urlscan.io logo urlscan.io
SecurityTrails logo

heissetreffen.co Open in urlscan Pro
13.52.64.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cute-vegina2.girlinyourarea.site/
Effective URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,14...
Submission: On June 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 16 domains to perform 30 HTTP transactions. The main IP is 13.52.64.93, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is heissetreffen.co.
TLS certificate: Issued by R3 on May 4th 2024. Valid for: 3 months.
This is the only time heissetreffen.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.163.112 13335 (CLOUDFLAR...)
1 1 162.213.255.57 22612 (NAMECHEAP...)
2 188.114.96.3 13335 (CLOUDFLAR...)
2 2 18.195.19.123 16509 (AMAZON-02)
1 18.158.121.249 16509 (AMAZON-02)
2 2 18.198.80.68 16509 (AMAZON-02)
14 13.52.64.93 16509 (AMAZON-02)
3 104.17.24.14 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.193.127.195 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
30 11
1    172.67.163.112 (United States)

ASN13335 (CLOUDFLARENET, US)
cute-vegina2.girlinyourarea.site
1    162.213.255.57 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server149-1.web-hosting.com
stracksecure.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
trz.trztrk.us
www.barecdn.com
2    18.195.19.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-19-123.eu-central-1.compute.amazonaws.com
zzotrack.com
1    18.158.121.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-121-249.eu-central-1.compute.amazonaws.com
mnt.guard1trxlnk.com
2    18.198.80.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-80-68.eu-central-1.compute.amazonaws.com
v.trckletrckle01.com
14    13.52.64.93 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-64-93.us-west-1.compute.amazonaws.com
heissetreffen.co
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.193.127.195 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-127-195.us-west-1.compute.amazonaws.com
trcke03.com
1    2600:9000:211e:c800:14:2406:2080:21 (United States)

ASN16509 (AMAZON-02, US)
d2hgmw69dn4juq.cloudfront.net
Domain Requested by
14 heissetreffen.co mnt.guard1trxlnk.com
heissetreffen.co
3 cdnjs.cloudflare.com heissetreffen.co
cdnjs.cloudflare.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com heissetreffen.co
www.googletagmanager.com
2 cdn.jsdelivr.net heissetreffen.co
2 v.trckletrckle01.com 2 redirects
2 zzotrack.com 2 redirects
1 d2hgmw69dn4juq.cloudfront.net
1 trcke03.com heissetreffen.co
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com heissetreffen.co
1 www.barecdn.com heissetreffen.co
1 mnt.guard1trxlnk.com trz.trztrk.us
1 trz.trztrk.us
1 stracksecure.com 1 redirects
1 cute-vegina2.girlinyourarea.site 1 redirects
30 16

This site contains no links.

Subject Issuer Validity Valid
trztrk.us
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
ph.guardlnkcaptcha.com
Amazon RSA 2048 M02		 2024-02-14 -
2025-03-15		 a year crt.sh
heissetreffen.co
R3		 2024-05-04 -
2024-08-02		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
barecdn.com
WE1		 2024-06-10 -
2024-09-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
trcke03.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Frame ID: 134E8A1394FF6F5DCB38F5CC173D7F48
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bestdates

Page URL History Show full URLs

  1. https://cute-vegina2.girlinyourarea.site/ HTTP 302
    https://stracksecure.com/tracking202/redirect/rtr.php?t202id=5155&c1=IVAN1&t202kw=IVAN1 HTTP 302
    https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1 Page URL
  2. https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47?pub_id=10&campaign=2&referer=&source=IV... HTTP 307
    https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47/2?pub_id=10&campaign=2&referer=&source=... HTTP 302
    https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4... Page URL
  3. https://v.trckletrckle01.com/75877c48-9608-4d00-a357-792e092d11ca?sub1=1236&sub2=11cb91c1-d956-4a05-8194-... HTTP 307
    https://v.trckletrckle01.com/75877c48-9608-4d00-a357-792e092d11ca/2?sub1=1236&sub2=11cb91c1-d956-4a05-819... HTTP 302
    https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

