cdn.kizzsta.de Open in urlscan Pro
2.109.72.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax4...
Effective URL:
https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz...
Submission: On July 26 via manual (July 26th 2018, 5:00:51 am UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 13 domains to perform 19 HTTP transactions. The main IP is 2.109.72.44, located in Tølløse, Denmark and belongs to TDC TDC A/S, DK. The main domain is cdn.kizzsta.de.
TLS certificate: Issued by thawte DV SSL SHA256 CA on October 24th 2017. Valid for: a year.

This is the only time cdn.kizzsta.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	35.197.52.214 35.197.52.214	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.14.194.249 52.14.194.249	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	107.178.242.109 107.178.242.109	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	52.211.95.198 52.211.95.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2.109.72.45 2.109.72.45	3292 (TDC TDC A/S) (TDC TDC A/S)
7	2.109.72.44 2.109.72.44	3292 (TDC TDC A/S) (TDC TDC A/S)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
19	9

2 35.197.52.214 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.52.197.35.bc.googleusercontent.com

surfpollinggigs.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.14.194.249 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-14-194-249.us-east-2.compute.amazonaws.com

lltrk1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.242.109 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 109.242.178.107.bc.googleusercontent.com

t.hrtyc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.95.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-95-198.eu-west-1.compute.amazonaws.com

jwwdv.imideals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.109.72.45 (Tølløse, Denmark) 1 redirects

ASN3292 (TDC TDC A/S, DK)
PTR: partner.cash4flirt.com

c4f.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.109.72.44 (Tølløse, Denmark)

ASN3292 (TDC TDC A/S, DK)
PTR: ext.cash4flirt.com

cdn.kizzsta.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	kizzsta.de cdn.kizzsta.de	320 KB
3	gstatic.com fonts.gstatic.com	32 KB
3	google-analytics.com 1 redirects www.google-analytics.com	14 KB
2	lltrk1.com lltrk1.com	1 KB
2	surfpollinggigs.site surfpollinggigs.site	13 KB
1	googleapis.com fonts.googleapis.com	861 B
1	c4f.me 1 redirects c4f.me	732 B
1	imideals.com 1 redirects jwwdv.imideals.com	1 KB
1	hrtyc.com 1 redirects t.hrtyc.com	1 KB
1	google.de www.google.de	378 B
1	google.com 1 redirects www.google.com	314 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	183 B
1	googletagmanager.com www.googletagmanager.com	25 KB
19	13

	Domain	Requested by
7	cdn.kizzsta.de	lltrk1.com cdn.kizzsta.de
3	fonts.gstatic.com	cdn.kizzsta.de
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
2	lltrk1.com	surfpollinggigs.site lltrk1.com
2	surfpollinggigs.site
1	fonts.googleapis.com	cdn.kizzsta.de
1	c4f.me	1 redirects
1	jwwdv.imideals.com	1 redirects
1	t.hrtyc.com	1 redirects
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	lltrk1.com
19	13

This site contains no links.

Subject Issuer	Validity	Valid
*.kizzsta.de thawte DV SSL SHA256 CA	`2017-10-24` - `2018-10-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Frame ID: 61D351CC209A9A72608723517CD206D1
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14... Page URL
http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.... Page URL
http://lltrk1.com/sanitize.go?url=https%3A%2F%2Ft.hrtyc.com%2Faff_c%3Foffer_id%3D5102%26aff_id... Page URL
https://t.hrtyc.com/aff_c?offer_id=5102&aff_id=68574&aff_sub=8780639_HzeYmRWAwc3b52ukVLAE3IHoLIG... HTTP 302
http://jwwdv.imideals.com/c/f308000a3adf6ce4?s1=5432&s2=11781&s3=68574&s4=5102..8780639_HzeYmRWAwc3b52... HTTP 302
https://c4f.me/click/tiglTiDwiv/5432_68574?s1=dviqw5b59557a80b69760915932&tsid=5432_68574 HTTP 302
https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

