungslos.net 1 redirects
1 s.aslnk.link t.adating.link
1 t.adating.link
1 www.tverotica.com 1 redirects
1 www.tvsexy.com 1 redirects
1 xnxx.it 1 redirects
18 15

This site contains links to these domains. Also see Links.

Domain
hemmungslos.net
support.hemmungslos.net
Subject Issuer Validity Valid
*.ajrkm.link
Amazon
2021-07-01 -
2022-07-30
a year crt.sh
ckstatic.com
R3
2021-07-27 -
2021-10-25
3 months crt.sh
dlvr.xcash.com
R3
2021-06-22 -
2021-09-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-09 -
2022-07-08
a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-22 -
2022-03-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.newrelic.com
R3
2021-07-19 -
2021-10-17
3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 1 frames:

Primary Page: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Frame ID: AA7A2F1D1F2D2276449B781D0F099101
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Hemmungslos: Dates und unverbindliche Treffen

Page URL History Show full URLs

  1. http://xnxx.it/ HTTP 301
    http://www.tvsexy.com/ HTTP 301
    https://www.tverotica.com/ HTTP 301
    https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756 Page URL
  2. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=tvsexy;&affiliateID=44542&source... HTTP 302
    https://a.vfgtg.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=tvsexy%3B&affiliateID=44542&sour... HTTP 302
    https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151c... Page URL
  3. https://dlvr.xcash.com/38463?subaffiliate_id=44542&session_id=1023584080130a9ca215f07e11e594&extern... HTTP 302
    https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D10287... Page URL
  4. https://trk.hemmungslos.net/a/ff0049/?promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keywo... HTTP 302
    https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&k... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

18
Requests

100 %
HTTPS

17 %
IPv6

13
Domains

15
Subdomains

9
IPs

3
Countries

956 kB
Transfer

1459 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xnxx.it/ HTTP 301
    http://www.tvsexy.com/ HTTP 301
    https://www.tverotica.com/ HTTP 301
    https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756 Page URL
  2. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=tvsexy;&affiliateID=44542&source=102d9403b66a1f18c58db568261936&subID2=17030&s2=102d9403b66a1f18c58db568261936&s3=tvsexy;&s4=17030&url=1&affsub=tvsexy&affsource= HTTP 302
    https://a.vfgtg.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=tvsexy%3B&affiliateID=44542&source=102d9403b66a1f18c58db568261936&subID2=17030&Target=&Site=&Bnr=&cid=wec4fjserjiqnkbaikgmgh88 HTTP 302
    https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756 Page URL
  3. https://dlvr.xcash.com/38463?subaffiliate_id=44542&session_id=1023584080130a9ca215f07e11e594&external_campaign_id=102d9403b66a1f18c58db568261936 HTTP 302
    https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38463%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1023584080130a9ca215f07e11e594%26external_campaign_id%3D102d9403b66a1f18c58db568261936%26tt%3D1 Page URL
  4. https://trk.hemmungslos.net/a/ff0049/?promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel= HTTP 302
    https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://xnxx.it/ HTTP 301
  • http://www.tvsexy.com/ HTTP 301
  • https://www.tverotica.com/ HTTP 301
  • https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756
Request Chain 2
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=tvsexy;&affiliateID=44542&source=102d9403b66a1f18c58db568261936&subID2=17030&s2=102d9403b66a1f18c58db568261936&s3=tvsexy;&s4=17030&url=1&affsub=tvsexy&affsource= HTTP 302
  • https://a.vfgtg.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=tvsexy%3B&affiliateID=44542&source=102d9403b66a1f18c58db568261936&subID2=17030&Target=&Site=&Bnr=&cid=wec4fjserjiqnkbaikgmgh88 HTTP 302
  • https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756
Request Chain 4
  • https://dlvr.xcash.com/38463?subaffiliate_id=44542&session_id=1023584080130a9ca215f07e11e594&external_campaign_id=102d9403b66a1f18c58db568261936 HTTP 302
  • https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38463%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1023584080130a9ca215f07e11e594%26external_campaign_id%3D102d9403b66a1f18c58db568261936%26tt%3D1

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
0
t.adating.link/17030/3785/
Redirect Chain
  • http://xnxx.it/
  • http://www.tvsexy.com/
  • https://www.tverotica.com/
  • https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756
2 KB
2 KB
Document
General
Full URL
https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.25.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-25-38.cdg3.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
9fa44c1f23c81b3c68bda12fbf1ac4f62d04d1dd04ebe34a7d4997ff4d8ec708
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
t.adating.link
:scheme
https
:path
/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.19.0
date
Wed, 08 Sep 2021 20:08:10 GMT
vary
Accept-Encoding
set-cookie
enc_aff_session_3785=ENC034bee9e684d4419d00b63966198ce800248a9b881e478161ee922df074df3de65f6bf9a85e85c940927a50cdea499c8cc862625874baabc817e9dc7eb43589cb87967617553d4e2f3f095d4ce007c68fb8cada5b86dacbcb35c3898ac2542914ac268170eea5ab7fb722b9c463616a8af009922d2c838c9666ee80578b11ad98629b2c285; Path=/; Expires=Fri, 08 Sep 2023 20:08:10 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D; Path=/; Expires=Sat, 03 Aug 2024 06:48:10 GMT; Secure
tracking_id
102d9403b66a1f18c58db568261936
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 19fefe7d41cfedb99873c7b5cd95d411.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C2
x-amz-cf-id
LWoNsxvwwoypsi8Ux8KDdaEmxfSUAIVIOEqbpWzWYNUJpR-i-1hjjA==

