urlscan.io logo urlscan.io
SecurityTrails logo

t49.nemflirt.dk Open in urlscan Pro
104.27.180.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pic.hiltonheadbreakfast.com/?hb=wdjah&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393126&
Effective URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc16...
Submission: On January 08 via manual from MX
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 11 domains to perform 20 HTTP transactions. The main IP is 104.27.180.112, located in United States and belongs to CLOUDFLARENET, US. The main domain is t49.nemflirt.dk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2020. Valid for: a year.
This is the only time t49.nemflirt.dk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 50.31.5.196 32748 (STEADFAST)
1 3.213.249.202 14618 (AMAZON-AES)
3 205.185.216.10 20446 (HIGHWINDS3)
3 3 18.195.149.11 16509 (AMAZON-02)
2 65.9.7.28 16509 (AMAZON-02)
1 2 128.0.45.252 60657 (CAPITAL-F...)
1 5 104.27.180.112 13335 (CLOUDFLAR...)
5 151.139.237.33 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
1 162.247.243.147 23467 (NEWRELIC-...)
20 9
2    50.31.5.196 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip196.50-31-5.static.steadfastdns.net
pic.hiltonheadbreakfast.com
1    3.213.249.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-249-202.compute-1.amazonaws.com
t.hrtyi.com
3    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
ckstatic.com
3    18.195.149.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com
a.vfgtg.com
2    65.9.7.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
s.aslnk.link
2    128.0.45.252 (Germany)

ASN60657 (CAPITAL-FINANCIAL-AS Str. Sfanta Vineri nr. 25 Bloc 105 C, Parter, RO)
dlvr.xcash.com
5    104.27.180.112 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.nemflirt.dk
t49.nemflirt.dk
5    151.139.237.33 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
Domain Requested by
4 static-01-2ug82pacs7u3bksy.netdna-ssl.com t49.nemflirt.dk
static-01-2ug82pacs7u3bksy.netdna-ssl.com
4 t49.nemflirt.dk dlvr.xcash.com
t49.nemflirt.dk
3 a.vfgtg.com 3 redirects
3 ckstatic.com t.hrtyi.com
s.aslnk.link
2 www.google-analytics.com t49.nemflirt.dk
www.google-analytics.com
2 dlvr.xcash.com 1 redirects s.aslnk.link
2 s.aslnk.link t.hrtyi.com
s.aslnk.link
2 pic.hiltonheadbreakfast.com 2 redirects
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com t49.nemflirt.dk
1 static-03-2ug82pacs7u3bksy.netdna-ssl.com t49.nemflirt.dk
1 trk.nemflirt.dk 1 redirects
1 t.hrtyi.com
20 13

This site contains links to these domains. Also see Links.

Domain
nemflirt.dk
support.nemflirt.dk
Subject Issuer Validity Valid
t.hrtyj.com
Let's Encrypt Authority X3		 2020-11-23 -
2021-02-21		 3 months crt.sh
ckstatic.com
Let's Encrypt Authority X3		 2020-11-13 -
2021-02-11		 3 months crt.sh
*.ajrkm.link
Amazon		 2020-07-29 -
2021-08-29		 a year crt.sh
dlvr.xcash.com
R3		 2020-12-23 -
2021-03-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-09 -
2021-08-09		 a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-18 -
2021-03-18		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-05-07		 4 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Frame ID: AACEBAC86AB4DDF5711B037359309911
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://pic.hiltonheadbreakfast.com/?hb=wdjah&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393126& HTTP 302
    http://pic.hiltonheadbreakfast.com/new/?s=91& HTTP 302
    https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91 Page URL
  2. https://a.vfgtg.com/c87c69df-01fe-4b0e-9653-076141d76ef4?subID1=91&affiliateID=75077&source=1025... HTTP 302
    https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4... Page URL
  3. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=91;10254b030da743bb68ac33853a60a... HTTP 302
    https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=91%3B10254b030da743bb68ac33853a6... HTTP 302
    https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff... Page URL
  4. https://dlvr.xcash.com/38104?subaffiliate_id=44542&session_id=1022d67c6f92eeadee13de5203c05d&extern... HTTP 302
    https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26... Page URL
  5. https://trk.nemflirt.dk/a/ff0049/?promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keywo... HTTP 302
    https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&k... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

