urlscan.io logo urlscan.io
SecurityTrails logo

t49.nemflirt.dk Open in urlscan Pro
104.21.92.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
Effective URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc16...
Submission: On April 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 16 domains to perform 21 HTTP transactions. The main IP is 104.21.92.211, located in United States and belongs to CLOUDFLARENET, US. The main domain is t49.nemflirt.dk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2020. Valid for: a year.
This is the only time t49.nemflirt.dk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.255.119.154 22612 (NAMECHEAP...)
2 2 107.178.252.101 15169 (GOOGLE)
1 2 2a05:d018:e36... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 1 194.116.150.218 44949 (GIGACODES-AS)
3 3 18.195.149.11 16509 (AMAZON-02)
1 99.84.156.52 16509 (AMAZON-02)
2 205.185.216.10 20446 (HIGHWINDS3)
1 13.224.193.124 16509 (AMAZON-02)
1 2 128.0.45.252 60657 (CAPITAL-F...)
1 5 104.21.92.211 13335 (CLOUDFLAR...)
5 151.139.237.33 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
1 162.247.243.147 23467 (NEWRELIC-...)
21 12
1    162.255.119.154 (United States)

ASN22612 (NAMECHEAP-NET, US)
xizd7wsry6lljkusfrcu.site
2    107.178.252.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.252.178.107.bc.googleusercontent.com
www.a8a8altrk.com
2    2a05:d018:e36:3930:6555:77e3:c5e3:fc88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
securecloud-slnd.com
1    2a05:d018:483:6120:97d8:afe1:e21b:e9ef (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gdmconvtrck.com
1    194.116.150.218 (Switzerland)

ASN44949 (GIGACODES-AS, DE)
PTR: wazazu.com
www.wazazu.com
3    18.195.149.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com
track.lobby-x.eu
a.vfgtg.com
1    99.84.156.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-52.txl52.r.cloudfront.net
t.adating.link
2    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
ckstatic.com
1    13.224.193.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-124.fra2.r.cloudfront.net
s.aslnk.link
2    128.0.45.252 (Germany)

ASN60657 (CAPITAL-FINANCIAL-AS Str. Sfanta Vineri nr. 25 Bloc 105 C, Parter, RO)
dlvr.xcash.com
5    104.21.92.211 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.nemflirt.dk
t49.nemflirt.dk
5    151.139.237.33 (United States)

ASN33438 (HIGHWINDS2, US)
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
Domain Requested by
4 static-01-2ug82pacs7u3bksy.netdna-ssl.com t49.nemflirt.dk
static-01-2ug82pacs7u3bksy.netdna-ssl.com
4 t49.nemflirt.dk dlvr.xcash.com
t49.nemflirt.dk
2 www.google-analytics.com t49.nemflirt.dk
www.google-analytics.com
2 dlvr.xcash.com 1 redirects s.aslnk.link
2 a.vfgtg.com 2 redirects
2 ckstatic.com t.adating.link
s.aslnk.link
2 securecloud-slnd.com 1 redirects
2 www.a8a8altrk.com 2 redirects
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com t49.nemflirt.dk
1 static-03-2ug82pacs7u3bksy.netdna-ssl.com t49.nemflirt.dk
1 trk.nemflirt.dk 1 redirects
1 s.aslnk.link t.adating.link
1 t.adating.link gdmconvtrck.com
1 track.lobby-x.eu 1 redirects
1 www.wazazu.com 1 redirects
1 gdmconvtrck.com securecloud-slnd.com
1 xizd7wsry6lljkusfrcu.site 1 redirects
21 18

This site contains links to these domains. Also see Links.

Domain
nemflirt.dk
support.nemflirt.dk
Subject Issuer Validity Valid
securecd-smrtnd.com
Amazon		 2020-06-02 -
2021-07-02		 a year crt.sh
gdmconvtrck.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
*.ajrkm.link
Amazon		 2020-07-29 -
2021-08-29		 a year crt.sh
ckstatic.com
R3		 2021-02-01 -
2021-05-02		 3 months crt.sh
dlvr.xcash.com
R3		 2021-02-21 -
2021-05-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-09 -
2021-08-09		 a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-18		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Frame ID: B735B6AB9D86BECD4439725A093A7613
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L HTTP 302
    https://www.a8a8altrk.com/85SPX7/3KFTN82/&zxP2ssUayL&uBom73L?sub1=MT15_V2 HTTP 302
    https://www.a8a8altrk.com/85SPX7/39B4RJG/?__rpt=0&__po=1461&__ptid=895ab4555a574540934f2e25e2e8b711&__... HTTP 302
    https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3= Page URL
  2. https://securecloud-slnd.com/?a=129806&c=240830&oc=127339&sr=t&rc=1_0&s1=158&s2=84fc0ac24e8e40559e601ff74... HTTP 302
    https://www.wazazu.com/Smartlink/Dating?w=33001&ws=exdsmtlk.rot_129806&wt=6cd24a0b51bf44398be829e61... HTTP 307
    https://track.lobby-x.eu/9396957d-42ca-4874-a13f-f5991bc5524f?adtv=11136.114_4560b3_6ca16&w=33001&ws=... HTTP 302
    https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source... Page URL
  3. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=whsg1ue6pinv1it6i25kk6do;9396957... HTTP 302
    https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=whsg1ue6pinv1it6i25kk6do%3B93969... HTTP 302
    https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42... Page URL
  4. https://dlvr.xcash.com/38104?subaffiliate_id=170909&session_id=1020be1781f958ebf432012e6c65e3&exter... HTTP 302
    https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26... Page URL
  5. https://trk.nemflirt.dk/a/ff0049/?promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keywo... HTTP 302
    https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&k... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