40 %
IPv6

16
Domains

16
Subdomains

11
IPs

4
Countries

943 kB
Transfer

10951 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cute-vegina2.girlinyourarea.site/ HTTP 302
    https://stracksecure.com/tracking202/redirect/rtr.php?t202id=5155&c1=IVAN1&t202kw=IVAN1 HTTP 302
    https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1 Page URL
  2. https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47?pub_id=10&campaign=2&referer=&source=IVAN1&sub_source=&revenue={revenue}&clickid=6671bd394c7b8c0343068307&p1=IVAN1 HTTP 307
    https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47/2?pub_id=10&campaign=2&referer=&source=IVAN1&sub_source=&revenue={revenue}&clickid=6671bd394c7b8c0343068307&p1=IVAN1 HTTP 302
    https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4a05-8194-3d9f86e18c47_10 Page URL
  3. https://v.trckletrckle01.com/75877c48-9608-4d00-a357-792e092d11ca?sub1=1236&sub2=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&sub3=&sub4=&click_id=d0a0f71b0b43f798278f99cd64d1e076 HTTP 307
    https://v.trckletrckle01.com/75877c48-9608-4d00-a357-792e092d11ca/2?sub1=1236&sub2=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&sub3=&sub4=&click_id=d0a0f71b0b43f798278f99cd64d1e076 HTTP 302
    https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cute-vegina2.girlinyourarea.site/ HTTP 302
  • https://stracksecure.com/tracking202/redirect/rtr.php?t202id=5155&c1=IVAN1&t202kw=IVAN1 HTTP 302
  • https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1
Request Chain 1
  • https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47?pub_id=10&campaign=2&referer=&source=IVAN1&sub_source=&revenue={revenue}&clickid=6671bd394c7b8c0343068307&p1=IVAN1 HTTP 307
  • https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47/2?pub_id=10&campaign=2&referer=&source=IVAN1&sub_source=&revenue={revenue}&clickid=6671bd394c7b8c0343068307&p1=IVAN1 HTTP 302
  • https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4a05-8194-3d9f86e18c47_10

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
trz.trztrk.us/
Redirect Chain
  • https://cute-vegina2.girlinyourarea.site/
  • https://stracksecure.com/tracking202/redirect/rtr.php?t202id=5155&c1=IVAN1&t202kw=IVAN1
  • https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1
566 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Model
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
895cd644ee2e5d86-FRA
content-encoding
br
content-type
text/html
date
Tue, 18 Jun 2024 17:00:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sz6SlgrkeIYKcjVneBTCTv6ApDZIm2At4OHHlr3CMiRljEjGmLYkQWaY6pJJUgasCWc7mqujQ8SYqYkb2DTqm3HmTGaFrDxXfFf10LvTHnFcnVD0HDGZqs5hDoDEUlrb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-rt
0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 17:00:40 GMT
location
https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1
server
LiteSpeed
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
click
mnt.guard1trxlnk.com/
Redirect Chain
  • https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47?pub_id=10&campaign=2&referer=&source=IVAN1&sub_source=&revenue={revenue}&clickid=6671bd394c7b8c0343068307&p1=IVAN1
  • https://zzotrack.com/11cb91c1-d956-4a05-8194-3d9f86e18c47/2?pub_id=10&campaign=2&referer=&source=IVAN1&sub_source=&revenue={revenue}&clickid=6671bd394c7b8c0343068307&p1=IVAN1
  • https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4a05-8194-3d9f86e18c47_10
26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4a05-8194-3d9f86e18c47_10
Requested by
Host: trz.trztrk.us
URL: https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.121.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-121-249.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://trz.trztrk.us/click?campaign_id=2&pub_id=10&p1=IVAN1&source=IVAN1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 17:00:41 GMT
server
nginx/1.24.0

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 18 Jun 2024 17:00:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4a05-8194-3d9f86e18c47_10
pragma
no-cache
server
nginx
Primary Request lp8
heissetreffen.co/
Redirect Chain
  • https://v.trckletrckle01.com/75877c48-9608-4d00-a357-792e092d11ca?sub1=1236&sub2=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&sub3=&sub4=&click_id=d0a0f71b0b43f798278f99cd64d1e076
  • https://v.trckletrckle01.com/75877c48-9608-4d00-a357-792e092d11ca/2?sub1=1236&sub2=11cb91c1-d956-4a05-8194-3d9f86e18c47_10&sub3=&sub4=&click_id=d0a0f71b0b43f798278f99cd64d1e076
  • https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Requested by
Host: mnt.guard1trxlnk.com
URL: https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4a05-8194-3d9f86e18c47_10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a0b1162fb7b52c93faa80b82a40fce16229ade98d58547204d5f4fd2573e5920