19
Requests

37 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

9
IPs

3
Countries

407 kB
Transfer

758 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl Page URL
http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo Page URL
http://lltrk1.com/sanitize.go?url=https%3A%2F%2Ft.hrtyc.com%2Faff_c%3Foffer_id%3D5102%26aff_id%3D68574%26aff_sub%3D8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu%26BRITT%3DDating_CougarsWantYou%26PERK%3Djonwamn%2540yahoo.com Page URL
https://t.hrtyc.com/aff_c?offer_id=5102&aff_id=68574&aff_sub=8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com HTTP 302
http://jwwdv.imideals.com/c/f308000a3adf6ce4?s1=5432&s2=11781&s3=68574&s4=5102..8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu&click_id=102ca9492844fa82fbcf53406760ac HTTP 302
https://c4f.me/click/tiglTiDwiv/5432_68574?s1=dviqw5b59557a80b69760915932&tsid=5432_68574 HTTP 302
https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1336836564&t=pageview&_s=1&dl=http%3A%2F%2Flltrk1.com%2Fsmart.track%3FVID%3D1%26AFID%3D21845%26BRITT%3DDating_CougarsWantYou%26PERK%3Djonwamn%40yahoo.com%26SID%3D22463-A000716590%2CVR35148%2CM2c309u1%2Cyahoo&dr=http%3A%2F%2Fsurfpollinggigs.site%2FslBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUAB~&jid=610954603&gjid=500464459&cid=251547248.1532581242&tid=UA-109215160-2&_gid=1925829759.1532581242&_r=1&gtm=u6t&z=1082303335 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_gid=1925829759.1532581242&gjid=500464459&_v=j68&z=1082303335 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_v=j68&z=1082303335 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_v=j68&z=1082303335&slf_rd=1&random=2277435206

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl Show response
surfpollinggigs.site/ 44 KB
13 KB 684ms
532ms Document
text/html 35.197.52.214
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl

Protocol

HTTP/1.1

Server

35.197.52.214 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

214.52.197.35.bc.googleusercontent.com

Software

Apache/2.4.18 /

Resource Hash

030460dba2272fb6a79f4c4861f9a394d1ba3a26ac4480f3cecbe112d696b079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Host: surfpollinggigs.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 61D351CC209A9A72608723517CD206D1

Response headers

Date: Thu, 26 Jul 2018 05:00:40 GMT
Server: Apache/2.4.18
Connection: Close
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 13230
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK fp.php
surfpollinggigs.site/images/ 35 B
240 B 524ms
373ms Image
image/gif 35.197.52.214
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://surfpollinggigs.site/images/fp.php?e=nz9hq2SgoxO5LJuiol5wo20&p=9d0d12375b4ca0e4b7a13993d23dbd04&r=000e1aaf

Protocol

HTTP/1.1

Server

35.197.52.214 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

214.52.197.35.bc.googleusercontent.com

Software

Apache/2.4.18 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: surfpollinggigs.site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl
Connection: keep-alive
Cache-Control: no-cache
Referer: http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 26 Jul 2018 05:00:41 GMT
X-Content-Type-Options: nosniff
Server: Apache/2.4.18
Connection: Close
Content-Length: 35
X-Frame-Options: sameorigin
Content-Type: image/gif

GET
H/1.1 200
OK smart.track Show response
lltrk1.com/ 773 B
930 B 655ms
513ms Document
text/html 52.14.194.249
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo
Requested by: Host: surfpollinggigs.site
URL: http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl
Protocol: HTTP/1.1
Server: 52.14.194.249 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-14-194-249.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: da171e6782e476c9d731171eec50e5c06c2c9dead5805cbb1b6a900062177412

Request headers

Host: lltrk1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 61D351CC209A9A72608723517CD206D1
Referer: http://surfpollinggigs.site/slBL6VArqewc1UBHiJxL2L942IyniKwbefz7GWxKyMAcG0y5WvC7KUAo6cAYtVwcxUxItZyIxS14lVxoBWyI5exnW75Ixax41dwpZX9YxVz85Wwl

Response headers

Date: Thu, 26 Jul 2018 05:00:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 773
Connection: keep-alive
Server: Apache

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 70 KB
25 KB 28ms
14ms Script
application/javascript 2a00:1450:4001:810::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109215160-2

Requested by

Host: lltrk1.com
URL: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo

Protocol

SPDY

Server

2a00:1450:4001:810::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

033644d3e99766acff4cdd4726b85220f0fc5cf091cb94161c8173abfcd07b27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 26 Jul 2018 05:00:42 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 25189
x-xss-protection: 1; mode=block
expires: Thu, 26 Jul 2018 05:00:42 GMT