95 %
HTTPS

20 %
IPv6

16
Domains

18
Subdomains

12
IPs

4
Countries

948 kB
Transfer

1462 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L HTTP 302
    https://www.a8a8altrk.com/85SPX7/3KFTN82/&zxP2ssUayL&uBom73L?sub1=MT15_V2 HTTP 302
    https://www.a8a8altrk.com/85SPX7/39B4RJG/?__rpt=0&__po=1461&__ptid=895ab4555a574540934f2e25e2e8b711&__rpa=0&__rc=1&sub1=MT15_V2&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3= Page URL
  2. https://securecloud-slnd.com/?a=129806&c=240830&oc=127339&sr=t&rc=1_0&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&vt=1618453985703&h=4aa3531010ec0887e6c035e8c2d9a81db3aa6996&req=https%3A%2F%2Fsecurecloud-slnd.com%2Fsmartlink%2F%3Fa%3D129806%26sm%3D6851%26mt%3D3%26s1%3D158%26s2%3D84fc0ac24e8e40559e601ff744f4e0ab%26s3%3D&mt=3&sip=2a01:4f8:192:5414::2&svi=c8badfa42b324ca4adea2c975c74b8e8_1618453985703_8_6851_-1_-2_-5_110229_1122&o=92301&dl=t&us=372a2d032bdb4493988a72f233369930 HTTP 302
    https://www.wazazu.com/Smartlink/Dating?w=33001&ws=exdsmtlk.rot_129806&wt=6cd24a0b51bf44398be829e61f59d2101688d HTTP 307
    https://track.lobby-x.eu/9396957d-42ca-4874-a13f-f5991bc5524f?adtv=11136.114_4560b3_6ca16&w=33001&ws=exdsmtlk.rot_129806&wt=6cd24a0b51bf44398be829e61f59d2101688d&referer=https%3A%2F%2Fsecurecloud-slnd.com%2F HTTP 302
    https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001 Page URL
  3. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=whsg1ue6pinv1it6i25kk6do;9396957d-42ca-4874-a13f-f5991bc5524f&affiliateID=44542&source=1025ea1993d9da674e8fcb8284ffa8&subID2=165150&s2=1025ea1993d9da674e8fcb8284ffa8&s3=whsg1ue6pinv1it6i25kk6do;9396957d-42ca-4874-a13f-f5991bc5524f&s4=165150&url=1&Target=Default&affsub=whsg1ue6pinv1it6i25kk6do&affsource=9396957d-42ca-4874-a13f-f5991bc5524f HTTP 302
    https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&affiliateID=170909&source=1025ea1993d9da674e8fcb8284ffa8&subID2=165150&Target=Default&Site=&Bnr=&cid=wlnjuvkghh9ifit629ruiuec HTTP 302
    https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674e8fcb8284ffa8&nopop=1&bo=2753,2754,2755,2756 Page URL
  4. https://dlvr.xcash.com/38104?subaffiliate_id=170909&session_id=1020be1781f958ebf432012e6c65e3&external_campaign_id=1025ea1993d9da674e8fcb8284ffa8165150 HTTP 302
    https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D170909%26session_id%3D1020be1781f958ebf432012e6c65e3%26external_campaign_id%3D1025ea1993d9da674e8fcb8284ffa8165150%26tt%3D1 Page URL
  5. https://trk.nemflirt.dk/a/ff0049/?promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel= HTTP 302
    https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L HTTP 302
  • https://www.a8a8altrk.com/85SPX7/3KFTN82/&zxP2ssUayL&uBom73L?sub1=MT15_V2 HTTP 302
  • https://www.a8a8altrk.com/85SPX7/39B4RJG/?__rpt=0&__po=1461&__ptid=895ab4555a574540934f2e25e2e8b711&__rpa=0&__rc=1&sub1=MT15_V2&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
  • https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3=
Request Chain 2
  • https://securecloud-slnd.com/?a=129806&c=240830&oc=127339&sr=t&rc=1_0&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&vt=1618453985703&h=4aa3531010ec0887e6c035e8c2d9a81db3aa6996&req=https%3A%2F%2Fsecurecloud-slnd.com%2Fsmartlink%2F%3Fa%3D129806%26sm%3D6851%26mt%3D3%26s1%3D158%26s2%3D84fc0ac24e8e40559e601ff744f4e0ab%26s3%3D&mt=3&sip=2a01:4f8:192:5414::2&svi=c8badfa42b324ca4adea2c975c74b8e8_1618453985703_8_6851_-1_-2_-5_110229_1122&o=92301&dl=t&us=372a2d032bdb4493988a72f233369930 HTTP 302
  • https://www.wazazu.com/Smartlink/Dating?w=33001&ws=exdsmtlk.rot_129806&wt=6cd24a0b51bf44398be829e61f59d2101688d HTTP 307
  • https://track.lobby-x.eu/9396957d-42ca-4874-a13f-f5991bc5524f?adtv=11136.114_4560b3_6ca16&w=33001&ws=exdsmtlk.rot_129806&wt=6cd24a0b51bf44398be829e61f59d2101688d&referer=https%3A%2F%2Fsecurecloud-slnd.com%2F HTTP 302
  • https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001
Request Chain 4
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=whsg1ue6pinv1it6i25kk6do;9396957d-42ca-4874-a13f-f5991bc5524f&affiliateID=44542&source=1025ea1993d9da674e8fcb8284ffa8&subID2=165150&s2=1025ea1993d9da674e8fcb8284ffa8&s3=whsg1ue6pinv1it6i25kk6do;9396957d-42ca-4874-a13f-f5991bc5524f&s4=165150&url=1&Target=Default&affsub=whsg1ue6pinv1it6i25kk6do&affsource=9396957d-42ca-4874-a13f-f5991bc5524f HTTP 302
  • https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&affiliateID=170909&source=1025ea1993d9da674e8fcb8284ffa8&subID2=165150&Target=Default&Site=&Bnr=&cid=wlnjuvkghh9ifit629ruiuec HTTP 302
  • https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674e8fcb8284ffa8&nopop=1&bo=2753,2754,2755,2756
Request Chain 6
  • https://dlvr.xcash.com/38104?subaffiliate_id=170909&session_id=1020be1781f958ebf432012e6c65e3&external_campaign_id=1025ea1993d9da674e8fcb8284ffa8165150 HTTP 302
  • https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D170909%26session_id%3D1020be1781f958ebf432012e6c65e3%26external_campaign_id%3D1025ea1993d9da674e8fcb8284ffa8165150%26tt%3D1

