date.deinseitensprung.com Open in urlscan Pro
79.99.237.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://datingnowclub.appspot.com/l6UBLuW9ipFwLsYgPoFhHjXAOpGg_sSNWpX83sFt_vSw=eHNOzFwOpXBDpVArfYQvbVdeyKAbpXAvbUQqoSw3nFxGpH9OzGd...
Effective URL:
https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690...
Submission: On July 18 via manual (July 18th 2019, 2:06:47 am UTC) from US

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 18 domains to perform 50 HTTP transactions. The main IP is 79.99.237.27, located in Switzerland and belongs to JUSTNET-AS -- Carrier Service --, CH. The main domain is date.deinseitensprung.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 3rd 2019. Valid for: 3 months.

This is the only time date.deinseitensprung.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:825::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.224.148.218 35.224.148.218	15169 (GOOGLE) (GOOGLE - Google LLC)
1	3.18.227.114 3.18.227.114	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	64.210.142.3 64.210.142.3	29789 (REFLECTED) (REFLECTED - Reflected Networks)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	64.210.142.4 64.210.142.4	29789 (REFLECTED) (REFLECTED - Reflected Networks)
1 1	217.140.66.110 217.140.66.110	20640 (TITAN-NET...) (TITAN-NETWORKS Bleichstrasse 1)
1	79.99.237.27 79.99.237.27	44227 (JUSTNET-A...) (JUSTNET-AS -- Carrier Service --)
27	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
50	16

1 2a00:1450:4001:825::2014 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

datingnowclub.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.224.148.218 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 218.148.224.35.bc.googleusercontent.com

drzen.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.18.227.114 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-18-227-114.us-east-2.compute.amazonaws.com

a.messageverify.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.210.142.3 (Waltham, United States)

ASN29789 (REFLECTED - Reflected Networks, Inc., US)

instant.resurrect.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.210.142.4 (Waltham, United States) 1 redirects

ASN29789 (REFLECTED - Reflected Networks, Inc., US)

webfonts-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.140.66.110 (Germany) 1 redirects

ASN20640 (TITAN-NETWORKS Bleichstrasse 1, DE)

o-2494.prodtraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.99.237.27 (Switzerland)

ASN44227 (JUSTNET-AS -- Carrier Service --, CH)

date.deinseitensprung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net

lpmedia.justservingfiles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	justservingfiles.net lpmedia.justservingfiles.net	644 KB
3	gstatic.com fonts.gstatic.com	42 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	google.de www.google.de	265 B
2	google.com 1 redirects www.google.com	348 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	resurrect.club instant.resurrect.club	10 KB
2	googletagmanager.com www.googletagmanager.com	50 KB
2	drzen.site drzen.site	44 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	deinseitensprung.com date.deinseitensprung.com	8 KB
1	prodtraff.com 1 redirects o-2494.prodtraff.com	839 B
1	webfonts-cdn.com 1 redirects webfonts-cdn.com	724 B
1	messageverify.club a.messageverify.club	881 B
1	appspot.com 1 redirects datingnowclub.appspot.com	294 B
0	rtbsuperhub.com Failed eu-adsrv.rtbsuperhub.com Failed
50	18

	Domain	Requested by
27	lpmedia.justservingfiles.net	date.deinseitensprung.com
3	fonts.gstatic.com	date.deinseitensprung.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
2	www.google.de	date.deinseitensprung.com
2	www.google.com	1 redirects date.deinseitensprung.com
2	instant.resurrect.club	a.messageverify.club instant.resurrect.club
2	www.googletagmanager.com	a.messageverify.club date.deinseitensprung.com
2	drzen.site
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	ajax.googleapis.com	date.deinseitensprung.com
1	fonts.googleapis.com	date.deinseitensprung.com
1	maxcdn.bootstrapcdn.com	date.deinseitensprung.com
1	date.deinseitensprung.com	instant.resurrect.club
1	o-2494.prodtraff.com	1 redirects
1	webfonts-cdn.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	a.messageverify.club	drzen.site
1	datingnowclub.appspot.com	1 redirects
0	eu-adsrv.rtbsuperhub.com Failed	date.deinseitensprung.com
50	20

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
date.deinseitensprung.com Let's Encrypt Authority X3	`2019-07-03` - `2019-10-01`	3 months	crt.sh
*.justservingfiles.net COMODO RSA Domain Validation Secure Server CA	`2016-12-20` - `2019-12-20`	3 years	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Frame ID: DD0340E112A0533C13C8DAAA0F88CE08
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://datingnowclub.appspot.com/l6UBLuW9ipFwLsYgPoFhHjXAOpGg_sSNWpX83sFt_vSw=eHNOzFwOpXBDpVArfYQvbVdeyKAbpXA... HTTP 302
http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C... Page URL
http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A00... Page URL
http://instant.resurrect.club/aff/zbo.php?offer=ZS&sub=46596&sub2=46601&extsub=trolleyman98@hotmail.com Page URL
http://webfonts-cdn.com/reports/index.php?z=46596&c1=TI&extsub=trolleyman98@hotmail.com&loc=TI& HTTP 302
https://o-2494.prodtraff.com/758c07f2-74da-45ad-b754-179661e4fb55?subPublisher=380317&source=46596&clickT... HTTP 302
https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=3803... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