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://mnt.guard1trxlnk.com/click?o=6824&a=1236&sub_id1=wlk1or5pcs8hc142jiu2g4kc&sub_id3=11cb91c1-d956-4a05-8194-3d9f86e18c47_10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 18 Jun 2024 17:00:42 GMT
ETag
W/"66701a02-7fc"
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 18 Jun 2024 17:00:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
pragma
no-cache
server
nginx
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
606919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18752
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-4940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbi5RZhrQn3j5MLqazlT6lXmJEIu2JwoU1V4CKHp7B1W3nG9DZmiu1SIWnrPQ%2BiBb41gYOBAJ6FIyw9sjl2cRngfMokcWJ2Ufdaob5cgv91W8GwHQj6y2kTRN4iobmqUAsRs8NXm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895cd64fb91b5d5d-FRA
expires
Sun, 08 Jun 2025 17:00:42 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/ 		226 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/bootstrap.min.css
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6aa6018aa6ea3ae4027e02236405fbfa0b9de70a9029165572ddbb2de1c7e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3728579
x-jsd-version
5.3.0-alpha2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34681
x-served-by
cache-fra-etou8220033-FRA, cache-lga21958-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"387e0-kol8xBxbCwiMXO4drK1nrE++qEQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smdEIuR2hetrcc%2B67JwLuoIZ7sharPZg57ZEYU%2F2E73gg9DLJNam0oPd5VE2Tr7ivcni6pBWQTp1PrV%2FneV%2FPqyamUWwmJZD12cvJN%2FHmUhcGvZ4KJhMbT5SCPcxN9%2B5BhvtzbwE0tslulVB524%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895cd64fcd9c8f3e-FRA
index-5d151a9b.js
heissetreffen.co/assets/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/index-5d151a9b.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6ca316d6b600e70fd0ef41b0e081b7670f0c42ef466efd009e37b0527db137fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:42 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-16a9a"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
92826
index-31432941.css
heissetreffen.co/assets/ 		125 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/index-31432941.css
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
314329410abde08feb4303d45328c727e61a858157e704b06036e5f641764f54

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:43 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-7d"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
125
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/bootstrap.bundle.min.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2925a1337f2046c1196fd30e6f3c2ff0cc68f11bd156d633ea169f2cd5dcfa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
605667
x-jsd-version
5.3.0-alpha2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23347
x-served-by
cache-fra-etou8220043-FRA, cache-lga21955-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"13ab0-zDkgqihecutKnzGqD/VTgB+CozY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvYkGgRmZluwjcWspdzaA39LlYDbWnmdvLgh0YAqC5PlU1qm3FsT6GPwix2jFPlfue7hHUyElCoxlipZZcj5AINQfMVW41Ee1VRNu67LO8pdNz3YBzfy7EwTmHhThkSfxk7OkUlUhvCUVDc1RhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895cd64fcd9f8f3e-FRA
EHawkTalon.js
www.barecdn.com/Scripts/ExternalScoringService/ 		116 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.barecdn.com/Scripts/ExternalScoringService/EHawkTalon.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ,
Resource Hash
4a79a8d4133104bf939bc1fe0c439e1243d3c930845529cb39c5d0c70f03ec6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
age
7587380
x-powered-by
,
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=86400
content-length
48105
last-modified
Tue, 23 Jan 2024 11:58:28 GMT
server
cloudflare
etag
"16d857af34dda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xiUcyKIvQcOBue0pCTBpseWtUUdtY0HEF8kNO94wTp7tyT1DSaKFX06i0tVW0UKX%2BCbgo7%2B8nmtp20PnKvVwFiDgCZD7JlqmShzQ5GA%2BOhcHDcqrHi2UH8ivaz8J5436%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
895cd64fe9e765e1-FRA
gtm.js
www.googletagmanager.com/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSFQF6D
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52f733a79a2d0cc4c4a3f49bbf06c6a39c27bbf1d30f91a6d4b23c67a2b6c813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69533
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 16:04:44 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jun 2024 17:00:43 GMT
js
www.googletagmanager.com/gtag/ 		298 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FGJWZQHW17&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSFQF6D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bdaf165c571bff38e750c9e18bc3b23eb96ee797936a28f4be576b30e4743b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102186
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 17:00:43 GMT
css2
fonts.googleapis.com/ 		2 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-31432941.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 17:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 15:08:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 17:00:43 GMT
Index-46286b03.js
heissetreffen.co/assets/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/Index-46286b03.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a9de1ee0829ac73658a830b9c9bf98a75d67b3cf963ee5d5c592e86582d970e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-565b"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
22107
endpoints-09dd9628.js
heissetreffen.co/assets/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/endpoints-09dd9628.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5ab9c33fd5176869d0f480c85ce83d7a0b3992f1eb1fc401441508d8ef113ac7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-79b4"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
31156
config-deab3dd2.js
heissetreffen.co/assets/ 		584 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/config-deab3dd2.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4a6e4adb4419aaca0194277dbf689a313cfd61e8d15668daf5e1c27907aef18