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
securecloud-slnd.com/smartlink/
Redirect Chain
  • http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
  • https://www.a8a8altrk.com/85SPX7/3KFTN82/&zxP2ssUayL&uBom73L?sub1=MT15_V2
  • https://www.a8a8altrk.com/85SPX7/39B4RJG/?__rpt=0&__po=1461&__ptid=895ab4555a574540934f2e25e2e8b711&__rpa=0&__rc=1&sub1=MT15_V2&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
  • https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:e36:3930:6555:77e3:c5e3:fc88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b2a51c9e111b604c5512a34a94a3fd680b0df8b03fc9c245f580051a4f5bc32

Request headers

:method
GET
:authority
securecloud-slnd.com
:scheme
https
:path
/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L

Response headers

date
Thu, 15 Apr 2021 02:33:05 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding
gzip

Redirect headers

server
nginx
date
Thu, 15 Apr 2021 02:33:05 GMT
content-type
text/html; charset=utf-8
content-length
151
location
https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3=
set-cookie
uniqueClick_39B4RJG=e8a0660d-fa64-4db5-8a13-c44bd29b1749:1618453985; Path=/; Expires=Sat, 15 May 2021 02:33:05 GMT; Secure; SameSite=None transaction_id=84fc0ac24e8e40559e601ff744f4e0ab; Path=/; Expires=Wed, 14 Jul 2021 02:33:05 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
1aed2d75-0cd4-4538-b627-4c6a3fca382d
via
1.1 google
alt-svc
clear
user
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdmconvtrck.com/user?a=129806&c=240830
Requested by
Host: securecloud-slnd.com
URL: https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6120:97d8:afe1:e21b:e9ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c305804f509d6d3fca8f562c52c7e3b5fdec4c70d311e6f3bc8a3b68334914a1

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 02:33:05 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*, *
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires
Sat, 1 May 2020 12:00:00 GMT
0
t.adating.link/165150/3785/
Redirect Chain
  • https://securecloud-slnd.com/?a=129806&c=240830&oc=127339&sr=t&rc=1_0&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&vt=1618453985703&h=4aa3531010ec0887e6c035e8c2d9a81db3aa6996&req=https%3A%2F%2Fsecure...
  • https://www.wazazu.com/Smartlink/Dating?w=33001&ws=exdsmtlk.rot_129806&wt=6cd24a0b51bf44398be829e61f59d2101688d
  • https://track.lobby-x.eu/9396957d-42ca-4874-a13f-f5991bc5524f?adtv=11136.114_4560b3_6ca16&w=33001&ws=exdsmtlk.rot_129806&wt=6cd24a0b51bf44398be829e61f59d2101688d&referer=https%3A%2F%2Fsecurecloud-s...
  • https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/user?a=129806&c=240830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-52.txl52.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
6b127945c37fc107637cfc74b48f7d71bbf60c7d9d19d5574b90f79942a87dae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
t.adating.link
:scheme
https
:path
/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://securecloud-slnd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
Referer
https://securecloud-slnd.com/smartlink/?a=129806&sm=6851&mt=3&s1=158&s2=84fc0ac24e8e40559e601ff744f4e0ab&s3=

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.19.0
date
Thu, 15 Apr 2021 02:33:06 GMT
vary
Accept-Encoding
set-cookie
enc_aff_session_3785=ENC03e290549e61a531c879c9c53591bc1b68538a4888650b122f1248aed0cc9eaca7bc0c5514ef84c3965af1f12b91fefd1cbcafc281309016b2bdd1ce80b9691293da0eb0abde9399ef7560d5a03311e563b849ef92a6dae79df9ead59ddde866346c78457ce106792665dea63e2906826d1878366e060a196130c86345e248558f8f6cb630eb778f0d93e20f2acc70788e1bc66efd374a922641af290022e033e50389a7218ae318bcddcc52710cd726fe9c2316836ffced82927d2fef87e985d9d10bdcf1fced0202fda2df7d916b764571f13e92e9f14b7d7f05bf38c4d3ee58177990be; Path=/; Expires=Sat, 15 Apr 2023 02:33:06 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiTWFjIE9TIFgiLCJtb2JpbGVfb3NfdmVyc2lvbiI6IjEwLjExIiwibW9iaWxlX2RldmljZV9tb2RlbCI6IlNhZmFyaSIsIm1vYmlsZV9kZXZpY2VfYnJhbmQiOiJBcHBsZSIsIm1vYmlsZV9icm93c2VyIjoiU2FmYXJpIiwibW9iaWxlX2Jyb3dzZXJfdmVyc2lvbiI6IjEwLjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTJfMikgQXBwbGVXZWJLaXQvNjAyLjMuMTIgKEtIVE1MLCBMaWtlIEdlY2tvKSBWZXJzaW9uLzEwLjAuMiBTYWZhcmkvNjAyLjMuMTIiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D; Path=/; Expires=Sat, 09 Mar 2024 13:13:06 GMT; Secure
tracking_id
1025ea1993d9da674e8fcb8284ffa8
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 21b99afa310f2ff34977f80506fb1672.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
isLuPhJ-PfM0rbgCy3z49sy3BZqmJ5owx5quuV78qNNwJNN0rqJarg==

Redirect headers

Server
nginx
Date
Thu, 15 Apr 2021 02:33:06 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001
Pragma
no-cache
Set-Cookie
9396957d-42ca-4874-a13f-f5991bc5524f-v4=9396957d-42ca-4874-a13f-f5991bc5524f; Max-Age=86400; Expires=Fri, 16-Apr-2021 02:33:06 GMT; Domain=track.lobby-x.eu; Path=/; Secure; HttpOnly;SameSite=None cc-v4=ucYt%2F5JDfeg9QuvOyiAL4myT%2Fei3zHRPf%2Ba3EFZPOAPr878XXFjgrZXg3PhAnyptNN1y2mhb%2BPqG7Qf33SPbq3ZqMLAWhFduxovWo4Sg%2FD%2BznXerDoej3K%2FeqxoKJLG4w9l09j2LLL48h%2Byb7OXNTw%3D%3D; Max-Age=31536000; Expires=Fri, 15-Apr-2022 02:33:06 GMT; Domain=track.lobby-x.eu; Path=/; Secure; HttpOnly;SameSite=None
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: t.adating.link
URL: https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