Redirect headers

date
Wed, 08 Sep 2021 20:08:10 GMT
server
nginx/1.19.10
content-type
text/html; charset=iso-8859-1
content-length
285
location
https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756
x-server-cache
false
history.js
ckstatic.com/js/historyjs/
23 KB
7 KB
Script
General
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: t.adating.link
URL: https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t.adating.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 08 Sep 2021 20:08:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 12:45:10 GMT
ETag
"1607431510"
X-HW
1631131691.dop154.fr8.t,1631131691.cds264.fr8.shn,1631131691.cds264.fr8.c
Content-Type
text/javascript
Cache-Control
public, max-age=1851
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
/
s.aslnk.link/5wszez6v7k/44542/7681/25827/
Redirect Chain
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=tvsexy;&affiliateID=44542&source=102d9403b66a1f18c58db568261936&subID2=17030&s2=102d9403b66a1f18c58db568261936&s3=tvsexy;&s4=17030&ur...
  • https://a.vfgtg.com/594d904a-0357-44c8-8f0f-a122ee52f3d8?subID1=tvsexy%3B&affiliateID=44542&source=102d9403b66a1f18c58db568261936&subID2=17030&Target=&Site=&Bnr=&cid=wec4fjserjiqnkbaikgmgh88
  • https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756
2 KB
2 KB
Document
General
Full URL
https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756
Requested by
Host: t.adating.link
URL: https://t.adating.link/17030/3785/0?aff_sub=tvsexy&bo=2753,2754,2755,2756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-23.cdg52.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
b7910c2cc2a6b21fc561da32f0b9f971ddea629e35e14d566b58af54a42a6ccb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s.aslnk.link
:scheme
https
:path
/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.adating.link/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.adating.link/17030/2753?nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=tvsexy

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.19.0
date
Wed, 08 Sep 2021 20:08:11 GMT
vary
Accept-Encoding
set-cookie
enc_aff_session_7681=ENC0307248494cee207052e743652e9c21ccaacb0d99d034423b76721b6de9bdb4be160ab0af63a7c80308872d28e2b3a1e9a8b8940c4206c5672c41501ecb98fc02f937276f950f3fb51bcf5ebcd5b5f65bb5ffcee900ccd66672d7a134e558fdf4fee4dfa4d38a9b47927a7390444e4c9b04f0492b9eb315c8e5ba832fe7a08bded9e7729450abbc323ef145032be91e8253e241950e896eb1c1cff14db3756c26c8b3cb1a9fc266f5f04003d6a0a07e0fbf62a655d3a9321459130819c9d791193c2fad5d6c0bc181c64b0d5808df09c13577a3771f4cde37a67a41e67f9e8d45a2799713c; Path=/; Expires=Mon, 28 Aug 2023 14:08:11 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D; Path=/; Expires=Sat, 03 Aug 2024 06:48:11 GMT; Secure
tracking_id
1023584080130a9ca215f07e11e594
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 b3c499d6bb51c2f743813fea28eaaf30.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P1
x-amz-cf-id
YC8vVNsIhThRKYjefROurBb3RW7YYTxJtyyY1FawG2V62EkiAFNlxA==

Redirect headers

Server
nginx
Date
Wed, 08 Sep 2021 20:08:11 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756
Pragma
no-cache
Set-Cookie
594d904a-0357-44c8-8f0f-a122ee52f3d8-v4=BlTE3VA9qqTxRbtgzpWOfpwXzjhTgwWBOhZETQ9D46o; Max-Age=86400; Expires=Thu, 09-Sep-2021 20:08:11 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=LLZJavH0axVC5VNs0C%2BOKs6eB15%2BIKrsDJCQmC7Gm8oD4U8tVdc74HWXGAbrNMahBcUh1cPEN0uQXuTpsUcnktHUEHKhJxVFjltOcSrNY%2BXpAtozeORPemWqeBFuhKrCk8sWUdj4Pa8LboJULjHLIg%3D%3D; Max-Age=31536000; Expires=Thu, 08-Sep-2022 20:08:11 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None
history.js
ckstatic.com/js/historyjs/
23 KB
7 KB
Script
General
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.aslnk.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 08 Sep 2021 20:08:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 12:45:10 GMT
ETag
"1607431510"
X-HW
1631131691.dop154.fr8.t,1631131691.cds264.fr8.shn,1631131691.cds264.fr8.c
Content-Type
text/javascript
Cache-Control
public, max-age=1851
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
r
dlvr.xcash.com/
Redirect Chain
  • https://dlvr.xcash.com/38463?subaffiliate_id=44542&session_id=1023584080130a9ca215f07e11e594&external_campaign_id=102d9403b66a1f18c58db568261936
  • https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182...
1 KB
970 B
Document
General
Full URL
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38463%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1023584080130a9ca215f07e11e594%26external_campaign_id%3D102d9403b66a1f18c58db568261936%26tt%3D1
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/44542/7681/25827/?aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936&nopop=1&bo=2753,2754,2755,2756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.0.45.252 , Germany, ASN60657 (CAPITAL-FINANCIAL-AS Str. Sfanta Vineri nr. 25 Bloc 105 C, Parter, RO),
Reverse DNS
Software
openresty/1.19.3.1 / HHVM/3.11.1
Resource Hash

