de.flirthits.com Open in urlscan Pro
156.67.36.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx
Effective URL:
https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPu...
Submission: On October 27 via manual (October 27th 2019, 11:21:27 am UTC) from US

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 13 domains to perform 39 HTTP transactions. The main IP is 156.67.36.15, located in Germany and belongs to CQINT-NL, DE. The main domain is de.flirthits.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 4th 2019. Valid for: 2 years.

This is the only time de.flirthits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.164.72.128 185.164.72.128	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	185.164.72.20 185.164.72.20	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	88.208.60.53 88.208.60.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	88.208.45.27 88.208.45.27	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	138.68.123.185 138.68.123.185	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1 1	88.85.84.123 88.85.84.123	35415 (WEBZILLA) (WEBZILLA)
1 1	5.187.3.40 5.187.3.40	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	217.140.66.110 217.140.66.110	20640 (TITAN-NET...) (TITAN-NETWORKS Bleichstrasse 1)
1	156.67.36.15 156.67.36.15	25418 (CQINT-NL) (CQINT-NL)
30	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
39	10

2 185.164.72.128 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)

qkdozr.web10.birnam.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.164.72.20 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)

tdsfast-x33.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.60.53 (Heemstede, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cnewvi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.45.27 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

nativesp.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.68.123.185 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

newsfresh.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.85.84.123 (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)
PTR: v-5-20-29-d7084-123.webazilla.com

latest-509329.roomthe.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.187.3.40 (Frankfurt am Main, Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: kvmde46-11342.fornex.org

flusnlb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.140.66.110 (Germany) 1 redirects

ASN20640 (TITAN-NETWORKS Bleichstrasse 1, DE)

o-2587.prodtraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.67.36.15 (Germany)

ASN25418 (CQINT-NL, DE)

de.flirthits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net

lpmedia.justservingfiles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	justservingfiles.net lpmedia.justservingfiles.net	1 MB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
2	birnam.ca qkdozr.web10.birnam.ca	8 KB
1	gstatic.com fonts.gstatic.com	12 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	flirthits.com de.flirthits.com	6 KB
1	prodtraff.com 1 redirects o-2587.prodtraff.com	822 B
1	flusnlb.com 1 redirects flusnlb.com	430 B
1	roomthe.ru 1 redirects latest-509329.roomthe.ru	244 B
1	newsfresh.pro 1 redirects newsfresh.pro	577 B
1	nativesp.pro nativesp.pro	67 B
1	cnewvi.com cnewvi.com	61 KB
1	tdsfast-x33.com 1 redirects tdsfast-x33.com	467 B
39	13

	Domain	Requested by
30	lpmedia.justservingfiles.net	de.flirthits.com
2	qkdozr.web10.birnam.ca	qkdozr.web10.birnam.ca
1	fonts.gstatic.com	de.flirthits.com
1	ajax.googleapis.com	de.flirthits.com
1	maxcdn.bootstrapcdn.com	de.flirthits.com
1	fonts.googleapis.com	de.flirthits.com
1	de.flirthits.com	cnewvi.com
1	o-2587.prodtraff.com	1 redirects
1	flusnlb.com	1 redirects
1	latest-509329.roomthe.ru	1 redirects
1	newsfresh.pro	1 redirects
1	nativesp.pro	cnewvi.com
1	cnewvi.com	qkdozr.web10.birnam.ca
1	tdsfast-x33.com	1 redirects
39	14

This site contains no links.

Subject Issuer	Validity	Valid
cnewvi.com Let's Encrypt Authority X3	`2019-10-15` - `2020-01-13`	3 months	crt.sh
nativesp.pro Sectigo RSA Domain Validation Secure Server CA	`2019-07-17` - `2020-07-16`	a year	crt.sh
*.flirthits.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-04` - `2021-02-03`	2 years	crt.sh
*.justservingfiles.net Let's Encrypt Authority X3	`2019-10-24` - `2020-01-22`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Frame ID: 7B7A04CFA6D1D6464F870AC487B64DCF
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx Page URL
https://tdsfast-x33.com/?_lp=1&_token=uuid_2fk7poqde1clsa9ugmdf_2fk7poqde1clsa9ugmdf5db57d9c675904.4... HTTP 302
https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjo... Page URL
https://newsfresh.pro/tb?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3Dey... HTTP 302
http://latest-509329.roomthe.ru/click/rtb?node=142&winPrice=0.15408707426667656&winCurrency=USD&id=157217526... HTTP 302
http://flusnlb.com/1V2V?sub1=443408-1024148 HTTP 302
https://o-2587.prodtraff.com/65489977-8d09-4fdf-ba52-c0b95547dcf4?clicktag=5DB57DA9005B7A41FA0E22F9&subPu... HTTP 302
https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&... Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