Date
Thu, 15 Apr 2021 02:33:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 12:45:10 GMT
ETag
"1607431510"
X-HW
1618453986.dop069.sk1.t,1618453987.cds202.sk1.shn,1618453987.dop069.sk1.t,1618453987.cds218.sk1.c
Content-Type
text/javascript
Cache-Control
public, max-age=2629
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
/
s.aslnk.link/5wszez6v7k/170909/7585/24589/
Redirect Chain
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=whsg1ue6pinv1it6i25kk6do;9396957d-42ca-4874-a13f-f5991bc5524f&affiliateID=44542&source=1025ea1993d9da674e8fcb8284ffa8&subID2=165150&s...
  • https://a.vfgtg.com/9145a0cd-681c-4a6f-a536-3c2c593fbc74?subID1=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&affiliateID=170909&source=1025ea1993d9da674e8fcb8284ffa8&subID2=16515...
  • https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674e8fcb8284ffa8&nopop=1&bo=2753,2754,2755,2756
Requested by
Host: t.adating.link
URL: https://t.adating.link/165150/3785/0?aff_sub=whsg1ue6pinv1it6i25kk6do&bo=2753,2754,2755,2756&source=9396957d-42ca-4874-a13f-f5991bc5524f&po=6456&aff_sub2=33001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-124.fra2.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
8c1b19d8d2fbf4a652b181b4b42a4d20d0352758a69cd27bfabe099a9d59f566
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s.aslnk.link
:scheme
https
:path
/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674e8fcb8284ffa8&nopop=1&bo=2753,2754,2755,2756
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.adating.link/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
Referer
https://t.adating.link/165150/2753?po=6456&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=whsg1ue6pinv1it6i25kk6do&aff_sub2=33001&source=9396957d-42ca-4874-a13f-f5991bc5524f

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.19.0
date
Thu, 15 Apr 2021 02:33:07 GMT
vary
Accept-Encoding
set-cookie
aff_ran_url_7585=24589; Path=/; Expires=Fri, 16 Apr 2021 02:33:07 GMT; Secure enc_aff_session_7585=ENC03bd874b761e17582772221d56fee3ba3d9baa4d131998113dc7637f0b78a5fb34ac0a585f6c50058a2ba3fe08440039465b51c883861cebdfbb57ff30ab6a3b5b912827afe1d6ad1399e87d403895f8e425560e2716a15203e3f445bc47f5f7b4c9ae9692def73699f8fdeb3ec816a3a106d80cdede413f1c7594ac78c151003006677e788d3e1f64fc38e11525998ad22bb72b8e073bffdf53e779bb24e17418d22b35166abef416525159caabf20dfa753a55322b769845b190ad68b7733d4082194d1352e7915f353d4069e3cd029c490b4522f25280c9f710169c23558152790cd5d229067ed31da120e3a771bb8f4541656e40cb3822ebc81bb2576827a813080396; Path=/; Expires=Sat, 15 Apr 2023 02:33:07 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiTWFjIE9TIFgiLCJtb2JpbGVfb3NfdmVyc2lvbiI6IjEwLjExIiwibW9iaWxlX2RldmljZV9tb2RlbCI6IlNhZmFyaSIsIm1vYmlsZV9kZXZpY2VfYnJhbmQiOiJBcHBsZSIsIm1vYmlsZV9icm93c2VyIjoiU2FmYXJpIiwibW9iaWxlX2Jyb3dzZXJfdmVyc2lvbiI6IjEwLjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTJfMikgQXBwbGVXZWJLaXQvNjAyLjMuMTIgKEtIVE1MLCBMaWtlIEdlY2tvKSBWZXJzaW9uLzEwLjAuMiBTYWZhcmkvNjAyLjMuMTIiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D; Path=/; Expires=Sat, 09 Mar 2024 13:13:07 GMT; Secure
tracking_id
1020be1781f958ebf432012e6c65e3
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ZVawiioKmmiejwd5aeAtyOLlTNYRSr_2CAomx0Zy98dLUUs_IKAt1g==

Redirect headers

Server
nginx
Date
Thu, 15 Apr 2021 02:33:07 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674e8fcb8284ffa8&nopop=1&bo=2753,2754,2755,2756
Pragma
no-cache
Set-Cookie
9145a0cd-681c-4a6f-a536-3c2c593fbc74-v4=9145a0cd-681c-4a6f-a536-3c2c593fbc74; Max-Age=86400; Expires=Fri, 16-Apr-2021 02:33:07 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=cEqIbLTiwE3rQZjG15HoMSIVgxg%2FwJb1RdRJzxEL%2B3ebnlT28rP7Lr1bVJyehg294atA6jEZQMlcYupQmI9KoAgwHiWZUY1%2BRNROmL6k%2FaECPyfgTaA5L3x6Gbix%2FPRAXQMGCGwJjea9DOcaiW0FvA%3D%3D; Max-Age=31536000; Expires=Fri, 15-Apr-2022 02:33:07 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674e8fcb8284ffa8&nopop=1&bo=2753,2754,2755,2756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

Date
Thu, 15 Apr 2021 02:33:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 12:45:10 GMT
ETag
"1607431510"
X-HW
1618453986.dop069.sk1.t,1618453987.cds202.sk1.shn,1618453987.dop069.sk1.t,1618453987.cds218.sk1.c
Content-Type
text/javascript
Cache-Control
public, max-age=2629
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
r
dlvr.xcash.com/
Redirect Chain
  • https://dlvr.xcash.com/38104?subaffiliate_id=170909&session_id=1020be1781f958ebf432012e6c65e3&external_campaign_id=1025ea1993d9da674e8fcb8284ffa8165150
  • https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf...
1 KB
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D170909%26session_id%3D1020be1781f958ebf432012e6c65e3%26external_campaign_id%3D1025ea1993d9da674e8fcb8284ffa8165150%26tt%3D1
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/170909/7585/24589/?aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&aff_sub3=whsg1ue6pinv1it62uqo2i4e&source=1025ea1993d9da674e8fcb8284ffa8&nopop=1&bo=2753,2754,2755,2756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.0.45.252 , Germany, ASN60657 (CAPITAL-FINANCIAL-AS Str. Sfanta Vineri nr. 25 Bloc 105 C, Parter, RO),
Reverse DNS
Software
openresty/1.19.3.1 / HHVM/3.11.1
Resource Hash
b8570c50a110bfded14068b79f3ffedbd3ad948bd78f55f454493d118ab366af