Request headers

:method
GET
:authority
dlvr.xcash.com
:scheme
https
:path
/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38463%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1023584080130a9ca215f07e11e594%26external_campaign_id%3D102d9403b66a1f18c58db568261936%26tt%3D1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://s.aslnk.link/
accept-encoding
gzip, deflate, br
cookie
51D_Bandwidth=1631131692.3194; ubbc=eyJpdiI6ImNrT0l0QUpScnR6djBlSWRPNm42d3c9PSIsInZhbHVlIjoiT21Za2JJNFYyeEpcL2FENDU3aFdwVkE9PSIsIm1hYyI6IjRlYzNkZTMzYjFkNDJjOWJjZTg5OTUzMjhmZWU5MjA3MmE3Zjk2ZTA2MDJjNjlhYjhlMTA5MzViOTNhODZjODIifQ%3D%3D; bbuc=eyJpdiI6InZrR09QZndiNU9uRW4raFZSV1F3MXc9PSIsInZhbHVlIjoiUmUyUCt3WkdcL3NlamM3MytOS0VHYUZjVnhjMGNIazhFdzBPeUhsOEF5WnM9IiwibWFjIjoiY2FjZjM3ZDdkYzcxODZiZDQ2NWU1Mzg5ZTFlNDVmZjRlM2IyOTkwZTQyNWU0MTA4ZmU4YTA3MmY2OTUzN2FiNyJ9; bbrc=eyJpdiI6IjRoZ0p1YTFxR2R3UkdWOFU4Z2dVSUE9PSIsInZhbHVlIjoiRDhPZnRxRWVZNDVLWmhONlZkWFRuUT09IiwibWFjIjoiYzFkMjBlOWVhNzMwZWU1MjhhMDAzMjBlMGQ5ODU1ZTlhYTllNDE1MmM3ZGU4NGJlZGU2OWIzYmU3OTcxZmNkYiJ9; laravel_session=eyJpdiI6Ik1mNjRnNHY3N25RNnRLTGpcL09uOERnPT0iLCJ2YWx1ZSI6Inc3TFJCbVJLWlFiMzA4NG5XcFpMankzRkQ1VkdWbE1Sd3ZjTVdJRlp1VUE4VGdCV3RleUF6S09RMm5vOFo3Vk9xWmk1NERNUktcL3hCdE9qTnBZaWF4UT09IiwibWFjIjoiMDhlZmFkNGRmNTZjYTdjYjE2N2FhY2FmZjc3NzUwY2RmYjdlY2QyNWQxNTRlNGMxZGEyM2VlYTgxZjNlYzNjOSJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.aslnk.link/44542/2753?nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=tvsexy%3B&aff_sub2=17030&aff_sub3=w151cfmrt3otgkbai2itd2ag&source=102d9403b66a1f18c58db568261936

Response headers

server
openresty/1.19.3.1
content-type
text/html; charset=UTF-8
set-cookie
laravel_session=eyJpdiI6IkNHVHRYSHU1KzhtR3lTeERVaUorQWc9PSIsInZhbHVlIjoicjZjd2NjdnZHTWNXZE5DbEdHVmRqRzVGdGgxVjJmclY1TmNGaUUyRXlRSmZ5NFBsOVd4b3ZVM28rNlcrSlU5M3JGZ2NaN2dQbXFCUHBrQkFVUlwvV1F3PT0iLCJtYWMiOiIxMTEwMjQ5ODI5OTNkNWU1YzhmNjI5YTcxYmI2NjgxM2U3NzJkYWVmODFmZDg5NzE2N2JhZGVhZjc1MjgwZDA4In0%3D; path=/; httponly
x-powered-by
HHVM/3.11.1
content-encoding
gzip
vary
Accept-Encoding
date
Wed, 08 Sep 2021 20:08:12 GMT
cache-control
no-cache

Redirect headers

server
openresty/1.19.3.1
content-type
text/html; charset=UTF-8
location
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38463%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1023584080130a9ca215f07e11e594%26external_campaign_id%3D102d9403b66a1f18c58db568261936%26tt%3D1
set-cookie
51D_Bandwidth=1631131692.3194 ubbc=eyJpdiI6ImNrT0l0QUpScnR6djBlSWRPNm42d3c9PSIsInZhbHVlIjoiT21Za2JJNFYyeEpcL2FENDU3aFdwVkE9PSIsIm1hYyI6IjRlYzNkZTMzYjFkNDJjOWJjZTg5OTUzMjhmZWU5MjA3MmE3Zjk2ZTA2MDJjNjlhYjhlMTA5MzViOTNhODZjODIifQ%3D%3D; expires=Thu, 09-Sep-2021 20:08:12 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6InZrR09QZndiNU9uRW4raFZSV1F3MXc9PSIsInZhbHVlIjoiUmUyUCt3WkdcL3NlamM3MytOS0VHYUZjVnhjMGNIazhFdzBPeUhsOEF5WnM9IiwibWFjIjoiY2FjZjM3ZDdkYzcxODZiZDQ2NWU1Mzg5ZTFlNDVmZjRlM2IyOTkwZTQyNWU0MTA4ZmU4YTA3MmY2OTUzN2FiNyJ9; expires=Thu, 09-Sep-2021 20:08:12 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6IjRoZ0p1YTFxR2R3UkdWOFU4Z2dVSUE9PSIsInZhbHVlIjoiRDhPZnRxRWVZNDVLWmhONlZkWFRuUT09IiwibWFjIjoiYzFkMjBlOWVhNzMwZWU1MjhhMDAzMjBlMGQ5ODU1ZTlhYTllNDE1MmM3ZGU4NGJlZGU2OWIzYmU3OTcxZmNkYiJ9; expires=Thu, 09-Sep-2021 03:08:12 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6Ik1mNjRnNHY3N25RNnRLTGpcL09uOERnPT0iLCJ2YWx1ZSI6Inc3TFJCbVJLWlFiMzA4NG5XcFpMankzRkQ1VkdWbE1Sd3ZjTVdJRlp1VUE4VGdCV3RleUF6S09RMm5vOFo3Vk9xWmk1NERNUktcL3hCdE9qTnBZaWF4UT09IiwibWFjIjoiMDhlZmFkNGRmNTZjYTdjYjE2N2FhY2FmZjc3NzUwY2RmYjdlY2QyNWQxNTRlNGMxZGEyM2VlYTgxZjNlYzNjOSJ9; path=/; httponly
cache-control
no-cache
vary
Accept-Encoding
date
Wed, 08 Sep 2021 20:08:12 GMT
x-powered-by
HHVM/3.11.1
content-encoding
gzip
Primary Request /
t49.hemmungslos.net/
Redirect Chain
  • https://trk.hemmungslos.net/a/ff0049/?promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&f...
  • https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=...
43 KB
10 KB
Document
General
Full URL
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Requested by
Host: dlvr.xcash.com
URL: https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38463%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1023584080130a9ca215f07e11e594%26external_campaign_id%3D102d9403b66a1f18c58db568261936%26tt%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96dccafdf0d76d69041cb663d66ecd0e0c39daea3f1fbb968d41f53e2b61f7cf