9 %
IPv6

11
Domains

13
Subdomains

9
IPs

2
Countries

950 kB
Transfer

1473 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pic.hiltonheadbreakfast.com/?hb=wdjah&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393126& HTTP 302
    http://pic.hiltonheadbreakfast.com/new/?s=91& HTTP 302
    https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91 Page URL
  2. https://a.vfgtg.com/c87c69df-01fe-4b0e-9653-076141d76ef4?subID1=91&affiliateID=75077&source=10254b030da743bb68ac33853a60ae&subID2=55609&Target=Email&affsource=91 HTTP 302
    https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756 Page URL
  3. https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=91;10254b030da743bb68ac33853a60ae&affiliateID=44542&source=10282ff317544eb9e4cdbeef71edf4&subID2=75077&s2=10282ff317544eb9e4cdbeef71edf4&s3=91;10254b030da743bb68ac33853a60ae&s4=75077&Bnr=&url=1&Target=Default&affsub=91&affsource=10254b030da743bb68ac33853a60ae HTTP 302
    https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=91%3B10254b030da743bb68ac33853a60ae&affiliateID=44542&source=10282ff317544eb9e4cdbeef71edf4&subID2=75077&Target=Default&Site=&Bnr=&cid=w4o29s9ob90c8el4i2jfmm3o&email= HTTP 302
    https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756 Page URL
  4. https://dlvr.xcash.com/38104?subaffiliate_id=44542&session_id=1022d67c6f92eeadee13de5203c05d&external_campaign_id=10282ff317544eb9e4cdbeef71edf475077 HTTP 302
    https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1 Page URL
  5. https://trk.nemflirt.dk/a/ff0049/?promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel= HTTP 302
    https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pic.hiltonheadbreakfast.com/?hb=wdjah&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393126& HTTP 302
  • http://pic.hiltonheadbreakfast.com/new/?s=91& HTTP 302
  • https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
Request Chain 2
  • https://a.vfgtg.com/c87c69df-01fe-4b0e-9653-076141d76ef4?subID1=91&affiliateID=75077&source=10254b030da743bb68ac33853a60ae&subID2=55609&Target=Email&affsource=91 HTTP 302
  • https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
Request Chain 4
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=91;10254b030da743bb68ac33853a60ae&affiliateID=44542&source=10282ff317544eb9e4cdbeef71edf4&subID2=75077&s2=10282ff317544eb9e4cdbeef71edf4&s3=91;10254b030da743bb68ac33853a60ae&s4=75077&Bnr=&url=1&Target=Default&affsub=91&affsource=10254b030da743bb68ac33853a60ae HTTP 302
  • https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=91%3B10254b030da743bb68ac33853a60ae&affiliateID=44542&source=10282ff317544eb9e4cdbeef71edf4&subID2=75077&Target=Default&Site=&Bnr=&cid=w4o29s9ob90c8el4i2jfmm3o&email= HTTP 302
  • https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756
Request Chain 6
  • https://dlvr.xcash.com/38104?subaffiliate_id=44542&session_id=1022d67c6f92eeadee13de5203c05d&external_campaign_id=10282ff317544eb9e4cdbeef71edf475077 HTTP 302
  • https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
t.hrtyi.com/pm51j4wny8/55609/5782/0/
Redirect Chain
  • http://pic.hiltonheadbreakfast.com/?hb=wdjah&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393126&
  • http://pic.hiltonheadbreakfast.com/new/?s=91&
  • https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.249.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-249-202.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
71cf6c7325ccf362ee194fa09a455c18ef7f1ed54234854593521e26190f3dff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
t.hrtyi.com
:scheme
https
:path
/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.17.10
date
Fri, 08 Jan 2021 22:48:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
enc_aff_session_5782=ENC031b4f6fa9961cd9d572998eb6f7e0d1ea39c40c09a2f3a9463bbbca87ce895ca3691f4c5ef7ce5188f6891950b3dfcf3e18aeada5d8ec8f020ac00f3fa6e5a6c2daae4878dc7db42c5e9fb4018368652611ea63a33524e14cf64349ab3e5a2410abfa118fba8c108ecc49c99c80e1e1a37f460f85d930d3b80b9d1c7d693731a81b52e59d; Path=/; Expires=Sun, 08 Jan 2023 22:48:53 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 04 Dec 2023 09:28:53 GMT; Secure
tracking_id
10254b030da743bb68ac33853a60ae
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip

Redirect headers

Date
Fri, 08 Jan 2021 22:48:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Set-Cookie
visited=1; expires=Sun, 07-Feb-2021 22:48:17 GMT
Location
https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
Content-Length
358
Connection
close
Content-Type
text/html; charset=UTF-8
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: t.hrtyi.com
URL: https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer
https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 08 Jan 2021 22:48:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Dec 2014 21:06:56 GMT
ETag
"1417727216"
X-HW
1610146133.dop016.sk1.t,1610146133.cds229.sk1.shn,1610146133.dop016.sk1.t,1610146133.cds218.sk1.c
Content-Type
text/javascript
Cache-Control
max-age=83141
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
/
s.aslnk.link/5wszez6v7k/75077/3785/0/
Redirect Chain
  • https://a.vfgtg.com/c87c69df-01fe-4b0e-9653-076141d76ef4?subID1=91&affiliateID=75077&source=10254b030da743bb68ac33853a60ae&subID2=55609&Target=Email&affsource=91
  • https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
Requested by
Host: t.hrtyi.com
URL: https://t.hrtyi.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68cd292e71615868206f1b82d1c66371af3751059b42e5b04710a2473d991737
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s.aslnk.link
:scheme
https
:path
/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.hrtyi.com/55609/2753?aff_sub1=va99&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub2=91
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t.hrtyi.com/55609/2753?aff_sub1=va99&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub2=91

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Encoding
date
Fri, 08 Jan 2021 22:48:54 GMT
set-cookie
enc_aff_session_3785=ENC034eb34c6f9e5943c6a0e6a4b5b1b24406d32b9fd0b5f571cfd97305a72a63231423a84995e0fe4c3839836b325a7ecd8d1113863859da36454198d407fdb6a9b88662fb81a66df6dd3027306445f0d69de730afb094f39a94215e3b19108fc934ec35a68fa71797829b1d040cea4e634d11e032a1fe78f9043415d9d36cc9b687c5cd7711be3c2badf662ae5eaf307112b0c2cc7e87c58de552642ca3f934808b420779e509aabcfb19453bf27d21006a06d6a7813d83de4686e55ab5691e9f5c5a5fe8d95040e58c9a43db5ad81ff959dba94d9c9b28ed1d38f3fa33861673c61914533dd43543a92c5c641f72b7cad674bf08ecb4bf84bf1f8bee610b0527e515c0b997; Path=/; Expires=Sun, 08 Jan 2023 22:48:54 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 04 Dec 2023 09:28:54 GMT; Secure
tracking_id
10282ff317544eb9e4cdbeef71edf4
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
PsXLjRC1l8s4awQTAubbMutHhjVM1AEH1ltataaldaNhIkpMrYJgRQ==