39
Requests

95 %
HTTPS

29 %
IPv6

13
Domains

14
Subdomains

10
IPs

3
Countries

1473 kB
Transfer

1661 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx Page URL
https://tdsfast-x33.com/?_lp=1&_token=uuid_2fk7poqde1clsa9ugmdf_2fk7poqde1clsa9ugmdf5db57d9c675904.47306326 HTTP 302
https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf Page URL
https://newsfresh.pro/tb?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf HTTP 302
http://latest-509329.roomthe.ru/click/rtb?node=142&winPrice=0.15408707426667656&winCurrency=USD&id=1572175260000-1405 HTTP 302
http://flusnlb.com/1V2V?sub1=443408-1024148 HTTP 302
https://o-2587.prodtraff.com/65489977-8d09-4fdf-ba52-c0b95547dcf4?clicktag=5DB57DA9005B7A41FA0E22F9&subPublisher=39376&o_id=2915&TID=5DB57DA9005B7A41FA0E22F9&host=flusnlb.com HTTP 302
https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://tdsfast-x33.com/?_lp=1&_token=uuid_2fk7poqde1clsa9ugmdf_2fk7poqde1clsa9ugmdf5db57d9c675904.47306326 HTTP 302
https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ktqaoz Show response
qkdozr.web10.birnam.ca/ 12 KB
7 KB 69ms
32ms Document
text/html 185.164.72.128
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx
Protocol: HTTP/1.1
Server: 185.164.72.128 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 3438d8478823342e1d2d014f0265e47a30af3ebf497da91ad605accd524e6f8d

Request headers

Host: qkdozr.web10.birnam.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 27 Oct 2019 11:21:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"2e3d-gtLK5ks9/P2d1ecQbRn2571FmX0"
Content-Encoding: gzip

GET
H/1.1 200
OK jquery-ax.min.js
qkdozr.web10.birnam.ca/ 294 B
1 KB 68ms
68ms Script
text/javascript 185.164.72.128
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://qkdozr.web10.birnam.ca/jquery-ax.min.js
Requested by: Host: qkdozr.web10.birnam.ca
URL: http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx
Protocol: HTTP/1.1
Server: 185.164.72.128 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Oct 2019 11:21:12 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

Cookie set bot-captcha-1 Show response
cnewvi.com/
Redirect Chain

https://tdsfast-x33.com/?_lp=1&_token=uuid_2fk7poqde1clsa9ugmdf_2fk7poqde1clsa9ugmdf5db57d9c675904.47306326
https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf

88 KB
61 KB

90ms
46ms

Document
text/html

88.208.60.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf
Requested by: Host: qkdozr.web10.birnam.ca
URL: http://qkdozr.web10.birnam.ca/jquery-ax.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.3 /
Resource Hash: 285e1e843b6fdb69a3691f2fbb92478aa8b2d17245345550f48c6a45070bf442

Request headers

Host: cnewvi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx

Response headers

Server: nginx/1.17.3
Date: Sun, 27 Oct 2019 11:21:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: truniq=1; expires=Mon, 28-Oct-2019 11:21:12 GMT; Max-Age=86400; path=/; domain=cnewvi.com
Content-Encoding: gzip

Redirect headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 27 Oct 2019 11:21:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sun, 27 Oct 2019 11:21:00 GMT
Location: https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf
Pragma: no-cache
X-Content-Type-Options: nosniff

GET
H2 200 rpe
nativesp.pro/ 0
67 B 64ms
14ms XHR
text/plain 88.208.45.27
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nativesp.pro/rpe?a=1&s=1&act=7&src=2&p=1002668&st=1024148&wd=49416&d=cnewvi.com&tpl=30&rnd=0.7297465255554028&sbid=&sbid2=
Requested by: Host: cnewvi.com
URL: https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.45.27 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Sec-Fetch-Mode: cors
Referer: https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 27 Oct 2019 11:21:12 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
DATA 200
OK truncated
/ 45 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1

200
OK

Primary Request

Cookie set cm8000 Show response
de.flirthits.com/landing/
Redirect Chain

https://newsfresh.pro/tb?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf
http://latest-509329.roomthe.ru/click/rtb?node=142&winPrice=0.15408707426667656&winCurrency=USD&id=1572175260000-1405
http://flusnlb.com/1V2V?sub1=443408-1024148
https://o-2587.prodtraff.com/65489977-8d09-4fdf-ba52-c0b95547dcf4?clicktag=5DB57DA9005B7A41FA0E22F9&subPublisher=39376&o_id=2915&TID=5DB57DA9005B7A41FA0E22F9&host=flusnlb.com
https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=884...