Request headers

:method
GET
:authority
t49.hemmungslos.net
:scheme
https
:path
/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://dlvr.xcash.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.hemmungslos.net%2Fa%2Fff0049%2F%3Fpromo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38463%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1023584080130a9ca215f07e11e594%26external_campaign_id%3D102d9403b66a1f18c58db568261936%26tt%3D1

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=p6cdpt01g2deq2hjrl120ur415; path=/; domain=hemmungslos.net remember_me=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=t49.hemmungslos.net pc_aff=WVfYdzL-soAc42qxsSW4WkGnPcdCiLa6-eepkRpV9EovxUCsBpKJPCTH7cVHrl4Acb1GbsOEMyJB01tZ7trJwz1RyxCn2wBmnFaQZogI43kSUYtKtENCGk85WWK8fe1m1nV87UvRTE4VFsKPWrmJeRz4-w0TIGW26gBxviwLy0kEHKHHPEVSr0KTv6CojW0xpkQ5DazDWqC6l9sKxF4S-1l7eciQpnpoVvLjI6HC21De8JtAHDuMyAbueB7byXOvHGnhc6PMai-9dZ9Bj3ISEbY_chpfAv0YDjpDStFtcZn01qMIHZ0zLFDimTC17ol5BIZKeI6lKxOkF1ZfhNPHsQ; expires=Fri, 08-Oct-2021 20:08:13 GMT; Max-Age=2592000; path=/; domain=hemmungslos.net promo_code=102876; expires=Fri, 08-Oct-2021 20:08:13 GMT; Max-Age=2592000; path=/; domain=t49.hemmungslos.net ev=xc163113169262a6c6139182c5dcea890531384; expires=Fri, 08-Oct-2021 20:08:13 GMT; Max-Age=2592000; path=/; domain=t49.hemmungslos.net keyword=135; expires=Fri, 08-Oct-2021 20:08:13 GMT; Max-Age=2592000; path=/; domain=t49.hemmungslos.net APPID=promo SERVERID=wbs06; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGFr6TPwPgvCRGxjWJP3%2FpR0bTdaOX4B%2FULhHO1T%2BsY%2BUlcQmHNJoI5LXEjjq06m7%2FnN1qU7oLzOzrVx4D206uYE00py1jFPW00srb3rhsRTIvPVgTsPTvhN1ouEmzIzZFeZCXKgNtOTiHfI2dk6FV9O"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68baceb9ca60324c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 08 Sep 2021 20:08:13 GMT
content-type
text/html; charset=UTF-8
location
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
set-cookie
SERVERID=wbs05; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9MFhEQ3J4NOYEqxhiQ3YpqFXvVpY8ZPumLipguZ7nxMPg1A5zvWPCG0PC9o4fYL0WJOmkz4QzTpoSlK3hPQWNvHz1U81s8y18xqx7EHf6yAgAKYEtPjifeIeLOZwWZK%2FbvwajQ5teLph7gkMk0kA8e%2F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68baceb72df8324c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
landing0039.css
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/
35 KB
8 KB
Stylesheet
General
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.176.0.master.20210907144450
Requested by
Host: t49.hemmungslos.net
URL: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b1a4839b38c9e4a6d0d66470cd6d4ec1e788a7670ef9aa21df83aefb5f40ddcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78199
cf-polished
origSize=53141
x-cache
HIT
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 07 Sep 2021 12:49:07 GMT
server
NetDNA-cache/2.2
etag
W/"61375fc3-cf95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcuaLY68ibfTGhjZWFTsn1i6xUAPnoBgdp3D2KO2V6JK%2BR0zjBw1%2Bv232aVnrnbErTmjVhv%2B%2FNpQ%2FS3c5IDyiK6cjxMsEKPOsDiFmi%2FrhL3%2BUFLcgli70UnPNGxGQDaE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
68b784148f1a5b8c-FRA
expires
Thu, 07 Oct 2021 12:46:06 GMT
config.js
t49.hemmungslos.net/js/dist/
2 KB
1 KB
Script
General
Full URL
https://t49.hemmungslos.net/js/dist/config.js
Requested by
Host: t49.hemmungslos.net
URL: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b5982e688575e2f83145319da449a31bd3172c113c775c3a9a774b7ffe7783