Redirect headers

Server
nginx
Date
Fri, 08 Jan 2021 22:48:53 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
Pragma
no-cache
Set-Cookie
c87c69df-01fe-4b0e-9653-076141d76ef4-v4=c87c69df-01fe-4b0e-9653-076141d76ef4; Max-Age=86400; Expires=Sat, 09-Jan-2021 22:48:53 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=GXxvsT4%2FCe8LNz6W5AdsOVoAIygvcxSWkmZwCtLEL0NNakCYyi0%2Bkrtw2d%2FfZCnJB%2FgQ6rJqzS7nzfT5wG4rS4M8VXL2554dShj5aH3rjyiUYfofwbD%2F0Sgv6qUj%2FOef0KA16HwGL4OgKx%2BcKYroZw%3D%3D; Max-Age=31536000; Expires=Sat, 08-Jan-2022 22:48:53 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer
https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 08 Jan 2021 22:48:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Dec 2014 21:06:56 GMT
ETag
"1417727216"
X-HW
1610146133.dop016.sk1.t,1610146133.cds229.sk1.shn,1610146133.dop016.sk1.t,1610146134.cds218.sk1.c
Content-Type
text/javascript
Cache-Control
max-age=83140
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
/
s.aslnk.link/5wszez6v7k/44542/7585/24589/
Redirect Chain
  • https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=91;10254b030da743bb68ac33853a60ae&affiliateID=44542&source=10282ff317544eb9e4cdbeef71edf4&subID2=75077&s2=10282ff317544eb9e4cdbeef71e...
  • https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=91%3B10254b030da743bb68ac33853a60ae&affiliateID=44542&source=10282ff317544eb9e4cdbeef71edf4&subID2=75077&Target=Default&Site=&Bnr=&ci...
  • https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/75077/3785/0/?aff_sub=91&aff_sub2=55609&aff_sub3=wtrhujr2pkupael4ir3b5rr8&source=10254b030da743bb68ac33853a60ae&bnr=&Target=Email&bo=2753,2754,2755,2756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6a1226f7d6115958aee4287cdcc5804c0cbee3549a1f8747059ded2e3b322304
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s.aslnk.link
:scheme
https
:path
/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://s.aslnk.link/75077/2753?aff_sub3=wtrhujr2pkupael4ir3b5rr8&bnr=&Target=Email&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=91&aff_sub2=55609&source=10254b030da743bb68ac33853a60ae
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
enc_aff_session_3785=ENC034eb34c6f9e5943c6a0e6a4b5b1b24406d32b9fd0b5f571cfd97305a72a63231423a84995e0fe4c3839836b325a7ecd8d1113863859da36454198d407fdb6a9b88662fb81a66df6dd3027306445f0d69de730afb094f39a94215e3b19108fc934ec35a68fa71797829b1d040cea4e634d11e032a1fe78f9043415d9d36cc9b687c5cd7711be3c2badf662ae5eaf307112b0c2cc7e87c58de552642ca3f934808b420779e509aabcfb19453bf27d21006a06d6a7813d83de4686e55ab5691e9f5c5a5fe8d95040e58c9a43db5ad81ff959dba94d9c9b28ed1d38f3fa33861673c61914533dd43543a92c5c641f72b7cad674bf08ecb4bf84bf1f8bee610b0527e515c0b997; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://s.aslnk.link/75077/2753?aff_sub3=wtrhujr2pkupael4ir3b5rr8&bnr=&Target=Email&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=91&aff_sub2=55609&source=10254b030da743bb68ac33853a60ae

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Encoding
date
Fri, 08 Jan 2021 22:48:54 GMT
set-cookie
aff_ran_url_7585=24589; Path=/; Expires=Sat, 09 Jan 2021 22:48:54 GMT; Secure enc_aff_session_7585=ENC033090cd377d2e882104bb3c5d2ff82297b1c4c407944ad21ecd0152124bbc40719d0430ccd0dc4b47cfe36378e3f8a806fbd1fe1523e8268cb0171e771676cea1373b40aa45b4b5fba38f2ec84a918038d0e5cf800d115307b22686af739a04d089689f1a012b6240428e04f272ee91c18dca9bb809fc91998925f4bf19141c7b20a64480108002098364967d264eb9fc86dd7e8a402a36e5ada7898d10b882f3cdc916fe46ff2d1eb5de7bc96933844d216724f12b49621861ff8d78948ef34279ec4fe485baeda94c0dd6d55e510c640b9954a2b5f624e62ff886f5b8ed9669a5a21b114d0625b74bb046bbf7e984358607358fcf564f4ac4b9836c9151403719bcf22166071886bfc3f5651ad086980ddc4829b27767685a2602b9dae9e2a3650cf5e5fd703c2a9e9991401a63251bb8e6be04257bf106a9b208b7f35a4ca1a68badeea89bb638e1865c81484f08cbfebb73988f39fba8b1da1a02c3e64992da8bfc558f6975008de0a459942e8f95e8717e6d08e56930440b4e7f786ec1af00fe44c2; Path=/; Expires=Sun, 08 Jan 2023 22:48:54 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 04 Dec 2023 09:28:54 GMT; Secure
tracking_id
1022d67c6f92eeadee13de5203c05d
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
DwmVRowoO0Ri7tQskXGZEMCrYH8zl4-mcSzTZoqbCbzCPf-Yc6WBiw==