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-248"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
584
Language-5cb707d4.js
heissetreffen.co/assets/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/Language-5cb707d4.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
29369fd9d74a636537ffa7842247c79d5447482a8995b01ab8d55bd1e557ac0d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-be6d"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
48749
sweetalert2.all-fbaacd57.js
heissetreffen.co/assets/ 		63 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/sweetalert2.all-fbaacd57.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
825535fd9c8a4a25216d0a5bb783c0dad69eb0b32982566b9e8f1f3b08eeb2c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-fc74"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
64628
urlParameters-9a509ac9.js
heissetreffen.co/assets/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/urlParameters-9a509ac9.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
03ca7be227a57c7f6b46f2ba410e8621a06513a5e4cec5a4a945e2fd3a7414f0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-e43"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
3651
api-285ca6fd.js
heissetreffen.co/assets/ 		62 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/api-285ca6fd.js
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0c49705091e3d37585cf2c1635fecc3e53f1a0d08e315776203a3094f4375f9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-f816"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
63510
Index-128cda4e.css
heissetreffen.co/assets/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/assets/Index-128cda4e.css
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/index-5d151a9b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
128cda4e4209f061df924ba4498e4909317bd49a1576e7201c334738c214c289

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-8db"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
2267
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FGJWZQHW17&gtm=45je46c0v9104498695z89104484953za200zb9104484953&_p=1718730042951&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=743024364.1718730044&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718730044&sct=1&seg=0&dl=https%3A%2F%2Fheissetreffen.co%2Flp8%3Fvideo%3D17%26click_id%3Dwiq3omccu0n8s1423itic706%26t1%3Dbf0d098c26%26t2%3Db8ed5d573f%26select%3D%255B32%2C38%2C23%2C142%255D%26sub1%3Dbf0d098c26%26sub2%3Db8ed5d573f%26sub3%3D117d85f7e8%26sub4%3D117d85f7e8&dt=Bestdates&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2038&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FGJWZQHW17&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 17:00:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heissetreffen.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:48:09 GMT
x-content-type-options
nosniff
age
7955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:48:09 GMT
favicon.ico
heissetreffen.co/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0a6a03384044257ced8f6846bf1798c60054f74d4dd24584221e3826a65d059

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=%5B32,38,23,142%5D&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:01 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a01-d41"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
3393
device
trcke03.com/api/ 		403 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trcke03.com/api/device
Requested by
Host: heissetreffen.co
URL: https://heissetreffen.co/assets/endpoints-09dd9628.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.193.127.195 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-127-195.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52662c11f73ab935b19e46b444d6cd6cd12e3290816b295a2f7d4faed70d6284