23 KB
6 KB

186ms
140ms

Document
text/html

156.67.36.15
CQINT-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Requested by: Host: cnewvi.com
URL: https://cnewvi.com/bot-captcha-1?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0OTQxNiwic3JjIjoyfQ%3D%3DeyJ&clickid=2fk7poqde1clsa9ugmdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.67.36.15 , Germany, ASN25418 (CQINT-NL, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3c712eee3a0a619338e6415e30cb6a6ff35d12ae54b960f394f42b9a28934aaf

Request headers

Host: de.flirthits.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate

Response headers

Server: nginx
Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Set-Cookie: PHPSESSID=5hhi3jrsacvfe7601ri2eg38r1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache no-cache
Content-Encoding: gzip

Redirect headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Transfer-Encoding: chunked
Location: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Set-Cookie: attrk=yes;Version=1;Max-Age=86400 vcid=%7B%22id%22%3A%226692433b-e688-4047-af98-f092ff54810a%22%2C%22firstTime%22%3A%22Oct+27%2C+2019+11%3A21%3A13+AM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Oct+27%2C+2019+11%3A21%3A13+AM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D;Version=1;Domain=prodtraff.com;Path=/;Max-Age=2147483647;Expires=Fri, 14 Nov 2087 14:35:20 GMT
server: sgm.cloud/1

GET
H/1.1 200
OK form.css
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/ 4 KB
1 KB 31ms
7ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form.css?503525
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: d002c9afbe21d4a74a0014a7a76e9181029a880598035d5257759cf8ef7cd492

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-f50"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds052.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds017.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1075

GET
H2 200 css
fonts.googleapis.com/ 5 KB
755 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bangers|Neucha|Montserrat:400,700

Requested by

Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

87320c140ccf89c8767c4c2ea8c8917c9cb7e7611fa961329a82695686f205aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 27 Oct 2019 11:21:13 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 27 Oct 2019 11:21:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 27 Oct 2019 11:21:13 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 27 Oct 2019 11:21:13 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK style.css
lpmedia.justservingfiles.net/style/templates/Comics/ 248 B
535 B 30ms
8ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/style.css?503525
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 9beb9b9ea64497c2e212197ba4c1be2f539ecfeae042ada1332dfab278c4cab2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-f8"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds101.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds002.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 107

GET
H/1.1 200
OK flirthits_w.png
lpmedia.justservingfiles.net/img/_logos/ 3 KB
3 KB 61ms
6ms Image
image/png 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_logos/flirthits_w.png
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 6aee99d9759a5922778feae35d9e15383a0da1ea277089e8b40a5731874c735e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:44 GMT
Server: nginx
ETag: "5dafc4f0-bbc"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds088.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds056.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3004

GET
H/1.1 200
OK cm1.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
51 KB 63ms
6ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm1.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 80e5148e1595fb25d860a3d39b2050db91a13da3813e6bb75eaf7eb27acd9822

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c9b6"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds052.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds098.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 51638

GET
H/1.1 200
OK cm2.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
50 KB 30ms
8ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm2.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 65d926fbedf7c913de82a866b426d58fb8814526a27ab0b8c432991706f82354

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c607"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds052.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds098.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 50695

GET
H/1.1 200
OK cm3.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
51 KB 28ms
5ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm3.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 75c1d7157ff82196e37bc744f25f7b218cd12fbf7707a760b3ed22161c1e3caf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c920"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds101.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds002.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 51488

GET
H/1.1 200
OK cm11.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
51 KB 45ms
5ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm11.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: caad7fb0365029acd25ae56f7ba4d74bb56947436d3bda51dae1e1d5ad438e53

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c941"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds101.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds002.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 51521

GET
H/1.1 200
OK cm5.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
50 KB 22ms
8ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm5.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: c40f562a41a256da3f8ca724983259f8e5cd5eb3f2710e88428695f0347f7397

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c63f"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds088.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds056.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 50751

GET
H/1.1 200
OK cm6.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 43 KB
43 KB 41ms
6ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm6.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: e213e6866994423b991e072bc2291ad2fb58bad7abacaf3102eb3512440b7d28

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-ab30"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds076.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds003.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43824