50
Requests

86 %
HTTPS

53 %
IPv6

18
Domains

20
Subdomains

16
IPs

4
Countries

866 kB
Transfer

1194 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://datingnowclub.appspot.com/l6UBLuW9ipFwLsYgPoFhHjXAOpGg_sSNWpX83sFt_vSw=eHNOzFwOpXBDpVArfYQvbVdeyKAbpXAvbUQqoSw3nFxGpH9OzGdenKN6qHNCuGNWyGcr1DAvwZMr9HOD8KNWqLOLAKd6qGuGyHuKuLd_yHtCvHNOyHOP_G978KNXAIOT9Gt=AGuKtKdD9I9H7HeT7GeCqI9/OqKdGzH9_rGuKrKuD_GdCzGOOvHtSrGNP=KNWqEa HTTP 302
http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70* Page URL
http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail Page URL
http://instant.resurrect.club/aff/zbo.php?offer=ZS&sub=46596&sub2=46601&extsub=trolleyman98@hotmail.com Page URL
http://webfonts-cdn.com/reports/index.php?z=46596&c1=TI&extsub=trolleyman98@hotmail.com&loc=TI& HTTP 302
https://o-2494.prodtraff.com/758c07f2-74da-45ad-b754-179661e4fb55?subPublisher=380317&source=46596&clickTag=9cd857c6b6f545b891b50dc66270b1f3 HTTP 302
https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://datingnowclub.appspot.com/l6UBLuW9ipFwLsYgPoFhHjXAOpGg_sSNWpX83sFt_vSw=eHNOzFwOpXBDpVArfYQvbVdeyKAbpXAvbUQqoSw3nFxGpH9OzGdenKN6qHNCuGNWyGcr1DAvwZMr9HOD8KNWqLOLAKd6qGuGyHuKuLd_yHtCvHNOyHOP_G978KNXAIOT9Gt=AGuKtKdD9I9H7HeT7GeCqI9/OqKdGzH9_rGuKrKuD_GdCzGOOvHtSrGNP=KNWqEa HTTP 302
http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*

Request Chain 7

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1019664830&t=pageview&_s=1&dl=http%3A%2F%2Fa.messageverify.club%2Fsmart.track%3FVID%3D256%26AFID%3D415899%26EMAIL%3Dtrolleyman98%40hotmail.com%26SID%3D45929-A005241782%2C%2C2019.04.12_Dating_Renren_Yeva%2CH_All_Target%2Chotmail&dr=http%3A%2F%2Fdrzen.site%2F2a2a7%2Ft%2Fr%2F15cad559%2Fe%2Ftrolleyman98%40hotmail.com%2Fs%2F45929-A005241782%2C%257B%24mv%257D%2CC5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUAB~&jid=881529362&gjid=737400391&cid=1842443647.1563415594&tid=UA-109215160-2&_gid=235877179.1563415594&_r=1&gtm=2ou7a0&z=935507991 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_gid=235877179.1563415594&gjid=737400391&_v=j77&z=935507991 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_v=j77&z=935507991 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_v=j77&z=935507991&slf_rd=1&random=2448644094

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70* Show response
drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/
Redirect Chain

https://datingnowclub.appspot.com/l6UBLuW9ipFwLsYgPoFhHjXAOpGg_sSNWpX83sFt_vSw=eHNOzFwOpXBDpVArfYQvbVdeyKAbpXAvbUQqoSw3nFxGpH9OzGdenKN6qHNCuGNWyGcr1DAvwZMr9HOD8KNWqLOLAKd6qGuGyHuKuLd_yHtCvHNOyHOP_G...
http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*

44 KB
44 KB

7919ms
505ms

Document
text/html

35.224.148.218
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*
Protocol: HTTP/1.1
Server: 35.224.148.218 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 218.148.224.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: af51eeadcc2d0086ea673a06a37c9ccea3845581d0e7e1f1ffec4e238ce59b36

Request headers

Host: drzen.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 02:06:30 GMT
content-type: text/html; charset=UTF-8
content-length: 45015
connection: close
server: Apache