Request headers

:method
GET
:authority
dlvr.xcash.com
:scheme
https
:path
/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D170909%26session_id%3D1020be1781f958ebf432012e6c65e3%26external_campaign_id%3D1025ea1993d9da674e8fcb8284ffa8165150%26tt%3D1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://s.aslnk.link/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
51D_Bandwidth=1618453988.1778; ubbc=eyJpdiI6IkZzUHpOcGQxOXpWV0pieWsrWitaZXc9PSIsInZhbHVlIjoiOGE4XC9ObkY0SGdhUVBpejd0c3l2N3c9PSIsIm1hYyI6ImUwMGU2MWJhOTQ3OTEyYThjZmUyYTFmMmQ4ZWY2NTZkZjkzYThmMmU3Y2U0M2EyZTJiNzMzYTcwZGJkNjZhYTYifQ%3D%3D; bbuc=eyJpdiI6Ikh3S1ZEZVdhZUx2NGhmTVwvVEhudHlBPT0iLCJ2YWx1ZSI6InR4N3gyN2UyaWg0eWtpT3pJcFRiK0o2TVFyQmZwREh0cDllSjlwOUlRTlU9IiwibWFjIjoiZDlkODM2NTlhZDI5NDU4ZjY0MDU5MWYyOWM1N2JiZmVhZDJjYzMyNDBjMDQ2NmU4MDBlMGFjOWNiM2UxNTg2ZSJ9; bbrc=eyJpdiI6IjhiXC9yUCszbXg5c2xIY2xlNHFBRStBPT0iLCJ2YWx1ZSI6Ilo3ejRTZ3lISDdDSE12ait3dWRRNXc9PSIsIm1hYyI6IjFkMDdlN2RiN2E1MmI2MWExZTYzYTM0MDRjODU0YjhiNmNiZTI3YjFkMGVhNDQ1YzhmYjk2ZjY3NTRkZGI4YzYifQ%3D%3D; laravel_session=eyJpdiI6IkkyZW5CMWFuT0Yya0lSaXpNVFJhQUE9PSIsInZhbHVlIjoiME1qY0xhRXpsY1NJcnBPeXE0XC81NEZ2ZXN3NTFwNVhNY3lUc2VzdGE5b3BoYXEyWXhiQUJ2M1JvQ2I5R1ZidytDTjdmamplQmtWYkVhbFREZ09temd3PT0iLCJtYWMiOiJlMzdlMDk3ZDUzNTVkY2JhZGQ5ZGZlMjVmOWYzOGI2MWEzN2Q2N2I4NGZjMGQwM2MyNWIwNjE2MzMyNmRhMDQ0In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
Referer
https://s.aslnk.link/170909/2753?aff_sub3=whsg1ue6pinv1it62uqo2i4e&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=whsg1ue6pinv1it6i25kk6do%3B9396957d-42ca-4874-a13f-f5991bc5524f&aff_sub2=165150&source=1025ea1993d9da674e8fcb8284ffa8

Response headers

server
openresty/1.19.3.1
content-type
text/html; charset=UTF-8
set-cookie
laravel_session=eyJpdiI6IjJhYThvMG9MNUZ1aEdiUVdjRnRQVFE9PSIsInZhbHVlIjoiWE1GeW5kRWtlZmw3NnMrWitPaWRqdkhQa0NEWmZRNmJza0t1VzFHRDFJMDBIbzF3ODRZUWpmdDI2Nnk2bkFBWWxsWEp5WjBoOUN0Wjd5aEVmNm81NHc9PSIsIm1hYyI6IjUwZThiOTFiZTZjNjJmOTRlOTBjZjY4NjYyZGZlNTA0OTRlNWNkMzBjNzVhOTJmNjJmMjIyMDU0MmQ3ZTJiZDkifQ%3D%3D; path=/; httponly
x-powered-by
HHVM/3.11.1
content-encoding
gzip
vary
Accept-Encoding
date
Thu, 15 Apr 2021 02:33:08 GMT
cache-control
no-cache

Redirect headers

server
openresty/1.19.3.1
content-type
text/html; charset=UTF-8
location
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D170909%26session_id%3D1020be1781f958ebf432012e6c65e3%26external_campaign_id%3D1025ea1993d9da674e8fcb8284ffa8165150%26tt%3D1
set-cookie
51D_Bandwidth=1618453988.1778 ubbc=eyJpdiI6IkZzUHpOcGQxOXpWV0pieWsrWitaZXc9PSIsInZhbHVlIjoiOGE4XC9ObkY0SGdhUVBpejd0c3l2N3c9PSIsIm1hYyI6ImUwMGU2MWJhOTQ3OTEyYThjZmUyYTFmMmQ4ZWY2NTZkZjkzYThmMmU3Y2U0M2EyZTJiNzMzYTcwZGJkNjZhYTYifQ%3D%3D; expires=Fri, 16-Apr-2021 02:33:08 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6Ikh3S1ZEZVdhZUx2NGhmTVwvVEhudHlBPT0iLCJ2YWx1ZSI6InR4N3gyN2UyaWg0eWtpT3pJcFRiK0o2TVFyQmZwREh0cDllSjlwOUlRTlU9IiwibWFjIjoiZDlkODM2NTlhZDI5NDU4ZjY0MDU5MWYyOWM1N2JiZmVhZDJjYzMyNDBjMDQ2NmU4MDBlMGFjOWNiM2UxNTg2ZSJ9; expires=Fri, 16-Apr-2021 02:33:08 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6IjhiXC9yUCszbXg5c2xIY2xlNHFBRStBPT0iLCJ2YWx1ZSI6Ilo3ejRTZ3lISDdDSE12ait3dWRRNXc9PSIsIm1hYyI6IjFkMDdlN2RiN2E1MmI2MWExZTYzYTM0MDRjODU0YjhiNmNiZTI3YjFkMGVhNDQ1YzhmYjk2ZjY3NTRkZGI4YzYifQ%3D%3D; expires=Thu, 15-Apr-2021 09:33:08 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6IkkyZW5CMWFuT0Yya0lSaXpNVFJhQUE9PSIsInZhbHVlIjoiME1qY0xhRXpsY1NJcnBPeXE0XC81NEZ2ZXN3NTFwNVhNY3lUc2VzdGE5b3BoYXEyWXhiQUJ2M1JvQ2I5R1ZidytDTjdmamplQmtWYkVhbFREZ09temd3PT0iLCJtYWMiOiJlMzdlMDk3ZDUzNTVkY2JhZGQ5ZGZlMjVmOWYzOGI2MWEzN2Q2N2I4NGZjMGQwM2MyNWIwNjE2MzMyNmRhMDQ0In0%3D; path=/; httponly
cache-control
no-cache
vary
Accept-Encoding
date
Thu, 15 Apr 2021 02:33:08 GMT
x-powered-by
HHVM/3.11.1
content-encoding
gzip
Primary Request /
t49.nemflirt.dk/
Redirect Chain
  • https://trk.nemflirt.dk/a/ff0049/?promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pi...
  • https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&f...
42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Requested by
Host: dlvr.xcash.com
URL: https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D170909%26session_id%3D1020be1781f958ebf432012e6c65e3%26external_campaign_id%3D1025ea1993d9da674e8fcb8284ffa8165150%26tt%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dbcef729b41fd90060896ad38a2c8e4ddd1aa2b948b469d248eaf467218d50b