Request headers

:path
/js/dist/config.js
pragma
no-cache
cookie
PHPSESSID=p6cdpt01g2deq2hjrl120ur415; pc_aff=WVfYdzL-soAc42qxsSW4WkGnPcdCiLa6-eepkRpV9EovxUCsBpKJPCTH7cVHrl4Acb1GbsOEMyJB01tZ7trJwz1RyxCn2wBmnFaQZogI43kSUYtKtENCGk85WWK8fe1m1nV87UvRTE4VFsKPWrmJeRz4-w0TIGW26gBxviwLy0kEHKHHPEVSr0KTv6CojW0xpkQ5DazDWqC6l9sKxF4S-1l7eciQpnpoVvLjI6HC21De8JtAHDuMyAbueB7byXOvHGnhc6PMai-9dZ9Bj3ISEbY_chpfAv0YDjpDStFtcZn01qMIHZ0zLFDimTC17ol5BIZKeI6lKxOkF1ZfhNPHsQ; promo_code=102876; ev=xc163113169262a6c6139182c5dcea890531384; keyword=135; APPID=promo; SERVERID=wbs06
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
t49.hemmungslos.net
referer
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 07 Sep 2021 12:42:38 GMT
server
cloudflare
etag
W/"61375e3e-791"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkrfwus5Rf4LcDHWmeN4wCuWK4S5GnwpHVYggmqMCGB%2BtYYmjxcDQ3JBng2GTRsGP1dut1PhFBpO1jgVt4ldtBzeg8lqTwxdIGwtHgRWiYNMUUcmH7Ch%2FW%2F7GDiBMODT4SDg%2FD%2BGKfvtIiZpgoVAEYDf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
set-cookie
APPID=promo
cf-ray
68bacebc9eaa324c-FRA
expires
Fri, 08 Oct 2021 20:08:13 GMT
require.js
t49.hemmungslos.net/node_modules/requirejs/
84 KB
21 KB
Script
General
Full URL
https://t49.hemmungslos.net/node_modules/requirejs/require.js
Requested by
Host: t49.hemmungslos.net
URL: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b

Request headers

:path
/node_modules/requirejs/require.js
pragma
no-cache
cookie
PHPSESSID=p6cdpt01g2deq2hjrl120ur415; pc_aff=WVfYdzL-soAc42qxsSW4WkGnPcdCiLa6-eepkRpV9EovxUCsBpKJPCTH7cVHrl4Acb1GbsOEMyJB01tZ7trJwz1RyxCn2wBmnFaQZogI43kSUYtKtENCGk85WWK8fe1m1nV87UvRTE4VFsKPWrmJeRz4-w0TIGW26gBxviwLy0kEHKHHPEVSr0KTv6CojW0xpkQ5DazDWqC6l9sKxF4S-1l7eciQpnpoVvLjI6HC21De8JtAHDuMyAbueB7byXOvHGnhc6PMai-9dZ9Bj3ISEbY_chpfAv0YDjpDStFtcZn01qMIHZ0zLFDimTC17ol5BIZKeI6lKxOkF1ZfhNPHsQ; promo_code=102876; ev=xc163113169262a6c6139182c5dcea890531384; keyword=135; APPID=promo; SERVERID=wbs06
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
t49.hemmungslos.net
referer
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 27 Aug 2018 06:00:39 GMT
server
cloudflare
etag
W/"5b839387-151d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRkBMp6WaGOPSY52snpF9NTsKNDw9O9owFFsW26m4AMaLgBS4GkESmH8nCSUhHVUBn9E1F8sEFmcki7sx4ip50W2bF%2F%2Fw1xOUbTBf8gUJNcn6qhBwNTNUgT%2Bv3ga%2B1Ht3%2FnNz7Zeme6SGlqYpuQByqz%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
set-cookie
APPID=promo
cf-ray
68bacebc9ead324c-FRA
expires
Fri, 08 Oct 2021 20:08:13 GMT
bg_1.jpg
static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0039/
617 KB
618 KB
Image
General
Full URL
https://static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0039/bg_1.jpg?v=2.176.0.master.20210907144450
Requested by
Host: t49.hemmungslos.net
URL: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
584fe4084789f308d4adf54b2a54cc573e83b5f79f6f7aa091366c85e373d4bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
cf-cache-status
HIT
last-modified
Thu, 31 Oct 2019 07:15:46 GMT
server
NetDNA-cache/2.2
age
1450
etag
"5dba8a22-9a407"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sUah%2FY5EfXi%2B9ZqxkaF0SaBcl3WBZpqPJEumUITW5We4LnucEVQseAB9loKvSKb2gI3JpLpYLe3JgbwRrnCPPbYZdUMaWPE5eA7WPcG51JAehVHO4SCDXsbFongUdIo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-cache
HIT
accept-ranges
bytes
cf-ray
68b7831209244303-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
631815
heading_triangle.svg
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/img/landing0039/
460 B
993 B
Image
General
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/img/landing0039/heading_triangle.svg
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.176.0.master.20210907144450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
15c670d38e8f4583cd5e4bd50023c75c15eecb4ec214e36ccdf1082ee4ba668f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.176.0.master.20210907144450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 12:49:09 GMT
server
NetDNA-cache/2.2
age
1450
etag
W/"61375fc5-1cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fsd3t%2BVeDIiPkT%2Bf5i5pYAV2rx6R4XPgvINMuII3st%2BRLvtoXtAQqJH%2Fcyy4cvXeNcsFE4jjSyF%2FUPgaaSBJx%2FlKmztkBhvUMtA3na38jDRHdZVuq%2FXhcT56h9QjYwX"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
cf-ray
68b78311dbfe5b86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
OpenSans-Bold.woff
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/
69 KB
69 KB
Font
General
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/OpenSans-Bold.woff
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.176.0.master.20210907144450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0a4d3ba79d0dac0d8b7b4f2571e5f10b6accbac2e29f6cd792483bf2984196e2