Redirect headers

status: 302
location: http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,{$mv},C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*
content-type: text/html
x-cloud-trace-context: 7ea4e422b3e9df167125a969437c71b8
date: Thu, 18 Jul 2019 02:06:22 GMT
server: Google Frontend
content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK fp.php
drzen.site/images/ 35 B
171 B 609ms
498ms Image
image/gif 35.224.148.218
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://drzen.site/images/fp.php?e=qUWioTkyrJ1uowx4DTuiqT1unJjhL29g&p=f1439b81e3be8fb69f4190e8a272a827&r=00ed9602
Protocol: HTTP/1.1
Security: , ,
Server: 35.224.148.218 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 218.148.224.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 02:06:31 GMT
server: Apache
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK smart.track Show response
a.messageverify.club/ 724 B
881 B 1876ms
622ms Document
text/html 3.18.227.114
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail
Requested by: Host: drzen.site
URL: http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*
Protocol: HTTP/1.1
Server: 3.18.227.114 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-18-227-114.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 659b9d0686c8ac33abe9f9db1eb422a9cbb6638f929e6b61debf27e4a03f7bd8

Request headers

Host: a.messageverify.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://drzen.site/2a2a7/t/r/15cad559/e/trolleyman98@hotmail.com/s/45929-A005241782,%7B$mv%7D,C5BBA70EDFB003C87D4F187255585ED00BA7F9FC31F3D3B2C83A6FA2B0850B394113D1CBD2291E576115EA70*

Response headers

Date: Thu, 18 Jul 2019 02:06:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 724
Connection: keep-alive
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 65 KB
25 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109215160-2

Requested by

Host: a.messageverify.club
URL: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb0db0ea40bcbbbe452f1afa589b53fa000c95e53b9eef51626af74173406dcf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 02:06:33 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25679
x-xss-protection: 0
expires: Thu, 18 Jul 2019 02:06:33 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109215160-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 2334
date: Thu, 18 Jul 2019 01:27:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Thu, 18 Jul 2019 03:27:39 GMT

GET
H/1.1 200
OK Cookie set zbo.php Show response
instant.resurrect.club/aff/ 3 KB
2 KB 1277ms
214ms Document
text/html 64.210.142.3
Reflected Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://instant.resurrect.club/aff/zbo.php?offer=ZS&sub=46596&sub2=46601&extsub=trolleyman98@hotmail.com
Requested by: Host: a.messageverify.club
URL: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail
Protocol: HTTP/1.1
Server: 64.210.142.3 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ca6e4dbb88f69c130c2aacece444d7e6d8d810c48c31c39b8b4d881a4114e416

Request headers

Host: instant.resurrect.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail

Response headers

Server: nginx
Date: Thu, 18 Jul 2019 02:06:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Set-Cookie: th_tracker=%7B%22sub%22%3A%2246596%22%2C%22sub2%22%3A%2246601%22%2C%22sub3%22%3A%22TI%22%2C%22sub4%22%3A%22TI%22%2C%22trans%22%3A%22TI%22%2C%22offer%22%3A%22ZS%22%2C%22loc%22%3A%22TI%22%2C%22c1%22%3A%22TI%22%2C%22extsub%22%3A%22trolleyman98%40hotmail.com%22%7D; expires=Fri, 19-Jul-2019 02:06:34 GMT; Max-Age=86400; path=/ th_tracker=%7B%22sub%22%3A%2246596%22%2C%22sub2%22%3A%2246601%22%2C%22sub3%22%3A%22TI%22%2C%22sub4%22%3A%22TI%22%2C%22trans%22%3A%22TI%22%2C%22offer%22%3A%22ZS%22%2C%22loc%22%3A%22TI%22%2C%22c1%22%3A%22TI%22%2C%22extsub%22%3A%22trolleyman98%40hotmail.com%22%7D; expires=Fri, 19-Jul-2019 02:06:34 GMT; Max-Age=86400; path=/

POST
H2 200 collect
www.google-analytics.com/ 35 B
161 B 13ms
13ms Other
image/gif 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail
Origin: http://a.messageverify.club
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Jul 2019 02:06:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: http://a.messageverify.club
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1019664830&t=pageview&_s=1&dl=http%3A%2F%2Fa.messageverify.club%2Fsmart.track%3FVID%3D256%26AFID%3D415899%26EMAIL%3Dtrolleyman98%40hotmail.co...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_gid=235877179.1563415594&gjid=737400391&_v=j77&z=935507991
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_v=j77&z=935507991
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_v=j77&z=935507991&slf_rd=1&random=2448644094

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_v=j77&z=935507991&slf_rd=1&random=2448644094