Request headers

:method
GET
:authority
t49.nemflirt.dk
:scheme
https
:path
/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://dlvr.xcash.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d8871e56f5722ee1236deea9a644dee921618453988
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
Referer
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D170909%26session_id%3D1020be1781f958ebf432012e6c65e3%26external_campaign_id%3D1025ea1993d9da674e8fcb8284ffa8165150%26tt%3D1

Response headers

date
Thu, 15 Apr 2021 02:33:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=0h06qffmgdkmch0usgkk9ebas2; path=/; domain=nemflirt.dk remember_me=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=t49.nemflirt.dk pc_aff=fMmJTvim4cK7AtEeAgNNlokWmP_bQOKsghC7ChJjy5bT88XvPZS8mwjGKeD_wmiQUOqgeLBCWzKW_hfdOxG3XZLiXQKmTVgTGd-zBJn0unIq_uwAc6vQwjwdx2Ultte6HZs5JvHhRcZWeKzAwr-2sxvwKeg9UkfJ_czpqcMglKck8BZdixJj_GdQcvfGxM1gZDDsB6XB8xhZ9jtFI94vGfEav1859jM-7pGKz8OP27xpjIeqRTkxQN7c2uGxnR7fpVw95KeJNxIh87tnlCatW2gb_Boj3N0uGRE7nMaKa6aMGuNZwufkvmfv1Sg34VXCmlDhgEdoRhdR7YpIBD5TOQ; expires=Sat, 15-May-2021 02:33:08 GMT; Max-Age=2592000; path=/; domain=nemflirt.dk promo_code=102872; expires=Sat, 15-May-2021 02:33:08 GMT; Max-Age=2592000; path=/; domain=t49.nemflirt.dk ev=xc161845398856b186077a5e43cf59850857438; expires=Sat, 15-May-2021 02:33:08 GMT; Max-Age=2592000; path=/; domain=t49.nemflirt.dk keyword=135; expires=Sat, 15-May-2021 02:33:08 GMT; Max-Age=2592000; path=/; domain=t49.nemflirt.dk APPID=promo SERVERID=wbs03; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0974f91d410000d88533388000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X267cVBFgEoswwOK3hrbfFFkrLeoWHquvLSVvJsJMgNcIfmQ2xUiM1aapsD0fI1Yivh6KSGZuhkqIG8hyTMOVUYGjjm76H4N8JQBlkgqt8Y%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6401c475391ad885-CPH
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 15 Apr 2021 02:33:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8871e56f5722ee1236deea9a644dee921618453988; expires=Sat, 15-May-21 02:33:08 GMT; path=/; domain=.nemflirt.dk; HttpOnly; SameSite=Lax SERVERID=wbs04; path=/
location
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
cf-cache-status
DYNAMIC
cf-request-id
0974f91ce10000d88543112000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mvpPoBhiH3iETRalgMIvjLsbXLVZh843E1z7VlfqIsF%2FhwWvpNRIKRsG0QTr%2BWRsNUXnGT2WTvG9uenntNAU5rBELU5uGZWAdjN6eYoEfi8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6401c47498e6d885-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
landing0039.css
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.145.0.master.20210413094526
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2fadd4d6b5e5d6c6e7b5fe992e919e81abd2f8b563c9bbe08ea9260ca0410453

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6
cf-polished
origSize=53141
x-cache
HIT
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096bd041c2000027c09d894000000001
last-modified
Tue, 13 Apr 2021 07:51:11 GMT
server
NetDNA-cache/2.2
etag
W/"60754d6f-cf95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jTsgiCcKuhBUvZPPQaBwmtv7yYnsBcl7SKfaBYwNLJkENFzZs%2BuVMS04NFcM1n3RuFotWtmGb3AoFnWncl4%2F6P3YvAIw2jFh7BcrZRqP"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
max-age=2592000
cf-ray
63f31caf9d2427c0-PRG
expires
Thu, 13 May 2021 07:49:39 GMT
config.js
t49.nemflirt.dk/js/dist/ 		2 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/js/dist/config.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b5982e688575e2f83145319da449a31bd3172c113c775c3a9a774b7ffe7783

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0974f91ea30000d88529be7000000001
last-modified
Tue, 13 Apr 2021 07:44:19 GMT
server
cloudflare
etag
W/"60754bd3-791"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hWLHNwAh%2FlbhFzluF7BN5wYlQoFOM01kUFS0d5Y%2FSxE%2BiUorjfyaA7r1RV3RXiBTnWwpyh126j7efdxvbK73SQ6EB7ZN1Be99ML8e%2BF5rPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
6401c4776a0dd885-CPH
expires
Sat, 15 May 2021 02:33:09 GMT
require.js
t49.nemflirt.dk/node_modules/requirejs/ 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/node_modules/requirejs/require.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0974f91ea30000d8856c0fc000000001
last-modified
Mon, 27 Aug 2018 06:00:39 GMT
server
cloudflare
etag
W/"5b839387-151d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aftdon9mFX0NPK2uaqJ7NEbaJfbLIHiHcDtyWlthWyB%2F3puDmtPuaD6gdWh6NcSYD97RIOZPmDtz%2BInZWrnwx%2FYV9C2ax%2BifuoU2UaTmbUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
6401c4776a11d885-CPH
expires
Sat, 15 May 2021 02:33:09 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
5995
date
Thu, 15 Apr 2021 00:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 15 Apr 2021 02:53:14 GMT
bg_1.jpg
static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0039/ 		617 KB
618 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0039/bg_1.jpg?v=2.145.0.master.20210413094526
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
584fe4084789f308d4adf54b2a54cc573e83b5f79f6f7aa091366c85e373d4bb