Request headers

Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.176.0.master.20210907144450
Origin
https://t49.hemmungslos.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
70188
last-modified
Tue, 07 Sep 2021 12:48:48 GMT
server
NetDNA-cache/2.2
etag
"61375fb0-1122c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9IoC%2Bk7roKYzE%2FKH64LK5HLw4rsMR%2FDPFGJ%2Fb6jAdoFU%2Fw9LMQ9XDudUrSRHXOI1VTmLEVGabkkDU%2Fnle5dw8tx12bacUjXHhrNEAhHcXEic2sKEKEVa5FoOUrKQJnY"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68b784157dc605d4-FRA
expires
Fri, 08 Oct 2021 10:29:24 GMT
OpenSans-Regular.woff
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/
66 KB
67 KB
Font
General
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/OpenSans-Regular.woff
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.176.0.master.20210907144450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
565eb53dab9961bc6d8b78fcd23ba799254aabd7658f21bf385e84675e46fb51

Request headers

Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.176.0.master.20210907144450
Origin
https://t49.hemmungslos.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
67528
last-modified
Tue, 07 Sep 2021 12:48:49 GMT
server
NetDNA-cache/2.2
etag
"61375fb1-107c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTk5ZUxIUBMepRIKqrAXgWroth3%2BZcMTvIaFk98aXoXIya%2Bo3caYgebGjMCRurl71x3ckRITz0usM9D86MnXIJN%2B1N5KzpLMM%2BWrWb3O1rEkxUxh4%2FA%2B5mGPMESROfOi"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68b78414fc0a5ca4-FRA
expires
Fri, 08 Oct 2021 10:32:58 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t49.hemmungslos.net
URL: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6640
date
Wed, 08 Sep 2021 18:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 08 Sep 2021 20:17:33 GMT
landing0039.js
t49.hemmungslos.net/js/dist/
413 KB
109 KB
Script
General
Full URL
https://t49.hemmungslos.net/js/dist/landing0039.js?v=2.176.0.master.20210907144450
Requested by
Host: t49.hemmungslos.net
URL: https://t49.hemmungslos.net/node_modules/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22be13bbce41a140c505346b5140ba9f572278f76aedee43523a25efcb1f4977

Request headers

:path
/js/dist/landing0039.js?v=2.176.0.master.20210907144450
pragma
no-cache
cookie
APPID=promo; PHPSESSID=p6cdpt01g2deq2hjrl120ur415; pc_aff=WVfYdzL-soAc42qxsSW4WkGnPcdCiLa6-eepkRpV9EovxUCsBpKJPCTH7cVHrl4Acb1GbsOEMyJB01tZ7trJwz1RyxCn2wBmnFaQZogI43kSUYtKtENCGk85WWK8fe1m1nV87UvRTE4VFsKPWrmJeRz4-w0TIGW26gBxviwLy0kEHKHHPEVSr0KTv6CojW0xpkQ5DazDWqC6l9sKxF4S-1l7eciQpnpoVvLjI6HC21De8JtAHDuMyAbueB7byXOvHGnhc6PMai-9dZ9Bj3ISEbY_chpfAv0YDjpDStFtcZn01qMIHZ0zLFDimTC17ol5BIZKeI6lKxOkF1ZfhNPHsQ; promo_code=102876; ev=xc163113169262a6c6139182c5dcea890531384; keyword=135; APPID=promo; SERVERID=wbs06
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
t49.hemmungslos.net
referer
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:08:13 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 07 Sep 2021 12:48:27 GMT
server
cloudflare
etag
W/"61375f9b-675a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRIqmaAN06j2A%2FaoSTRy5X7nZX%2BFt25S6AljHkebP7HOvpXPI4CcfsusOxFJ0iMUbHxk2xBp4clYvikOXAsPXsWJuF0dgIbUwRHovoLm6oErlQf3GY4Oq6IJPhhrh5I5eG9G4doRZM6huv3ssGfTYgMU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
set-cookie
APPID=promo
cf-ray
68bacebd3f94324c-FRA
expires
Fri, 08 Oct 2021 20:08:13 GMT
collect
www.google-analytics.com/j/
2 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1713645278&t=pageview&_s=1&dl=https%3A%2F%2Ft49.hemmungslos.net%2F%3Fq%3D%2Fa%2Fff0049%2F%26promo_code%3D102876%26ev%3Dxc163113169262a6c6139182c5dcea890531384%26keyword%3D135%26pass%3Dxc163113169262a6c6139182c5dcea890531384%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&dr=https%3A%2F%2Fdlvr.xcash.com%2F&ul=en-us&de=UTF-8&dt=Hemmungslos%3A%20Dates%20und%20unverbindliche%20Treffen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=364244071&gjid=1646085922&cid=1125135617.1631131694&tid=UA-115151054-23&_gid=1252527896.1631131694&_r=1&_slc=1&z=619240347
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t49.hemmungslos.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Sep 2021 20:08:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://t49.hemmungslos.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1210.min.js
js-agent.newrelic.com/
31 KB
12 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: t49.hemmungslos.net
URL: https://t49.hemmungslos.net/?q=/a/ff0049/&promo_code=102876&ev=xc163113169262a6c6139182c5dcea890531384&keyword=135&pass=xc163113169262a6c6139182c5dcea890531384&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
BH2AP9PWXNTFG795
x-cache
HIT
content-length
11781
x-amz-id-2
XjDhp09D6EYaheZaXJDhNLF1vtLJWfoOkX/7mjcz5KUCMguYKh6msxCRXvd1cshMBSfiJJt9EJ4=
x-served-by
cache-cdg20768-CDG
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1631131694.867402,VS0,VE0
date
Wed, 08 Sep 2021 20:08:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11444
6cbab69a58
bam-cell.nr-data.net/1/
49 B
877 B
Script
General
Full URL
https://bam-cell.nr-data.net/1/6cbab69a58?a=192394552&v=1210.e2a3f80&to=ZlNaYhEDDEBYBUZQDF8Ze0MQFg1eFiNHXTNDWVVZTDIQXFQJHXANVVNAGSoMBlZB&rst=1295&ck=1&ref=https://t49.hemmungslos.net/&ap=360&be=945&fe=1180&dc=1043&perf=%7B%22timing%22:%7B%22of%22:1631131692590,%22n%22:0,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22ce%22:432,%22rq%22:495,%22rp%22:916,%22rpe%22:918,%22dl%22:935,%22di%22:1043,%22ds%22:1043,%22de%22:1043,%22dc%22:1180,%22l%22:1180,%22le%22:1181%7D,%22navigation%22:%7B%7D%7D&fp=1044&fcp=1044&at=ShRZFFkZH04%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t49.hemmungslos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 08 Sep 2021 20:08:14 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVSDQcEXFVVFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoCC1UAV3RMB05WAhtDX1BeUQRTV1NTBQ9QUgcAV0BKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
68bacebf69caeda7-CDG