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.messageverify.club/smart.track?VID=256&AFID=415899&EMAIL=trolleyman98@hotmail.com&SID=45929-A005241782,,2019.04.12_Dating_Renren_Yeva,H_All_Target,hotmail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2019 02:06:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jul 2019 02:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1842443647.1563415594&jid=881529362&_v=j77&z=935507991&slf_rd=1&random=2448644094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK history.js Show response
instant.resurrect.club/aff/scripts/ 23 KB
8 KB 227ms
222ms Script
application/x-javascript 64.210.142.3
Reflected Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://instant.resurrect.club/aff/scripts/history.js
Requested by: Host: instant.resurrect.club
URL: http://instant.resurrect.club/aff/zbo.php?offer=ZS&sub=46596&sub2=46601&extsub=trolleyman98@hotmail.com
Protocol: HTTP/1.1
Security: , ,
Server: 64.210.142.3 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer: http://instant.resurrect.club/aff/zbo.php?offer=ZS&sub=46596&sub2=46601&extsub=trolleyman98@hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Apr 2016 05:50:31 GMT
Server: nginx
ETag: W/"57132427-5ba3"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

GET
H/1.1

200
OK

Primary Request

Cookie set wf6000 Show response
date.deinseitensprung.com/landing/
Redirect Chain

http://webfonts-cdn.com/reports/index.php?z=46596&c1=TI&extsub=trolleyman98@hotmail.com&loc=TI&
https://o-2494.prodtraff.com/758c07f2-74da-45ad-b754-179661e4fb55?subPublisher=380317&source=46596&clickTag=9cd857c6b6f545b891b50dc66270b1f3
https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935...

46 KB
8 KB

1532ms
218ms

Document
text/html

79.99.237.27
JUSTNET-AS -- Car...

General

Check archive.org

Show headers Download Go to

Full URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Requested by: Host: instant.resurrect.club
URL: http://instant.resurrect.club/aff/zbo.php?offer=ZS&sub=46596&sub2=46601&extsub=trolleyman98@hotmail.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.99.237.27 , Switzerland, ASN44227 (JUSTNET-AS -- Carrier Service --, CH),
Reverse DNS
Software: nginx /
Resource Hash: d2a7d9c05f06ac26108ad4a1d09d461eca5dc05fd46e9fc101c84642087eea24

Request headers

Host: date.deinseitensprung.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://instant.resurrect.club/aff/zbo.php?bo=1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://instant.resurrect.club/aff/zbo.php?bo=1

Response headers

Server: nginx
Date: Thu, 18 Jul 2019 02:06:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Set-Cookie: PHPSESSID=550167096c0f7a44f0eb1d146d4ae4f4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache no-cache
Content-Encoding: gzip

Redirect headers

Date: Thu, 18 Jul 2019 02:06:35 GMT
Transfer-Encoding: chunked
Location: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Set-Cookie: attrk=yes;Version=1;Max-Age=86400 vcid=%7B%22id%22%3A%2246ced38e-9877-40a6-94ba-da02d6996190%22%2C%22firstTime%22%3A%22Jul+18%2C+2019+2%3A06%3A35+AM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Jul+18%2C+2019+2%3A06%3A35+AM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D;Version=1;Domain=prodtraff.com;Path=/;Max-Age=2147483647;Expires=Tue, 05 Aug 2087 05:20:42 GMT
server: sgm.cloud/1

GET
H/1.1 200
OK bootstrap.css
lpmedia.justservingfiles.net/style/plugins/ 26 KB
5 KB 3090ms
8ms Stylesheet
text/css 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/plugins/bootstrap.css?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f7667d54b2d693c49a1d7b74d0196a549bbd4f030ff32a2d10261db5ea7de576

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:42 GMT
Server: nginx
ETag: "5d2e99aa-6670"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds054.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4619

GET
H/1.1 200
OK grid_layout.css
lpmedia.justservingfiles.net/style/layout/ 17 KB
3 KB 3090ms
8ms Stylesheet
text/css 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/layout/grid_layout.css?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 0a799d5868aca297298e70253bf899cf889fb022659902f60545e808866cc01d

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:42 GMT
Server: nginx
ETag: "5d2e99aa-4559"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds054.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2289

GET
H/1.1 200
OK animation.css
lpmedia.justservingfiles.net/style/layout/ 2 KB
952 B 3099ms
9ms Stylesheet
text/css 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/layout/animation.css?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 04ba31993919023c1305651ccb3e9e5c0de988d8e9591770077c424dfdc2b9ad

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:42 GMT
Server: nginx
ETag: "5d2e99aa-910"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds004.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 523

GET
H/1.1 200
OK registration.css
lpmedia.justservingfiles.net/widgets/mb_registration/ 6 KB
2 KB 3100ms
9ms Stylesheet
text/css 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/mb_registration/registration.css?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 70ff8791b964891b85f96f91804ad6b4f69b474374db607de36dc747eb745140

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:43 GMT
Server: nginx
ETag: "5d2e99ab-16f3"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds141.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1414

GET
H/1.1 200
OK progress-bar.css
lpmedia.justservingfiles.net/widgets/mb_registration/ 1 KB
810 B 3108ms
8ms Stylesheet
text/css 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/mb_registration/progress-bar.css?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: a9bcb05cd390e3d71e61e9761bdf17d5354ad02fbd1655fc31bd6ff18f0bb091