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4
x-cache
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
631815
cf-request-id
096bd04272000041192187d000000001
last-modified
Thu, 31 Oct 2019 07:15:46 GMT
server
NetDNA-cache/2.2
etag
"5dba8a22-9a407"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9d%2FgHhaa%2Bhzb%2FhXI2m03ukVgDtsjYzgNKFXxhPVE85qwQnoMH2%2F1uSJv6V0DMLBhCb3qeuD6nFtjs735v2PvSFYUtr%2BQZkwQBN6fNgTU"}],"max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
63f31cb0bc584119-PRG
heading_triangle.svg
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/img/landing0039/ 		460 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/img/landing0039/heading_triangle.svg
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.145.0.master.20210413094526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
15c670d38e8f4583cd5e4bd50023c75c15eecb4ec214e36ccdf1082ee4ba668f

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 07 Apr 2021 11:32:38 GMT
server
NetDNA-cache/2.2
etag
W/"606d9856-1cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PXTmnyCoCYiyx6k6Cv2Hbyk91u7lYPdZtAI14rnsXW4KVByk050DuWX1WlwDMGac9VMMqHBkQ3k%2FqWXzizBM0G90ZgBS%2BVr1whDMYW5P"}],"max_age":604800}
content-type
image/svg+xml
nel
{"max_age":604800,"report_to":"cf-nel"}
x-cache
HIT
cf-ray
63cbd990dac7410e-PRG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0953464e850000410e449ca000000001
OpenSans-Bold.woff
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/OpenSans-Bold.woff
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.145.0.master.20210413094526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0a4d3ba79d0dac0d8b7b4f2571e5f10b6accbac2e29f6cd792483bf2984196e2

Request headers

Origin
https://t49.nemflirt.dk
Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70188
cf-request-id
092f3965a60000f9ce0f303000000001
last-modified
Tue, 30 Mar 2021 11:01:30 GMT
server
NetDNA-cache/2.2
etag
"6063050a-1122c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JMxky3mzldbDkeDwGyiG5ty0f0kpwrSWbGzjt%2BHI2OQmqVfPBmMXqHkMf7k6qBjzYzDAriLwHzh6hnqPF1PGq10KqJBbgiCP4u71EIyj"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
63922b4f6d90f9ce-PRG
expires
Sat, 01 May 2021 13:29:56 GMT
OpenSans-Regular.woff
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/ 		66 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/OpenSans-Regular.woff
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.145.0.master.20210413094526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
565eb53dab9961bc6d8b78fcd23ba799254aabd7658f21bf385e84675e46fb51

Request headers

Origin
https://t49.nemflirt.dk
Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67528
cf-request-id
092f3965a40000f9e2b1337000000001
last-modified
Tue, 30 Mar 2021 11:01:31 GMT
server
NetDNA-cache/2.2
etag
"6063050b-107c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1DMFuJ8UVbk1TUwjTcNqGApCmdlNuNwBPN5U8oB04NUXg3Zc4MuWtvW1ZsElYiLdyvj%2BeuT5qplx%2FNjmLVScEvXivan8Yk4311Yd0VAB"}],"max_age":604800,"group":"cf-nel"}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
63922b4f68b7f9e2-PRG
expires
Sat, 01 May 2021 13:27:51 GMT
landing0039.js
t49.nemflirt.dk/js/dist/ 		413 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/js/dist/landing0039.js?v=2.145.0.master.20210413094526
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/node_modules/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aaf1f322c444f273ec3681d464234c083d67d766120aacfb17a2213560ca776

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

date
Thu, 15 Apr 2021 02:33:09 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0974f91f3c0000d8857aa82000000001
last-modified
Tue, 13 Apr 2021 07:49:51 GMT
server
cloudflare
etag
W/"60754d1f-67551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ao49aJsyX9HILC8ld6jTgnwkRtihrQrmVy5gWJPsjx9XFW7YmOVVcBRx1hPaynMMyW34ciAspFBerCKaP1N2Ha9UghTfo%2BQlVJxoSIItfrE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
6401c4786a79d885-CPH
expires
Sat, 15 May 2021 02:33:09 GMT
collect
www.google-analytics.com/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1963612085&t=pageview&_s=1&dl=https%3A%2F%2Ft49.nemflirt.dk%2F%3Fq%3D%2Fa%2Fff0049%2F%26promo_code%3D102872%26ev%3Dxc161845398856b186077a5e43cf59850857438%26keyword%3D135%26pass%3Dxc161845398856b186077a5e43cf59850857438%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&dr=https%3A%2F%2Fdlvr.xcash.com%2F&ul=en-us&de=UTF-8&dt=Nemflirt%3A%20Dates%20og%20Casual%20Engangsknald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1022385623&gjid=852212982&cid=68035175.1618453989&tid=UA-87667025-37&_gid=707149588.1618453989&_r=1&_slc=1&z=1798672128
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 02:33:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://t49.nemflirt.dk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1208.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161845398856b186077a5e43cf59850857438&keyword=135&pass=xc161845398856b186077a5e43cf59850857438&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
8RKQEAN5TXDTXPJJ
x-cache
HIT
content-length
11777
x-amz-id-2
djL2FyhYYnPXnfUDu/ixf5359BupcZybKPzDTfnh3arL7WwBSx5p9Pwsr+ezlNgpWaX8kdUQCMo=
x-served-by
cache-hhn4072-HHN
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1618453989.373089,VS0,VE0
date
Thu, 15 Apr 2021 02:33:09 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3599
6cbab69a58
bam-cell.nr-data.net/1/ 		57 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/6cbab69a58?a=192394552&v=1208.49599aa&to=ZlNaYhEDDEBYBUZQDF8Ze0MQFg1eFiNHXTNDWVVZTDIQXFQJHXANVVNAGSoMBlZB&rst=896&ck=1&ref=https://t49.nemflirt.dk/&ap=280&be=516&fe=856&dc=635&perf=%7B%22timing%22:%7B%22of%22:1618453988501,%22n%22:0,%22f%22:146,%22dn%22:146,%22dne%22:146,%22c%22:146,%22ce%22:146,%22rq%22:162,%22rp%22:507,%22rpe%22:513,%22dl%22:511,%22di%22:634,%22ds%22:634,%22de%22:635,%22dc%22:856,%22l%22:856,%22le%22:858%7D,%22navigation%22:%7B%7D%7D&fp=670&fcp=670&at=ShRZFFkZH04%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
http://xizd7wsry6lljkusfrcu.site/&zxP2ssUayL&uBom73L
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Response headers