GET
H/1.1 200
OK sanitize.go
lltrk1.com/ 188 B
345 B 105ms
105ms Document
text/html 52.14.194.249
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://lltrk1.com/sanitize.go?url=https%3A%2F%2Ft.hrtyc.com%2Faff_c%3Foffer_id%3D5102%26aff_id%3D68574%26aff_sub%3D8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu%26BRITT%3DDating_CougarsWantYou%26PERK%3Djonwamn%2540yahoo.com
Requested by: Host: lltrk1.com
URL: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo
Protocol: HTTP/1.1
Server: 52.14.194.249 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-14-194-249.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: lltrk1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 61D351CC209A9A72608723517CD206D1
Referer: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo

Response headers

Date: Thu, 26 Jul 2018 05:00:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 188
Connection: keep-alive
Server: Apache

GET
S 200 analytics.js
www.google-analytics.com/ 34 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109215160-2

Protocol

SPDY

Server

2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 114
date: Thu, 26 Jul 2018 04:58:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Thu, 26 Jul 2018 06:58:48 GMT

POST
S 200 collect
www.google-analytics.com/ 35 B
143 B 13ms
13ms Other
image/gif 2a00:1450:4001:810::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Server

2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: max-age=0
Origin: http://lltrk1.com
Referer: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Jul 2018 05:00:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: http://lltrk1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1336836564&t=pageview&_s=1&dl=http%3A%2F%2Flltrk1.com%2Fsmart.track%3FVID%3D1%26AFID%3D21845%26BRITT%3DDating_CougarsWantYou%26PERK%3Djonwamn...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_gid=1925829759.1532581242&gjid=500464459&_v=j68&z=1082303335
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_v=j68&z=1082303335
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_v=j68&z=1082303335&slf_rd=1&random=2277435206

42 B
378 B

29ms
16ms

Image
image/gif

2a00:1450:4001:810::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_v=j68&z=1082303335&slf_rd=1&random=2277435206

Protocol

SPDY

Server

2a00:1450:4001:810::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lltrk1.com/smart.track?VID=1&AFID=21845&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR35148,M2c309u1,yahoo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Jul 2018 05:00:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Jul 2018 05:00:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=251547248.1532581242&jid=610954603&_v=j68&z=1082303335&slf_rd=1&random=2277435206
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Primary Request / Show response
cdn.kizzsta.de/DE_BS3_2ieide1f08/
Redirect Chain

https://t.hrtyc.com/aff_c?offer_id=5102&aff_id=68574&aff_sub=8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu&BRITT=Dating_CougarsWantYou&PERK=jonwamn@yahoo.com
http://jwwdv.imideals.com/c/f308000a3adf6ce4?s1=5432&s2=11781&s3=68574&s4=5102..8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu&click_id=102ca9492844fa82fbcf53406760ac
https://c4f.me/click/tiglTiDwiv/5432_68574?s1=dviqw5b59557a80b69760915932&tsid=5432_68574
https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D

5 KB
2 KB

115ms
19ms

Document
text/html

2.109.72.44
TDC TDC A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Requested by: Host: lltrk1.com
URL: http://lltrk1.com/sanitize.go?url=https%3A%2F%2Ft.hrtyc.com%2Faff_c%3Foffer_id%3D5102%26aff_id%3D68574%26aff_sub%3D8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu%26BRITT%3DDating_CougarsWantYou%26PERK%3Djonwamn%2540yahoo.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.44 Tølløse, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: ext.cash4flirt.com
Software: nginx /
Resource Hash: 6fc3f0db1ac3feaf1f5ad6d4f269ff795f4bc09458b214bc5b71f7407e145e7e

Request headers

Host: cdn.kizzsta.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://lltrk1.com/sanitize.go?url=https%3A%2F%2Ft.hrtyc.com%2Faff_c%3Foffer_id%3D5102%26aff_id%3D68574%26aff_sub%3D8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu%26BRITT%3DDating_CougarsWantYou%26PERK%3Djonwamn%2540yahoo.com
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 61D351CC209A9A72608723517CD206D1
Referer: http://lltrk1.com/sanitize.go?url=https%3A%2F%2Ft.hrtyc.com%2Faff_c%3Foffer_id%3D5102%26aff_id%3D68574%26aff_sub%3D8780639_HzeYmRWAwc3b52ukVLAE3IHoLIGh19vu%26BRITT%3DDating_CougarsWantYou%26PERK%3Djonwamn%2540yahoo.com