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:43 GMT
Server: nginx
ETag: "5d2e99ab-441"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds002.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 381

GET
H/1.1 200
OK corner.css
lpmedia.justservingfiles.net/widgets/corner/ 246 B
629 B 3108ms
8ms Stylesheet
text/css 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/widgets/corner/corner.css?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:43 GMT
Server: nginx
ETag: "5d2e99ab-f6"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds022.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 201

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
7ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 02:06:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 css
fonts.googleapis.com/ 2 KB
524 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700

Requested by

Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e86080709d842e4bb34b0c092e38c363e6f3157d7788c8fe9f6655bc724413df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 18 Jul 2019 02:06:37 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 18 Jul 2019 02:06:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 18 Jul 2019 02:06:37 GMT

GET
H/1.1 200
OK style.css
lpmedia.justservingfiles.net/style/templates/WhatsFriends/ 17 KB
4 KB 3116ms
7ms Stylesheet
text/css 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/style/templates/WhatsFriends/style.css?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 87f0afa6d0b54d7bbdc45df4fa3dfaf215fa42835dfe178f10612e014a2ff754

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:42 GMT
Server: nginx
ETag: "5d2e99aa-42d5"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds009.fr8.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3585

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 65 KB
25 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-923472557

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ea6e71031b278c3408e0051d534ac2bf7394ab518bc84624d53664b16995467

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 02:06:37 GMT
content-encoding: br
last-modified: Thu, 18 Jul 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25679
x-xss-protection: 0
expires: Thu, 18 Jul 2019 02:06:37 GMT

GET
H/1.1 200
OK tp-user1.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/s/ 4 KB
4 KB 24ms
8ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/s/tp-user1.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f95946bc7c6731f96b4d4d7be20de3208d90860a4aee73a9291184a181354ca7

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-fae"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds015.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4014

GET
H/1.1 200
OK tp-user2.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/s/ 4 KB
4 KB 18ms
8ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/s/tp-user2.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: b7f3a5cf6e07015a626b3546e6d1b7e81e04d3e8de07c20af6b293991af4307a

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-f76"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds136.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3958

GET
H/1.1 200
OK tp-user3.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/s/ 4 KB
5 KB 24ms
7ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/s/tp-user3.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 94a0c58a0d45487d3d90ce2924da104b58586c4ff99a20f4b48be1d8698e3c74

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-11a2"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4514

GET
H/1.1 200
OK tp-user4.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/s/ 5 KB
6 KB 68ms
7ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/s/tp-user4.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 0d5e177b0d8a41e61be869f818eec48f3e5d9767618bcaabca838cc68910cea3

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-1599"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds056.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5529

GET
H/1.1 200
OK tp-user5.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/s/ 5 KB
5 KB 67ms
6ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/s/tp-user5.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: eb8d127496b2cc93871ed32d006db258d419e988e2b3337c91a8a2415d2c1fff

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-13d2"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds056.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5074

GET
H/1.1 200
OK tp-user6.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/m/ 65 KB
65 KB 107ms
46ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/m/tp-user6.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f4aa3d56c97187f1eed0a4875200e6af375533e60bf2f3fedd290f656b9f04db

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-1023f"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds035.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 66111

GET
H/1.1 200
OK tp-user7.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/m/ 55 KB
55 KB 37ms
6ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/m/tp-user7.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 2f9de2d06fe9217a38f67d179291933e2a1f01fc417107f888959dbee2e8b22f

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-dbb5"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 56245

GET
H/1.1 200
OK tp-user8.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/m/ 77 KB
78 KB 21ms
6ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/m/tp-user8.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 47c5947d53bbe7c1c9a2105c9a18e96d0a3b3ad48810d7a420e8f39b88ea9245

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-13577"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds136.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 79223

GET
H/1.1 200
OK tp-user9.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/m/ 69 KB
69 KB 29ms
7ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/m/tp-user9.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 194d98aa12d08fdbe5ae0d41d0b360c32818c486b0a11bd224a9d020aed2f8be

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-1141b"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 70683

GET
H/1.1 200
OK tp-user10.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/m/ 47 KB
47 KB 21ms
7ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/m/tp-user10.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 22806cbd9e7ed25785f1211ca71a9eed48ba6f9d54aa64619ad7a10879569386

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-ba06"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 47622

GET
H/1.1 200
OK tp-user11.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/m/ 65 KB
66 KB 31ms
8ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/m/tp-user11.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 4c96027116e9c9966691bf268f80ad2a68b99bf3244fbca244d6b5bc6affbfdf

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-105e1"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds138.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 67041

GET
H/1.1 200
OK tp-user-chat1.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk16/m/ 78 KB
79 KB 39ms
7ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/fsk16/m/tp-user-chat1.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 3b4c45e5b12b350afe74cdd7d383ad5ffd4d5420be9fd5899e2e2fbb0a4a58ec