GET
H/1.1 200
OK cm7.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 49 KB
50 KB 23ms
8ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm7.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: c90d2d1dd961dddebc8b864ca64a6877818defcfd65382689e21f6ff3fbf20d3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c478"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds076.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds146.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 50296

GET
H/1.1 200
OK cm8.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
51 KB 39ms
6ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm8.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 66df7a60b51440f1eb1b2ceb6f78f0b1da014d6dcec810f73d68d1232d50ea13

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c8ef"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds088.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds056.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 51439

GET
H/1.1 200
OK cm9.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 45 KB
45 KB 41ms
6ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm9.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 45abee330231606d6ed19560ea7857b3378885ac9e5822bcd5c43e6e93401062

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-b3a8"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds052.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds098.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 45992

GET
H/1.1 200
OK cm10.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
51 KB 47ms
6ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm10.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: d1a61697ed0f0f1e96e60ae5df9af0be25b89d1deca7e4458681edb532fca099

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c953"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds052.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds098.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 51539

GET
H/1.1 200
OK cm-men-bg-de.png
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 57 KB
57 KB 46ms
6ms Image
image/png 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm-men-bg-de.png
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: cdae0eeb1c0fbda72015435b1df6962e7397b92ee1adc96356ee8c6b9f8896a0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-e202"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds088.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds056.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 57858

GET
H/1.1 200
OK you-want-to-fuck-de.png
lpmedia.justservingfiles.net/img/_pictures/headlines/ 160 KB
160 KB 43ms
6ms Image
image/png 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/headlines/you-want-to-fuck-de.png
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: b3a2de436a879a994244c02172e00d8a0cd80108a10dc56d2c9637645fbba3cb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:59 GMT
Server: nginx
ETag: "5dafc4ff-27f6b"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds144.fr8.shn,1572175273.cds144.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 163691

GET
H/1.1 200
OK cm-men-de.png
lpmedia.justservingfiles.net/img/_pictures/fsk18/m/ 50 KB
50 KB 22ms
8ms Image
image/png 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/m/cm-men-de.png
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 037164ad97c6aa77782621cd105162ad0e46ad3e5c32eb4179f0cfb7e3921c34

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-c691"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds107.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds147.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 50833

GET
H/1.1 200
OK vs-symbol.png
lpmedia.justservingfiles.net/img/_patterns/ 77 KB
77 KB 20ms
6ms Image
image/png 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_patterns/vs-symbol.png
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 5e82c349ae93879ee02e03b6d8b689bc0914a6497f894ab93521840e016ba8ac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:45 GMT
Server: nginx
ETag: "5dafc4f1-13422"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds144.fr8.shn,1572175273.cds144.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 78882

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 16:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1363157
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 16:41:56 GMT

GET
H/1.1 200
OK validation.js Show response
lpmedia.justservingfiles.net/js/helpers/ 5 KB
2 KB 56ms
6ms Script
application/javascript 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/helpers/validation.js?503525
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 1e6035f680a93f6caaa9503fa0cafd4dd0ea04f65f2bea8070669b9a81e9992d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:00 GMT
Server: nginx
ETag: "5dafc500-15ce"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds076.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds003.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1370

GET
H/1.1 200
OK form_helper.js Show response
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/ 2 KB
1 KB 62ms
7ms Script
application/javascript 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form_helper.js?503525
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 14dba260a885d145d1af7bc353ac4dca9aeb43c93271d1e0ed66c07b26a38cff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-868"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds101.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds013.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 633

GET
H/1.1 200
OK form.js Show response
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/ 4 KB
1 KB 9ms
9ms Script
application/javascript 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form.js?503525
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: d5db5dba10eb17b6a17200d511308a45f025fbda16e41a822ff3634107c47146

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-f2a"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds076.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds004.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1053

GET
H/1.1 200
OK step.js Show response
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/ 3 KB
1 KB 8ms
8ms Script
application/javascript 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/step.js?503525
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 3759f393068944edfc0965372f8f37305c58252c2f43b100950fe180215810d6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-aa6"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds144.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds134.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 867

GET
H/1.1 200
OK popwin.js Show response
lpmedia.justservingfiles.net/js/ 1 KB
968 B 8ms
8ms Script
application/javascript 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/popwin.js?503525
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:00 GMT
Server: nginx
ETag: "5dafc500-499"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds088.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds133.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 525