Response headers

Server: nginx
Date: Thu, 26 Jul 2018 05:00:42 GMT
Content-Type: text/html
Last-Modified: Thu, 03 May 2018 08:57:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5aeacf08-13a9"
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 26 Jul 2018 05:00:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Set-Cookie: PHPSESSID=o0rfp05sulol3v0pichk02o7nm; path=/ c4f-701441e58c0b97e74fdeb8d674100903_c=1; Expires=Fri, 27-Jul-2018 05:00:42 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"

GET
H/1.1 200
OK styles.css
cdn.kizzsta.de/DE_BS3_2ieide1f08/ 136 KB
29 KB 38ms
38ms Stylesheet
text/css 2.109.72.44
TDC TDC A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/styles.css
Requested by: Host: cdn.kizzsta.de
URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.44 Tølløse, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: ext.cash4flirt.com
Software: nginx /
Resource Hash: 5aff183ca691673e66559c81fb6763ffe6a2117e5fc5ea157a5564221290ae05

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.kizzsta.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 26 Jul 2018 05:00:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 May 2018 08:57:44 GMT
Server: nginx
ETag: W/"5aeacf08-21e85"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK index.js Show response
cdn.kizzsta.de/DE_BS3_2ieide1f08/ 187 KB
62 KB 59ms
20ms Script
application/javascript 2.109.72.44
TDC TDC A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/index.js
Requested by: Host: cdn.kizzsta.de
URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.44 Tølløse, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: ext.cash4flirt.com
Software: nginx /
Resource Hash: f7fac21ec4f7ebfcaf302ca0ff2bb33ca7b16ad57f98f85122774c7b11d793a7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.kizzsta.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 26 Jul 2018 05:00:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 May 2018 08:57:44 GMT
Server: nginx
ETag: W/"5aeacf08-2ec67"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
S 200 css
fonts.googleapis.com/ 9 KB
861 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:81c::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: cdn.kizzsta.de
URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D

Protocol

SPDY

Server

2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ca29a9646f1d38999895936bf9cc7e6c841aac0d6a6bd15f1ba503383e890ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=600
content-encoding: gzip
last-modified: Thu, 26 Jul 2018 05:00:42 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 26 Jul 2018 05:00:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 26 Jul 2018 05:00:42 GMT

GET
H/1.1 200
OK girls12.jpg
cdn.kizzsta.de/DE_BS3_2ieide1f08/images/ 71 KB
71 KB 40ms
40ms Image
image/jpeg 2.109.72.44
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/images/girls12.jpg?65bd07332b69fd058fcfcb9701dd27e5
Requested by: Host: cdn.kizzsta.de
URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.44 Tølløse, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: ext.cash4flirt.com
Software: nginx /
Resource Hash: 1ae2c13740168b3f5e5438e9dd98ceae0c990c62b8764c9db9cf1a0999fbdc1b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.kizzsta.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 26 Jul 2018 05:00:42 GMT
Last-Modified: Thu, 03 May 2018 08:57:44 GMT
Server: nginx
ETag: "5aeacf08-11b84"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72580

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK pic1.png
cdn.kizzsta.de/DE_BS3_2ieide1f08/images/ 151 KB
151 KB 49ms
19ms Image
image/png 2.109.72.44
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/images/pic1.png?3725e43baa2fa60627d153e677e2b0b9
Requested by: Host: cdn.kizzsta.de
URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.44 Tølløse, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: ext.cash4flirt.com
Software: nginx /
Resource Hash: 239fffad594236f8cfe877a1aa3d518aa4cbb76c669f07a58eb7df28c9fbe295

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.kizzsta.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 26 Jul 2018 05:00:42 GMT
Last-Modified: Thu, 03 May 2018 08:57:44 GMT
Server: nginx
ETag: "5aeacf08-25cc3"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154819

GET
S 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

SPDY

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin: https://cdn.kizzsta.de

Response headers

date: Thu, 19 Jul 2018 18:18:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 556962
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10748
x-xss-protection: 1; mode=block
expires: Fri, 19 Jul 2019 18:18:00 GMT

GET
S 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

SPDY

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin: https://cdn.kizzsta.de

Response headers

date: Thu, 19 Jul 2018 18:17:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:03 GMT
server: sffe
age: 556965
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10764
x-xss-protection: 1; mode=block
expires: Fri, 19 Jul 2019 18:17:57 GMT

GET
S 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

SPDY

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin: https://cdn.kizzsta.de

Response headers

date: Thu, 19 Jul 2018 18:18:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 556959
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10788
x-xss-protection: 1; mode=block
expires: Fri, 19 Jul 2019 18:18:03 GMT