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require object| URL_PARAMS object| SITE_PRODUCT string| DOMAIN string| ENV object| WL_SITE string| SITE_NAME string| SITE_LAYOUT string| SITE_TYPE string| THIRD_PARTY_VIDEO_ID string| CURRENT_LANG object| TRANSLATIONS object| STATIC_DOMAINS object| SITE_VARIABLES string| EMAIL_LIMIT_REACHED string| EMAIL_BLACKLISTED object| ERROR_MESSAGES object| SUCCESS_MESSAGES object| NDConfig function| requirejs function| require function| define string| GOOGLE_ANALYTICS_CODE string| GoogleAnalyticsObject function| ga object| Twig function| $ function| jQuery function| Bloodhound function| Swiper function| Hammer object| google_tag_data object| gaplugins object| gaGlobal object| gaData

25 Cookies

Domain/Path Name / Value
t49.hemmungslos.net/node_modules/requirejs Name: APPID
Value: promo
t49.hemmungslos.net/js/dist Name: APPID
Value: promo
t.adating.link/ Name: enc_aff_session_3785
Value: ENC034bee9e684d4419d00b63966198ce800248a9b881e478161ee922df074df3de65f6bf9a85e85c940927a50cdea499c8cc862625874baabc817e9dc7eb43589cb87967617553d4e2f3f095d4ce007c68fb8cada5b86dacbcb35c3898ac2542914ac268170eea5ab7fb722b9c463616a8af009922d2c838c9666ee80578b11ad98629b2c285
t.adating.link/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
.a.vfgtg.com/ Name: ab267e05-23a0-430a-bac4-772f7f629740-v4
Value: 1AM2EEfmWRIPzw57Z2nSYq5LLboXVk_rQwOviSNNpeQ
.a.vfgtg.com/ Name: 594d904a-0357-44c8-8f0f-a122ee52f3d8-v4
Value: BlTE3VA9qqTxRbtgzpWOfpwXzjhTgwWBOhZETQ9D46o
.a.vfgtg.com/ Name: cc-v4
Value: LLZJavH0axVC5VNs0C%2BOKs6eB15%2BIKrsDJCQmC7Gm8oD4U8tVdc74HWXGAbrNMahBcUh1cPEN0uQXuTpsUcnktHUEHKhJxVFjltOcSrNY%2BXpAtozeORPemWqeBFuhKrCk8sWUdj4Pa8LboJULjHLIg%3D%3D
s.aslnk.link/ Name: enc_aff_session_7681
Value: ENC0307248494cee207052e743652e9c21ccaacb0d99d034423b76721b6de9bdb4be160ab0af63a7c80308872d28e2b3a1e9a8b8940c4206c5672c41501ecb98fc02f937276f950f3fb51bcf5ebcd5b5f65bb5ffcee900ccd66672d7a134e558fdf4fee4dfa4d38a9b47927a7390444e4c9b04f0492b9eb315c8e5ba832fe7a08bded9e7729450abbc323ef145032be91e8253e241950e896eb1c1cff14db3756c26c8b3cb1a9fc266f5f04003d6a0a07e0fbf62a655d3a9321459130819c9d791193c2fad5d6c0bc181c64b0d5808df09c13577a3771f4cde37a67a41e67f9e8d45a2799713c
s.aslnk.link/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
dlvr.xcash.com/ Name: 51D_Bandwidth
Value: 1631131692.3194
dlvr.xcash.com/ Name: ubbc
Value: eyJpdiI6ImNrT0l0QUpScnR6djBlSWRPNm42d3c9PSIsInZhbHVlIjoiT21Za2JJNFYyeEpcL2FENDU3aFdwVkE9PSIsIm1hYyI6IjRlYzNkZTMzYjFkNDJjOWJjZTg5OTUzMjhmZWU5MjA3MmE3Zjk2ZTA2MDJjNjlhYjhlMTA5MzViOTNhODZjODIifQ%3D%3D
dlvr.xcash.com/ Name: bbuc
Value: eyJpdiI6InZrR09QZndiNU9uRW4raFZSV1F3MXc9PSIsInZhbHVlIjoiUmUyUCt3WkdcL3NlamM3MytOS0VHYUZjVnhjMGNIazhFdzBPeUhsOEF5WnM9IiwibWFjIjoiY2FjZjM3ZDdkYzcxODZiZDQ2NWU1Mzg5ZTFlNDVmZjRlM2IyOTkwZTQyNWU0MTA4ZmU4YTA3MmY2OTUzN2FiNyJ9
dlvr.xcash.com/ Name: bbrc