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://heissetreffen.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-RateLimit-Remaining
59
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
false
X-RateLimit-Limit
60
Connection
keep-alive
logo%202-be1043d6.png
heissetreffen.co/assets/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heissetreffen.co/assets/logo%202-be1043d6.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
be1043d619dd76822ba8dcc695067607c33908f3ca41654f9ba71842edb6fdf4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=[32,38,23,142]&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:45 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a02-4d02"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
19714
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:45 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
423861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150124
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-24a6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkJADEo74ONNYm90R1AnADHx1ASpQ2Q%2Bm0X8p2bbWatCne%2FaPGGao6ulmD3NRdiS4khOSUZo5x4mQF7wminrBQ6YS9fbLNk%2Bxc4F9%2FSUKlz%2BCET8BJuhHX192dK5JCuXo%2Bp1qLG8"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895cd65e0b9d5d5d-FRA
expires
Sun, 08 Jun 2025 17:00:45 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://heissetreffen.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 17:00:45 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
108020
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-1a5f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNeeR0j4lR6L5fSALPdS1kSgvoD%2FwF8EKBFObhHl3aAbDTjj%2BpcaCpCOq5VEdXebfcoauzABKb7%2FkTa51iA3RJFdJpWEf0U8DnmIrwCTxqAGOWiAFKMVp8fJi%2BSwjqnQjauu1qo7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895cd65e0ba05d5d-FRA
expires
Sun, 08 Jun 2025 17:00:45 GMT
17.mp4
d2hgmw69dn4juq.cloudfront.net/mp4/ 		9 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d2hgmw69dn4juq.cloudfront.net/mp4/17.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c800:14:2406:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://heissetreffen.co/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 05:43:06 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified
Mon, 01 May 2023 10:54:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
40659
x-amz-server-side-encryption
AES256
etag
"536b8002c9db0db2c15831ae59703868"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-12108885/12108886
accept-ranges
bytes
x-amz-cf-id
W8Ug2sqK2zb2lmvjOmwsfqCE3qKWy2DjexE6Q_UuTDCwJt05duALrg==
Content-Length
12108886
favicon.ico
heissetreffen.co/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.co/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.52.64.93 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-64-93.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0a6a03384044257ced8f6846bf1798c60054f74d4dd24584221e3826a65d059

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://heissetreffen.co/lp8?video=17&click_id=wiq3omccu0n8s1423itic706&t1=bf0d098c26&t2=b8ed5d573f&select=[32,38,23,142]&sub1=bf0d098c26&sub2=b8ed5d573f&sub3=117d85f7e8&sub4=117d85f7e8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 17:00:44 GMT
Last-Modified
Mon, 17 Jun 2024 11:12:01 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66701a01-d41"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
3393
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FGJWZQHW17&gtm=45je46c0v9104498695za200zb9104484953&_p=1718730042951&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=743024364.1718730044&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1718730044&sct=1&seg=0&dl=https%3A%2F%2Fheissetreffen.co%2Flp8%3Fvideo%3D17%26click_id%3Dwiq3omccu0n8s1423itic706%26t1%3Dbf0d098c26%26t2%3Db8ed5d573f%26select%3D%255B32%2C38%2C23%2C142%255D%26sub1%3Dbf0d098c26%26sub2%3Db8ed5d573f%26sub3%3D117d85f7e8%26sub4%3D117d85f7e8&dt=Bestdates&_s=2&tfd=7056&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FGJWZQHW17&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://heissetreffen.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 17:00:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heissetreffen.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer object| google_tag_manager object| google_tag_data number| uidEvent object| bootstrap object| Talon object| regeneratorRuntime function| onYouTubeIframeAPIReady object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ object| gaGlobal