GET
H/1.1 200
OK cm1.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk18/l/ 493 KB
493 KB 44ms
6ms Image
image/jpeg 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk18/l/cm1.jpg
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 28f489b0dc53b0861d341c2409cb459caf0ac301a60f4a8c6475eedc292c7142

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Last-Modified: Wed, 23 Oct 2019 03:11:56 GMT
Server: nginx
ETag: "5dafc4fc-7b22a"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds107.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds147.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 504362

GET
H/1.1 200
OK base.css
lpmedia.justservingfiles.net/style/templates/Comics/layout/ 3 KB
1 KB 8ms
6ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/layout/base.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 5d8a5ad03cce1662de791157f275b984b9b265012ca0070a8a99e974d7ca3601

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-a12"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds144.fr8.shn,1572175273.cds144.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 857

GET
H/1.1 200
OK header.css
lpmedia.justservingfiles.net/style/templates/Comics/layout/ 199 B
577 B 9ms
6ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/layout/header.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 2411f375f5886e95b3871995cfcc4c05f3e67a941f5f615913caf4684f561a03

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-c7"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds107.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds147.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 149

GET
H/1.1 200
OK photo.css
lpmedia.justservingfiles.net/style/templates/Comics/layout/ 3 KB
1 KB 10ms
6ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/layout/photo.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 1da60e8f177cc8cbb7046fbba32bd3fa7ce4e0a762e2c3a23c1a81ef50673b83

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-c71"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds088.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds056.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 830

GET
H/1.1 200
OK black-men.css
lpmedia.justservingfiles.net/style/templates/Comics/layout/ 1013 B
803 B 12ms
7ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/layout/black-men.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 398e900833483ebecc68461762872e623f709748c3a8d0735108bdc154c16fa8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-3f5"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds076.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds003.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 374

GET
H/1.1 200
OK button.css
lpmedia.justservingfiles.net/style/templates/Comics/layout/ 1 KB
887 B 14ms
6ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/layout/button.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: e92d7f68ae87c4f9175038473e637aa7423aca0ee3140e01d6d5f9314f038829

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-548"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds144.fr8.shn,1572175273.cds144.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 482

GET
H/1.1 200
OK form-header.css
lpmedia.justservingfiles.net/style/templates/Comics/layout/ 2 KB
1011 B 14ms
5ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/layout/form-header.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 82b401f7fb10d2668b155dff9c2e3c7611d589cb833f6a97128f412638895f0c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-793"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds107.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds147.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 582

GET
H/1.1 200
OK registration.css
lpmedia.justservingfiles.net/style/templates/Comics/layout/ 4 KB
1 KB 15ms
6ms Stylesheet
text/css 69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/Comics/layout/registration.css
Requested by: Host: de.flirthits.com
URL: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: aad3c08148b5535b46daba7cdb7b010b45d788e14245e97da50cfffb35888dc5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de.flirthits.com/landing/cm8000?clickId=8849d1a3-8af5-4540-9c84-77bfe03979e8&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8849d1a3-8af5-4540-9c84-77bfe03979e8&tp_redirect_id=8849d1a3-8af5-4540-9c84-77bfe03979e8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 27 Oct 2019 11:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 03:12:04 GMT
Server: nginx
ETag: "5dafc504-f7c"
X-HW: 1572175273.dop055.fr8.t,1572175273.cds101.fr8.shn,1572175273.dop055.fr8.t,1572175273.cds002.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1063