Date
Thu, 15 Apr 2021 02:33:09 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
6401c479ca397357-CPH
cf-request-id
0974f920200000735707bc6000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
6cbab69a58
bam-cell.nr-data.net/events/1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/events/1/6cbab69a58?a=192394552&v=1208.49599aa&to=ZlNaYhEDDEBYBUZQDF8Ze0MQFg1eFiNHXTNDWVVZTDIQXFQJHXANVVNAGSoMBlZB&rst=10896&ck=1&ref=https://t49.nemflirt.dk/

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| URL_PARAMS object| SITE_PRODUCT string| DOMAIN string| ENV object| WL_SITE string| SITE_NAME string| SITE_LAYOUT string| SITE_TYPE string| THIRD_PARTY_VIDEO_ID string| CURRENT_LANG object| TRANSLATIONS object| STATIC_DOMAINS object| SITE_VARIABLES string| EMAIL_LIMIT_REACHED string| EMAIL_BLACKLISTED object| ERROR_MESSAGES object| SUCCESS_MESSAGES object| NDConfig function| requirejs function| require function| define string| GOOGLE_ANALYTICS_CODE string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Twig function| $ function| jQuery function| Bloodhound function| Swiper function| Hammer

11 Cookies

Domain/Path Name / Value
.nemflirt.dk/ Name: _gid
Value: GA1.2.707149588.1618453989
.nemflirt.dk/ Name: _ga
Value: GA1.2.68035175.1618453989
t49.nemflirt.dk/ Name: SERVERID
Value: wbs03
t49.nemflirt.dk/ Name: APPID
Value: promo
.t49.nemflirt.dk/ Name: keyword
Value: 135
.t49.nemflirt.dk/ Name: promo_code
Value: 102872
.nemflirt.dk/ Name: pc_aff
Value: fMmJTvim4cK7AtEeAgNNlokWmP_bQOKsghC7ChJjy5bT88XvPZS8mwjGKeD_wmiQUOqgeLBCWzKW_hfdOxG3XZLiXQKmTVgTGd-zBJn0unIq_uwAc6vQwjwdx2Ultte6HZs5JvHhRcZWeKzAwr-2sxvwKeg9UkfJ_czpqcMglKck8BZdixJj_GdQcvfGxM1gZDDsB6XB8xhZ9jtFI94vGfEav1859jM-7pGKz8OP27xpjIeqRTkxQN7c2uGxnR7fpVw95KeJNxIh87tnlCatW2gb_Boj3N0uGRE7nMaKa6aMGuNZwufkvmfv1Sg34VXCmlDhgEdoRhdR7YpIBD5TOQ
.nemflirt.dk/ Name: _gat
Value: 1
.nemflirt.dk/ Name: PHPSESSID
Value: 0h06qffmgdkmch0usgkk9ebas2
.t49.nemflirt.dk/ Name: ev
Value: xc161845398856b186077a5e43cf59850857438
.nemflirt.dk/ Name: __cfduid
Value: d8871e56f5722ee1236deea9a644dee921618453988

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vfgtg.com
bam-cell.nr-data.net
ckstatic.com
dlvr.xcash.com
gdmconvtrck.com
js-agent.newrelic.com
s.aslnk.link
securecloud-slnd.com
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
t.adating.link
t49.nemflirt.dk
track.lobby-x.eu
trk.nemflirt.dk
www.a8a8altrk.com
www.google-analytics.com
www.wazazu.com
xizd7wsry6lljkusfrcu.site
bam-cell.nr-data.net
104.21.92.211
107.178.252.101
128.0.45.252
13.224.193.124
151.101.114.110
151.139.237.33
162.247.243.147
162.255.119.154
18.195.149.11
194.116.150.218
205.185.216.10
2a00:1450:4001:82b::200e
2a05:d018:483:6120:97d8:afe1:e21b:e9ef
2a05:d018:e36:3930:6555:77e3:c5e3:fc88
99.84.156.52
0a4d3ba79d0dac0d8b7b4f2571e5f10b6accbac2e29f6cd792483bf2984196e2
15c670d38e8f4583cd5e4bd50023c75c15eecb4ec214e36ccdf1082ee4ba668f
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
2fadd4d6b5e5d6c6e7b5fe992e919e81abd2f8b563c9bbe08ea9260ca0410453
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
565eb53dab9961bc6d8b78fcd23ba799254aabd7658f21bf385e84675e46fb51
584fe4084789f308d4adf54b2a54cc573e83b5f79f6f7aa091366c85e373d4bb
6aaf1f322c444f273ec3681d464234c083d67d766120aacfb17a2213560ca776
6b127945c37fc107637cfc74b48f7d71bbf60c7d9d19d5574b90f79942a87dae
76b5982e688575e2f83145319da449a31bd3172c113c775c3a9a774b7ffe7783
7b2a51c9e111b604c5512a34a94a3fd680b0df8b03fc9c245f580051a4f5bc32
8c1b19d8d2fbf4a652b181b4b42a4d20d0352758a69cd27bfabe099a9d59f566
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b
9dbcef729b41fd90060896ad38a2c8e4ddd1aa2b948b469d248eaf467218d50b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b8570c50a110bfded14068b79f3ffedbd3ad948bd78f55f454493d118ab366af
c305804f509d6d3fca8f562c52c7e3b5fdec4c70d311e6f3bc8a3b68334914a1
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4