Redirect headers

Server
nginx
Date
Fri, 08 Jan 2021 22:48:54 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756
Pragma
no-cache
Set-Cookie
20aabc55-9fe1-45ac-bd10-4108cd0f740a-v4=20aabc55-9fe1-45ac-bd10-4108cd0f740a; Max-Age=86400; Expires=Sat, 09-Jan-2021 22:48:54 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=Ic24cJBdCTi89wiP%2FstAZyxQZE%2F0TEKW3NGSDAMKejWbzgSMvJqtF0It2JDOuEtYYh6lQxEmminkoWk9d2AOEjJrlFI1nXJAZ4a29Wwp%2Bcq3ibi6RcFd7L8gGGexCDb9eMK4B8qROocwu20d4fqAMw%3D%3D; Max-Age=31536000; Expires=Sat, 08-Jan-2022 22:48:54 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer
https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 08 Jan 2021 22:48:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Dec 2014 21:06:56 GMT
ETag
"1417727216"
X-HW
1610146133.dop016.sk1.t,1610146133.cds229.sk1.shn,1610146133.dop016.sk1.t,1610146134.cds218.sk1.c
Content-Type
text/javascript
Cache-Control
max-age=83140
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
r
dlvr.xcash.com/
Redirect Chain
  • https://dlvr.xcash.com/38104?subaffiliate_id=44542&session_id=1022d67c6f92eeadee13de5203c05d&external_campaign_id=10282ff317544eb9e4cdbeef71edf475077
  • https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708...
1 KB
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1
Requested by
Host: s.aslnk.link
URL: https://s.aslnk.link/5wszez6v7k/44542/7585/24589/?aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&aff_sub3=w4o29s9ob90c8el42hhspp4k&source=10282ff317544eb9e4cdbeef71edf4&nopop=1&bo=2753,2754,2755,2756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.0.45.252 , Germany, ASN60657 (CAPITAL-FINANCIAL-AS Str. Sfanta Vineri nr. 25 Bloc 105 C, Parter, RO),
Reverse DNS
Software
openresty/1.19.3.1 / HHVM/3.11.1
Resource Hash
b69879f563398c00e2a3accbd37c4192f5f601d12f1d04b20b787bc8ddbb3362

Request headers

:method
GET
:authority
dlvr.xcash.com
:scheme
https
:path
/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://s.aslnk.link/44542/2753?aff_sub3=w4o29s9ob90c8el42hhspp4k&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&source=10282ff317544eb9e4cdbeef71edf4
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
51D_Bandwidth=1610146135.3325; ubbc=eyJpdiI6Im1oXC9HbkE4ODNcLytMWFFMaUFUSm91UT09IiwidmFsdWUiOiIzS0h3QmVsWnVobVwvTHZrN0EyMDBuZz09IiwibWFjIjoiMGRjYjAyNzQ2OTgwYWNlZjc4YmJjYmU0YTZhOWEyYWEyZTNkNTY1Y2U3ZGMyOThmMGM5YTYwN2I3NWI2MzdlOCJ9; bbuc=eyJpdiI6IjhoUVIxMEF5bUVjNk1BbEIwUHdFMVE9PSIsInZhbHVlIjoiRTRzXC9FWWtaNVIwaG5nRjl4d21GSElQeG5Cbk1Mc05RVUMrNXE3UVRSWG89IiwibWFjIjoiN2YyNjc4ZjIzYWQ2ZjdjYTVhMjc1OGQ0YjIxYmFjYmJkNmJlZGM1MTE3NWI0ZjJkYmM2OGM3MDQyMDE2YTdjNiJ9; bbrc=eyJpdiI6IjYycEU1azlxMmgwY2d2eGVia09GVGc9PSIsInZhbHVlIjoiMzBcL1U0bVwvc0Z1ZnlUR3VjZlwvNDB0Zz09IiwibWFjIjoiOWMxMzA4NTg1YmQwZjJjOTNmZGI5NmQyNzU1YWU2MWMwOWZlZWYxODdlNTdhZTYzZTlmODc5MjJkMTMxODYwYiJ9; laravel_session=eyJpdiI6ImdWckpUZlQ3RElDVVB2dG13TWIzNnc9PSIsInZhbHVlIjoiZEd5Uk9WNVRlTVpia1VhYk81aFBWclBlbDlKRXVYRmNsa2tOS1NBeVBLWFlKNzl2bk1jU1wvZ1wvV2RZd2hUV09QTzc5NGlBa0NoNE8xbGJHWWFMSGdcL0E9PSIsIm1hYyI6ImViNTYxM2VjMDFkMDA3ZmUxNWEzNjk4NDY4YjgzMmM5ZjcxYjQ4NTZhMDA0ZjA3NjJlMzIzYjM0NGQ2NjJmYzIifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://s.aslnk.link/44542/2753?aff_sub3=w4o29s9ob90c8el42hhspp4k&nopop=1&boSequence=3&bo=2754%2C2755%2C2756&aff_sub=91%3B10254b030da743bb68ac33853a60ae&aff_sub2=75077&source=10282ff317544eb9e4cdbeef71edf4