Value: eyJpdiI6IjRoZ0p1YTFxR2R3UkdWOFU4Z2dVSUE9PSIsInZhbHVlIjoiRDhPZnRxRWVZNDVLWmhONlZkWFRuUT09IiwibWFjIjoiYzFkMjBlOWVhNzMwZWU1MjhhMDAzMjBlMGQ5ODU1ZTlhYTllNDE1MmM3ZGU4NGJlZGU2OWIzYmU3OTcxZmNkYiJ9
dlvr.xcash.com/ Name: laravel_session
Value: eyJpdiI6IkNHVHRYSHU1KzhtR3lTeERVaUorQWc9PSIsInZhbHVlIjoicjZjd2NjdnZHTWNXZE5DbEdHVmRqRzVGdGgxVjJmclY1TmNGaUUyRXlRSmZ5NFBsOVd4b3ZVM28rNlcrSlU5M3JGZ2NaN2dQbXFCUHBrQkFVUlwvV1F3PT0iLCJtYWMiOiIxMTEwMjQ5ODI5OTNkNWU1YzhmNjI5YTcxYmI2NjgxM2U3NzJkYWVmODFmZDg5NzE2N2JhZGVhZjc1MjgwZDA4In0%3D
trk.hemmungslos.net/ Name: SERVERID
Value: wbs05
.hemmungslos.net/ Name: PHPSESSID
Value: p6cdpt01g2deq2hjrl120ur415
.hemmungslos.net/ Name: pc_aff
Value: WVfYdzL-soAc42qxsSW4WkGnPcdCiLa6-eepkRpV9EovxUCsBpKJPCTH7cVHrl4Acb1GbsOEMyJB01tZ7trJwz1RyxCn2wBmnFaQZogI43kSUYtKtENCGk85WWK8fe1m1nV87UvRTE4VFsKPWrmJeRz4-w0TIGW26gBxviwLy0kEHKHHPEVSr0KTv6CojW0xpkQ5DazDWqC6l9sKxF4S-1l7eciQpnpoVvLjI6HC21De8JtAHDuMyAbueB7byXOvHGnhc6PMai-9dZ9Bj3ISEbY_chpfAv0YDjpDStFtcZn01qMIHZ0zLFDimTC17ol5BIZKeI6lKxOkF1ZfhNPHsQ
.t49.hemmungslos.net/ Name: promo_code
Value: 102876
.t49.hemmungslos.net/ Name: ev
Value: xc163113169262a6c6139182c5dcea890531384
.t49.hemmungslos.net/ Name: keyword
Value: 135
t49.hemmungslos.net/ Name: APPID
Value: promo
t49.hemmungslos.net/ Name: SERVERID
Value: wbs06
.hemmungslos.net/ Name: _ga
Value: GA1.2.1125135617.1631131694
.hemmungslos.net/ Name: _gid
Value: GA1.2.1252527896.1631131694
.hemmungslos.net/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vfgtg.com
bam-cell.nr-data.net
ckstatic.com
dlvr.xcash.com
js-agent.newrelic.com
s.aslnk.link
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
t.adating.link
t49.hemmungslos.net
trk.hemmungslos.net
www.google-analytics.com
www.tverotica.com
www.tvsexy.com
xnxx.it
128.0.45.252
13.225.25.38
151.101.194.137
151.139.237.33
162.247.243.146
18.192.108.151
205.185.216.10
208.91.198.16
2606:4700:3034::ac43:9d40
2a00:1450:4007:807::200e
5.9.60.247
52.222.149.23
0a4d3ba79d0dac0d8b7b4f2571e5f10b6accbac2e29f6cd792483bf2984196e2
15c670d38e8f4583cd5e4bd50023c75c15eecb4ec214e36ccdf1082ee4ba668f
22be13bbce41a140c505346b5140ba9f572278f76aedee43523a25efcb1f4977
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
565eb53dab9961bc6d8b78fcd23ba799254aabd7658f21bf385e84675e46fb51
584fe4084789f308d4adf54b2a54cc573e83b5f79f6f7aa091366c85e373d4bb
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
76b5982e688575e2f83145319da449a31bd3172c113c775c3a9a774b7ffe7783
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b
96dccafdf0d76d69041cb663d66ecd0e0c39daea3f1fbb968d41f53e2b61f7cf
9fa44c1f23c81b3c68bda12fbf1ac4f62d04d1dd04ebe34a7d4997ff4d8ec708
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
b1a4839b38c9e4a6d0d66470cd6d4ec1e788a7670ef9aa21df83aefb5f40ddcd
b7910c2cc2a6b21fc561da32f0b9f971ddea629e35e14d566b58af54a42a6ccb
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62