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:23 GMT
Server: nginx
ETag: "5d2e9997-139e9"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 80361

GET
H/1.1 200
OK icon-chat.png
lpmedia.justservingfiles.net/img/_pictures/cougarLife/ 3 KB
3 KB 32ms
8ms Image
image/png 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_pictures/cougarLife/icon-chat.png
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 986f1d40472a183b8567f9f42b0eb5fe17372ae9907407ee107751525cf77810

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:20 GMT
Server: nginx
ETag: "5d2e9994-bec"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds056.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3052

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 09 Jul 2019 03:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 771373
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 30306
x-xss-protection: 0
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jul 2020 03:50:24 GMT

GET
H/1.1 200
OK scripts_tower.js Show response
lpmedia.justservingfiles.net/js/actions/ 11 KB
3 KB 26ms
8ms Script
application/javascript 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/actions/scripts_tower.js?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 897971a1197d814cade7753a78b66b7f550093dc2a3ce19b8fe3da06de4837df

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:37 GMT
Server: nginx
ETag: "5d2e99a5-2ce8"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds034.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2143

GET
H/1.1 200
OK validation.js Show response
lpmedia.justservingfiles.net/js/helpers/ 5 KB
2 KB 9ms
8ms Script
application/javascript 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/helpers/validation.js?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 5bfe13c8c40b577826a1b7a0246d26c6084c9d6c10003196efe0cf3d582c50f1

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:37 GMT
Server: nginx
ETag: "5d2e99a5-153f"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds004.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1340

GET
H/1.1 200
OK registration.js Show response
lpmedia.justservingfiles.net/js/ 18 KB
4 KB 10ms
7ms Script
application/javascript 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/registration.js?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f29f65e40541e7390a5b93fd9e87a060713dae9aaa8e586d9854fda5b2888db7

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:37 GMT
Server: nginx
ETag: "5d2e99a5-4990"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds034.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3972

GET
H/1.1 200
OK popwin.js Show response
lpmedia.justservingfiles.net/js/ 1 KB
968 B 17ms
8ms Script
application/javascript 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpmedia.justservingfiles.net/js/popwin.js?481831
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 03:44:37 GMT
Server: nginx
ETag: "5d2e99a5-499"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 525

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 1057ms
17ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-923472557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8bcb1d5b7dc86d041b4f6e58de89ecadd65481559b688d52bcc64719aeaaf06b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 02:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 8916
x-xss-protection: 0
server: cafe
etag: 409039483495873268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Jul 2019 02:06:41 GMT

GET
H/1.1 200
OK tp-colum-center.jpg
lpmedia.justservingfiles.net/img/_patterns/ 84 KB
84 KB 8ms
7ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_patterns/tp-colum-center.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: bd89cc94ea28adb623d34016b6189c7b3bd2a4ae14608a0b296b523da9cb5129

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:20 GMT
Server: nginx
ETag: "5d2e9994-14e27"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds137.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds136.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 85543

GET
H/1.1 200
OK icons_whatsup.png
lpmedia.justservingfiles.net/img/_btns/ 4 KB
5 KB 14ms
7ms Image
image/png 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_btns/icons_whatsup.png
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 7b6014378b799c5c4f2ddb26ebd2c78528976134498888ee85bb054b86025646

Request headers

Referer: https://lpmedia.justservingfiles.net/style/templates/WhatsFriends/style.css?481831
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:20 GMT
Server: nginx
ETag: "5d2e9994-113f"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4415

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700
Origin: https://date.deinseitensprung.com

Response headers

date: Fri, 14 Jun 2019 03:57:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:00 GMT
server: sffe
age: 2930923
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Sat, 13 Jun 2020 03:57:57 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v15/ 15 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v15/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700
Origin: https://date.deinseitensprung.com

Response headers

date: Tue, 09 Jul 2019 03:56:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:31 GMT
server: sffe
age: 770995
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14864
x-xss-protection: 0
expires: Wed, 08 Jul 2020 03:56:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v15/ 14 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700
Origin: https://date.deinseitensprung.com

Response headers

date: Tue, 09 Jul 2019 01:56:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:18 GMT
server: sffe
age: 778187
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Wed, 08 Jul 2020 01:56:53 GMT

GET
H/1.1 200
OK tp-colum-right.jpg
lpmedia.justservingfiles.net/img/_patterns/ 43 KB
43 KB 31ms
6ms Image
image/jpeg 69.16.175.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpmedia.justservingfiles.net/img/_patterns/tp-colum-right.jpg
Requested by: Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 3c8d7f29c17a35ee7df19c118aa66bccee380a6cc63a228e35723e0900f17532