GET
H/1.1 200
OK Cookie set lead Show response
cdn.kizzsta.de/ 18 KB
5 KB 103ms
103ms XHR
text/html 2.109.72.44
TDC TDC A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kizzsta.de/lead?type=bootstrap3&s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Requested by: Host: cdn.kizzsta.de
URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.44 Tølløse, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: ext.cash4flirt.com
Software: nginx /
Resource Hash: e4d6a771bdfd0dc25796799b3867e20febfd8821707b7f6f2bddae6be3760cc4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.kizzsta.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cache-Control: no-cache
Accept: */*
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Jul 2018 05:00:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: PHPSESSID=vn8vv103lj7tnicm0avcduij00; path=/ wm=c4fid%7Cb87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D; expires=Sat, 25-Aug-2018 05:00:43 GMT; Max-Age=2592000 cf=https%3A%2F%2Fcdn.kizzsta.de%2FDE_BS3_2ieide1f08%2F%3Fs1%3Ddviqw5b59557a80b69760915932%26tsid%3D5432_68574%26c4fp%3D59%26c4fid%3Db87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%252FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%253D%253D; expires=Sat, 25-Aug-2018 05:00:43 GMT; Max-Age=2592000
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 3702
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found ladebalken.gif
cdn.kizzsta.de/DE_BS3_2ieide1f08/pic/ 564 B
564 B 20ms
20ms Image
text/html 2.109.72.44
TDC TDC A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/pic/ladebalken.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.109.72.44 Tølløse, Denmark, ASN3292 (TDC TDC A/S, DK),
Reverse DNS: ext.cash4flirt.com
Software: nginx /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.kizzsta.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
Cookie: PHPSESSID=vn8vv103lj7tnicm0avcduij00; wm=c4fid%7Cb87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D; cf=https%3A%2F%2Fcdn.kizzsta.de%2FDE_BS3_2ieide1f08%2F%3Fs1%3Ddviqw5b59557a80b69760915932%26tsid%3D5432_68574%26c4fp%3D59%26c4fid%3Db87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%252FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%253D%253D
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn.kizzsta.de/DE_BS3_2ieide1f08/?s1=dviqw5b59557a80b69760915932&tsid=5432_68574&c4fp=59&c4fid=b87jlMQEGHuZg1Oz0H6VaqTGdqtsycI9A8oaE%2FekH3pTTOsKni77sYBY1yqwdQ8XWONskRtygv5Yc7BnXuMNHQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 26 Jul 2018 05:00:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c4f.me
cdn.kizzsta.de
fonts.googleapis.com
fonts.gstatic.com
jwwdv.imideals.com
lltrk1.com
stats.g.doubleclick.net
surfpollinggigs.site
t.hrtyc.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
107.178.242.109
2.109.72.44
2.109.72.45
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200a
2a00:1450:400c:c0c::9a
35.197.52.214
52.14.194.249
52.211.95.198
030460dba2272fb6a79f4c4861f9a394d1ba3a26ac4480f3cecbe112d696b079
033644d3e99766acff4cdd4726b85220f0fc5cf091cb94161c8173abfcd07b27
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
1ae2c13740168b3f5e5438e9dd98ceae0c990c62b8764c9db9cf1a0999fbdc1b
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
239fffad594236f8cfe877a1aa3d518aa4cbb76c669f07a58eb7df28c9fbe295
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
5aff183ca691673e66559c81fb6763ffe6a2117e5fc5ea157a5564221290ae05
6fc3f0db1ac3feaf1f5ad6d4f269ff795f4bc09458b214bc5b71f7407e145e7e
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
ca29a9646f1d38999895936bf9cc7e6c841aac0d6a6bd15f1ba503383e890ffe
da171e6782e476c9d731171eec50e5c06c2c9dead5805cbb1b6a900062177412
e4d6a771bdfd0dc25796799b3867e20febfd8821707b7f6f2bddae6be3760cc4
f7fac21ec4f7ebfcaf302ca0ff2bb33ca7b16ad57f98f85122774c7b11d793a7

cdn.kizzsta.de Open in urlscan Pro 2.109.72.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

37 %HTTPS

54 %IPv6

13 Domains

13 Subdomains

9 IPs

3 Countries

407 kBTransfer

758 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

cdn.kizzsta.de Open in urlscan Pro
2.109.72.44 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

37 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

9
IPs

3
Countries

407 kB
Transfer

758 kB
Size

0
Cookies

19 HTTP transactions
1 data transactions