GET
H2 200 q5uGsou0JOdh94bfvQltKRZUgQ.woff2
fonts.gstatic.com/s/neucha/v11/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/neucha/v11/q5uGsou0JOdh94bfvQltKRZUgQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3e2ea470e6730906ac4026cab3e37b8395e94c02d485127a2bc1427d29e98e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Bangers|Neucha|Montserrat:400,700
Origin: https://de.flirthits.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 19:19:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:45:32 GMT
server: sffe
age: 1526496
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11896
x-xss-protection: 0
expires: Thu, 08 Oct 2020 19:19:37 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			de.flirthits.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5hhi3jrsacvfe7601ri2eg38r1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://qkdozr.web10.birnam.ca/ktqaoz?qsjgn=sxahgevn&e=dennis.faillace@evicore.com&bkflhhmwg=ftynauxzx(Line 72) Message: DEBUG: Client OK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cnewvi.com
de.flirthits.com
flusnlb.com
fonts.googleapis.com
fonts.gstatic.com
latest-509329.roomthe.ru
lpmedia.justservingfiles.net
maxcdn.bootstrapcdn.com
nativesp.pro
newsfresh.pro
o-2587.prodtraff.com
qkdozr.web10.birnam.ca
tdsfast-x33.com
138.68.123.185
156.67.36.15
185.164.72.128
185.164.72.20
2001:4de0:ac19::1:b:2a
217.140.66.110
2a00:1450:4001:806::200a
2a00:1450:4001:808::200a
2a00:1450:4001:81a::2003
5.187.3.40
69.16.175.42
88.208.45.27
88.208.60.53
88.85.84.123
037164ad97c6aa77782621cd105162ad0e46ad3e5c32eb4179f0cfb7e3921c34
14dba260a885d145d1af7bc353ac4dca9aeb43c93271d1e0ed66c07b26a38cff
1da60e8f177cc8cbb7046fbba32bd3fa7ce4e0a762e2c3a23c1a81ef50673b83
1e6035f680a93f6caaa9503fa0cafd4dd0ea04f65f2bea8070669b9a81e9992d
2411f375f5886e95b3871995cfcc4c05f3e67a941f5f615913caf4684f561a03
285e1e843b6fdb69a3691f2fbb92478aa8b2d17245345550f48c6a45070bf442
28f489b0dc53b0861d341c2409cb459caf0ac301a60f4a8c6475eedc292c7142
3438d8478823342e1d2d014f0265e47a30af3ebf497da91ad605accd524e6f8d
3759f393068944edfc0965372f8f37305c58252c2f43b100950fe180215810d6
398e900833483ebecc68461762872e623f709748c3a8d0735108bdc154c16fa8
3c712eee3a0a619338e6415e30cb6a6ff35d12ae54b960f394f42b9a28934aaf
3e2ea470e6730906ac4026cab3e37b8395e94c02d485127a2bc1427d29e98e54
45abee330231606d6ed19560ea7857b3378885ac9e5822bcd5c43e6e93401062
5d8a5ad03cce1662de791157f275b984b9b265012ca0070a8a99e974d7ca3601
5e82c349ae93879ee02e03b6d8b689bc0914a6497f894ab93521840e016ba8ac
65d926fbedf7c913de82a866b426d58fb8814526a27ab0b8c432991706f82354
66df7a60b51440f1eb1b2ceb6f78f0b1da014d6dcec810f73d68d1232d50ea13
6aee99d9759a5922778feae35d9e15383a0da1ea277089e8b40a5731874c735e
75c1d7157ff82196e37bc744f25f7b218cd12fbf7707a760b3ed22161c1e3caf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0
80e5148e1595fb25d860a3d39b2050db91a13da3813e6bb75eaf7eb27acd9822
82b401f7fb10d2668b155dff9c2e3c7611d589cb833f6a97128f412638895f0c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87320c140ccf89c8767c4c2ea8c8917c9cb7e7611fa961329a82695686f205aa
942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5
9beb9b9ea64497c2e212197ba4c1be2f539ecfeae042ada1332dfab278c4cab2
aad3c08148b5535b46daba7cdb7b010b45d788e14245e97da50cfffb35888dc5
b3a2de436a879a994244c02172e00d8a0cd80108a10dc56d2c9637645fbba3cb
c40f562a41a256da3f8ca724983259f8e5cd5eb3f2710e88428695f0347f7397
c90d2d1dd961dddebc8b864ca64a6877818defcfd65382689e21f6ff3fbf20d3
caad7fb0365029acd25ae56f7ba4d74bb56947436d3bda51dae1e1d5ad438e53
cdae0eeb1c0fbda72015435b1df6962e7397b92ee1adc96356ee8c6b9f8896a0
d002c9afbe21d4a74a0014a7a76e9181029a880598035d5257759cf8ef7cd492
d1a61697ed0f0f1e96e60ae5df9af0be25b89d1deca7e4458681edb532fca099
d5db5dba10eb17b6a17200d511308a45f025fbda16e41a822ff3634107c47146
e213e6866994423b991e072bc2291ad2fb58bad7abacaf3102eb3512440b7d28
e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3
e92d7f68ae87c4f9175038473e637aa7423aca0ee3140e01d6d5f9314f038829

de.flirthits.com Open in urlscan Pro 156.67.36.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

29 %IPv6

13 Domains

14 Subdomains

10 IPs

3 Countries

1473 kBTransfer

1661 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

de.flirthits.com Open in urlscan Pro
156.67.36.15 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

29 %
IPv6

13
Domains

14
Subdomains

10
IPs

3
Countries

1473 kB
Transfer

1661 kB
Size

1
Cookies

39 HTTP transactions
2 data transactions