Request headers

Referer: https://lpmedia.justservingfiles.net/style/templates/WhatsFriends/style.css?481831
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 02:06:40 GMT
Last-Modified: Wed, 17 Jul 2019 03:44:20 GMT
Server: nginx
ETag: "5d2e9994-abf3"
X-HW: 1563415600.dop011.fr8.t,1563415600.cds027.fr8.shn,1563415600.dop011.fr8.t,1563415600.cds055.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 44019

GET fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 0
0

GET /
eu-adsrv.rtbsuperhub.com/lp/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/923472557/ 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923472557/?random=1563415601499&cv=9&fst=1563415601499&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7a0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdate.deinseitensprung.com%2Flanding%2Fwf6000%3Fpid%3D6034-02CA4%26zz%3Dtrue%26isAffiliate%3Dtrue%26sub%3D1433%26spub_id%3D380317%26tag%3D8fdad2de-3690-402e-81a8-235faa1d6935%26hit_id%3D8fdad2de-3690-402e-81a8-235faa1d6935%26tp_redirect_id%3D8fdad2de-3690-402e-81a8-235faa1d6935&ref=http%3A%2F%2Finstant.resurrect.club%2Faff%2Fzbo.php%3Fbo%3D1&tiba=deinseitensprung.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d7f914758578736082d5bf2cde51723740e9d037832ad5d124c7d59014e91e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2019 02:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/923472557/ 42 B
167 B 22ms
21ms Image
image/gif 2a00:1450:4001:816::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/923472557/?random=1563415601499&cv=9&fst=1563415200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7a0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdate.deinseitensprung.com%2Flanding%2Fwf6000%3Fpid%3D6034-02CA4%26zz%3Dtrue%26isAffiliate%3Dtrue%26sub%3D1433%26spub_id%3D380317%26tag%3D8fdad2de-3690-402e-81a8-235faa1d6935%26hit_id%3D8fdad2de-3690-402e-81a8-235faa1d6935%26tp_redirect_id%3D8fdad2de-3690-402e-81a8-235faa1d6935&ref=http%3A%2F%2Finstant.resurrect.club%2Faff%2Fzbo.php%3Fbo%3D1&tiba=deinseitensprung.com&async=1&fmt=3&cdct=2&is_vtc=1&random=2671701493&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2019 02:06:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/923472557/ 42 B
156 B 22ms
22ms Image
image/gif 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/923472557/?random=1563415601499&cv=9&fst=1563415200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7a0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdate.deinseitensprung.com%2Flanding%2Fwf6000%3Fpid%3D6034-02CA4%26zz%3Dtrue%26isAffiliate%3Dtrue%26sub%3D1433%26spub_id%3D380317%26tag%3D8fdad2de-3690-402e-81a8-235faa1d6935%26hit_id%3D8fdad2de-3690-402e-81a8-235faa1d6935%26tp_redirect_id%3D8fdad2de-3690-402e-81a8-235faa1d6935&ref=http%3A%2F%2Finstant.resurrect.club%2Faff%2Fzbo.php%3Fbo%3D1&tiba=deinseitensprung.com&async=1&fmt=3&cdct=2&is_vtc=1&random=2671701493&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://date.deinseitensprung.com/landing/wf6000?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&spub_id=380317&tag=8fdad2de-3690-402e-81a8-235faa1d6935&hit_id=8fdad2de-3690-402e-81a8-235faa1d6935&tp_redirect_id=8fdad2de-3690-402e-81a8-235faa1d6935
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2019 02:06:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: eu-adsrv.rtbsuperhub.com
URL: https://eu-adsrv.rtbsuperhub.com/lp/?r=86455261&params=https%3A%2F%2Fdate.deinseitensprung.com%2Flanding%2Fwf6000%3Fpid%3D6034-02CA4%26zz%3Dtrue%26isAffiliate%3Dtrue%26sub%3D1433%26spub_id%3D380317%26tag%3D8fdad2de-3690-402e-81a8-235faa1d6935%26hit_id%3D8fdad2de-3690-402e-81a8-235faa1d6935%26tp_redirect_id%3D8fdad2de-3690-402e-81a8-235faa1d6935