14 Cookies

Domain/Path Name / Value
.stracksecure.com/ Name: tracking202subid-legacy
Value: 163923
.stracksecure.com/ Name: tracking202subid_a_3-legacy
Value: 163923
.stracksecure.com/ Name: tracking202subid
Value: 163923
.stracksecure.com/ Name: tracking202subid_a_3
Value: 163923
trz.trztrk.us/ Name: sess_632b3f53ce20465fc2535e37
Value: 632b358e3c0d3a3ae24fb4db
.zzotrack.com/ Name: 11cb91c1-d956-4a05-8194-3d9f86e18c47-v4
Value: hzir7yVGdkipw2J3Y1IXao6O32dBOJ3Om--IM_9v624
.zzotrack.com/ Name: cc-v4
Value: e%2FfwipBkX9PaPHnChOQAKQj2FyXAbJ5q0O%2F3QnKUrc6u2d3ZjhcGl%2BS%2FydNucx9nxdob9RgaNzLdtrO%2Bk97DHJ2rvpZUoPBIVq6%2ByjQdRLM3d8ToYqMoOkZsQBfCkC6gLZrwAcfdoL5Qj5dcMTN1kA%3D%3D
mnt.guard1trxlnk.com/ Name: U-de58bfe3d33dada41a9398c30e21eeed
Value: unique
mnt.guard1trxlnk.com/ Name: o_de58bfe3d33dada41a9398c30e21eeed
Value: 41b97001-e2e7-40d9-8f95-da3f51763af9
.v.trckletrckle01.com/ Name: 75877c48-9608-4d00-a357-792e092d11ca-v4
Value: -_PT_UKYrJGJtxgPTiTelAe_uoIfRpHjBSqsmuTraAA
.v.trckletrckle01.com/ Name: cc-v4
Value: 9iT8UhNfpMoJdKwuWJhkckj3u5Xc7yzsVvjY3cWoZ6EBhJO0xlwFx%2FTHs%2FWZeFyRn%2BddSfr9xhPyvIX7tu%2F3ryfmP1iHCtS2kjPrHjBUHoLcgP%2FfN7ZrFoCdMhMSSBNQ1FCoN%2B3vXYFUHEiRoeDTEw%3D%3D
.heissetreffen.co/ Name: _ga
Value: GA1.1.743024364.1718730044
heissetreffen.co/ Name: gbu9uvfhph6a0mdatwbzomssrlboczvs
Value: %7B%22v%22%3A%226.0.7%22%2C%22a%22%3A4273960809%2C%22b%22%3A%228db236e915b0bc7d6f0a3e95a94b2b55%22%2C%22c%22%3A1718730044515%2C%22d%22%3A%221dbf6232c591708a71cdded763df468f%22%2C%22e%22%3Anull%7D
.heissetreffen.co/ Name: _ga_FGJWZQHW17
Value: GS1.1.1718730044.1.1.1718730045.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
cute-vegina2.girlinyourarea.site
d2hgmw69dn4juq.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
heissetreffen.co
mnt.guard1trxlnk.com
region1.google-analytics.com
stracksecure.com
trcke03.com
trz.trztrk.us
v.trckletrckle01.com
www.barecdn.com
www.googletagmanager.com
zzotrack.com
104.17.24.14
13.52.64.93
162.213.255.57
172.67.163.112
18.158.121.249
18.195.19.123
18.198.80.68
188.114.96.3
2001:4860:4802:34::36
2600:9000:211e:c800:14:2406:2080:21
2606:4700::6812:bb1f
2a00:1450:4001:811::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2008
54.193.127.195
03ca7be227a57c7f6b46f2ba410e8621a06513a5e4cec5a4a945e2fd3a7414f0
0c49705091e3d37585cf2c1635fecc3e53f1a0d08e315776203a3094f4375f9d
128cda4e4209f061df924ba4498e4909317bd49a1576e7201c334738c214c289
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
2925a1337f2046c1196fd30e6f3c2ff0cc68f11bd156d633ea169f2cd5dcfa5e
29369fd9d74a636537ffa7842247c79d5447482a8995b01ab8d55bd1e557ac0d
314329410abde08feb4303d45328c727e61a858157e704b06036e5f641764f54
3bdaf165c571bff38e750c9e18bc3b23eb96ee797936a28f4be576b30e4743b2
4a79a8d4133104bf939bc1fe0c439e1243d3c930845529cb39c5d0c70f03ec6d
52662c11f73ab935b19e46b444d6cd6cd12e3290816b295a2f7d4faed70d6284
52f733a79a2d0cc4c4a3f49bbf06c6a39c27bbf1d30f91a6d4b23c67a2b6c813
5ab9c33fd5176869d0f480c85ce83d7a0b3992f1eb1fc401441508d8ef113ac7
6b6aa6018aa6ea3ae4027e02236405fbfa0b9de70a9029165572ddbb2de1c7e1
6ca316d6b600e70fd0ef41b0e081b7670f0c42ef466efd009e37b0527db137fd
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
825535fd9c8a4a25216d0a5bb783c0dad69eb0b32982566b9e8f1f3b08eeb2c7
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
8a9de1ee0829ac73658a830b9c9bf98a75d67b3cf963ee5d5c592e86582d970e
a0b1162fb7b52c93faa80b82a40fce16229ade98d58547204d5f4fd2573e5920
be1043d619dd76822ba8dcc695067607c33908f3ca41654f9ba71842edb6fdf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a6e4adb4419aaca0194277dbf689a313cfd61e8d15668daf5e1c27907aef18
f0a6a03384044257ced8f6846bf1798c60054f74d4dd24584221e3826a65d059
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615