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			instant.resurrect.club/	1970-01-19 02:18:21	Name: th_tracker Value: %7B%22sub%22%3A%2246596%22%2C%22sub2%22%3A%2246601%22%2C%22sub3%22%3A%22TI%22%2C%22sub4%22%3A%22TI%22%2C%22trans%22%3A%22TI%22%2C%22offer%22%3A%22ZS%22%2C%22loc%22%3A%22TI%22%2C%22c1%22%3A%22TI%22%2C%22extsub%22%3A%22trolleyman98%40hotmail.com%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.messageverify.club
ajax.googleapis.com
date.deinseitensprung.com
datingnowclub.appspot.com
drzen.site
eu-adsrv.rtbsuperhub.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
instant.resurrect.club
lpmedia.justservingfiles.net
maxcdn.bootstrapcdn.com
o-2494.prodtraff.com
stats.g.doubleclick.net
webfonts-cdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
eu-adsrv.rtbsuperhub.com
maxcdn.bootstrapcdn.com
172.217.16.194
209.197.3.15
217.140.66.110
2a00:1450:4001:808::2002
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:817::200a
2a00:1450:4001:819::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:820::200e
2a00:1450:4001:825::2014
2a00:1450:400c:c07::9a
3.18.227.114
35.224.148.218
64.210.142.3
64.210.142.4
69.16.175.10
79.99.237.27
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
04ba31993919023c1305651ccb3e9e5c0de988d8e9591770077c424dfdc2b9ad
0a799d5868aca297298e70253bf899cf889fb022659902f60545e808866cc01d
0d5e177b0d8a41e61be869f818eec48f3e5d9767618bcaabca838cc68910cea3
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d
194d98aa12d08fdbe5ae0d41d0b360c32818c486b0a11bd224a9d020aed2f8be
22806cbd9e7ed25785f1211ca71a9eed48ba6f9d54aa64619ad7a10879569386
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
2f9de2d06fe9217a38f67d179291933e2a1f01fc417107f888959dbee2e8b22f
3b4c45e5b12b350afe74cdd7d383ad5ffd4d5420be9fd5899e2e2fbb0a4a58ec
3c8d7f29c17a35ee7df19c118aa66bccee380a6cc63a228e35723e0900f17532
47c5947d53bbe7c1c9a2105c9a18e96d0a3b3ad48810d7a420e8f39b88ea9245
4c96027116e9c9966691bf268f80ad2a68b99bf3244fbca244d6b5bc6affbfdf
5bfe13c8c40b577826a1b7a0246d26c6084c9d6c10003196efe0cf3d582c50f1
5ea6e71031b278c3408e0051d534ac2bf7394ab518bc84624d53664b16995467
659b9d0686c8ac33abe9f9db1eb422a9cbb6638f929e6b61debf27e4a03f7bd8
70ff8791b964891b85f96f91804ad6b4f69b474374db607de36dc747eb745140
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6014378b799c5c4f2ddb26ebd2c78528976134498888ee85bb054b86025646
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87f0afa6d0b54d7bbdc45df4fa3dfaf215fa42835dfe178f10612e014a2ff754
897971a1197d814cade7753a78b66b7f550093dc2a3ce19b8fe3da06de4837df
8bcb1d5b7dc86d041b4f6e58de89ecadd65481559b688d52bcc64719aeaaf06b
94a0c58a0d45487d3d90ce2924da104b58586c4ff99a20f4b48be1d8698e3c74
986f1d40472a183b8567f9f42b0eb5fe17372ae9907407ee107751525cf77810
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a9bcb05cd390e3d71e61e9761bdf17d5354ad02fbd1655fc31bd6ff18f0bb091
af51eeadcc2d0086ea673a06a37c9ccea3845581d0e7e1f1ffec4e238ce59b36
b7f3a5cf6e07015a626b3546e6d1b7e81e04d3e8de07c20af6b293991af4307a
bd89cc94ea28adb623d34016b6189c7b3bd2a4ae14608a0b296b523da9cb5129
ca6e4dbb88f69c130c2aacece444d7e6d8d810c48c31c39b8b4d881a4114e416
d2a7d9c05f06ac26108ad4a1d09d461eca5dc05fd46e9fc101c84642087eea24
d7f914758578736082d5bf2cde51723740e9d037832ad5d124c7d59014e91e10
e86080709d842e4bb34b0c092e38c363e6f3157d7788c8fe9f6655bc724413df
eb8d127496b2cc93871ed32d006db258d419e988e2b3337c91a8a2415d2c1fff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29f65e40541e7390a5b93fd9e87a060713dae9aaa8e586d9854fda5b2888db7
f4aa3d56c97187f1eed0a4875200e6af375533e60bf2f3fedd290f656b9f04db
f7667d54b2d693c49a1d7b74d0196a549bbd4f030ff32a2d10261db5ea7de576
f95946bc7c6731f96b4d4d7be20de3208d90860a4aee73a9291184a181354ca7
fb0db0ea40bcbbbe452f1afa589b53fa000c95e53b9eef51626af74173406dcf
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

date.deinseitensprung.com Open in urlscan Pro 79.99.237.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

86 %HTTPS

53 %IPv6

18 Domains

20 Subdomains

16 IPs

4 Countries

866 kBTransfer

1194 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

date.deinseitensprung.com Open in urlscan Pro
79.99.237.27 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

86 %
HTTPS

53 %
IPv6

18
Domains

20
Subdomains

16
IPs

4
Countries

866 kB
Transfer

1194 kB
Size

1
Cookies

50 HTTP transactions
0 data transactions