Response headers

server
openresty/1.19.3.1
content-type
text/html; charset=UTF-8
set-cookie
laravel_session=eyJpdiI6InRVTGRIR3p5Ulc5MHQzVHUyUkpob3c9PSIsInZhbHVlIjoiRHRWZkFtQTR1Tkg1XC9JVkFKWDdTNGlrN0ZYTFNFR2FSK2NwOGJxMVNvNmlUeG1aQjBJNkk0Q0ozZHZwdEtVeGNYY3liNDc0SzkyOVwvdk43XC9GUEh6S3c9PSIsIm1hYyI6ImYzZDgwNDJlYjgzYjEwNjFhOTc1OTFhMjc1NjkyNzUxOGZmODEwMjhmNWIxNGIyMWJkNTg3MmI0MmI4ZGRjZTQifQ%3D%3D; path=/; httponly
x-powered-by
HHVM/3.11.1
content-encoding
gzip
vary
Accept-Encoding
date
Fri, 08 Jan 2021 22:48:55 GMT
cache-control
no-cache

Redirect headers

server
openresty/1.19.3.1
content-type
text/html; charset=UTF-8
location
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1
set-cookie
51D_Bandwidth=1610146135.3325 ubbc=eyJpdiI6Im1oXC9HbkE4ODNcLytMWFFMaUFUSm91UT09IiwidmFsdWUiOiIzS0h3QmVsWnVobVwvTHZrN0EyMDBuZz09IiwibWFjIjoiMGRjYjAyNzQ2OTgwYWNlZjc4YmJjYmU0YTZhOWEyYWEyZTNkNTY1Y2U3ZGMyOThmMGM5YTYwN2I3NWI2MzdlOCJ9; expires=Sat, 09-Jan-2021 22:48:55 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6IjhoUVIxMEF5bUVjNk1BbEIwUHdFMVE9PSIsInZhbHVlIjoiRTRzXC9FWWtaNVIwaG5nRjl4d21GSElQeG5Cbk1Mc05RVUMrNXE3UVRSWG89IiwibWFjIjoiN2YyNjc4ZjIzYWQ2ZjdjYTVhMjc1OGQ0YjIxYmFjYmJkNmJlZGM1MTE3NWI0ZjJkYmM2OGM3MDQyMDE2YTdjNiJ9; expires=Sat, 09-Jan-2021 22:48:55 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6IjYycEU1azlxMmgwY2d2eGVia09GVGc9PSIsInZhbHVlIjoiMzBcL1U0bVwvc0Z1ZnlUR3VjZlwvNDB0Zz09IiwibWFjIjoiOWMxMzA4NTg1YmQwZjJjOTNmZGI5NmQyNzU1YWU2MWMwOWZlZWYxODdlNTdhZTYzZTlmODc5MjJkMTMxODYwYiJ9; expires=Sat, 09-Jan-2021 05:48:55 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6ImdWckpUZlQ3RElDVVB2dG13TWIzNnc9PSIsInZhbHVlIjoiZEd5Uk9WNVRlTVpia1VhYk81aFBWclBlbDlKRXVYRmNsa2tOS1NBeVBLWFlKNzl2bk1jU1wvZ1wvV2RZd2hUV09QTzc5NGlBa0NoNE8xbGJHWWFMSGdcL0E9PSIsIm1hYyI6ImViNTYxM2VjMDFkMDA3ZmUxNWEzNjk4NDY4YjgzMmM5ZjcxYjQ4NTZhMDA0ZjA3NjJlMzIzYjM0NGQ2NjJmYzIifQ%3D%3D; path=/; httponly
cache-control
no-cache
vary
Accept-Encoding
date
Fri, 08 Jan 2021 22:48:55 GMT
x-powered-by
HHVM/3.11.1
content-encoding
gzip
Primary Request /
t49.nemflirt.dk/
Redirect Chain
  • https://trk.nemflirt.dk/a/ff0049/?promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pi...
  • https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&f...
42 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Requested by
Host: dlvr.xcash.com
URL: https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.180.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545bf67a3e2d631e633d3583f713bbc22d439555ae303c91f2b1ca0dda5443a4

Request headers

:method
GET
:authority
t49.nemflirt.dk
:scheme
https
:path
/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d3ddb81b505ed342b62ea0dd597c645bd1610146135
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.nemflirt.dk%2Fa%2Fff0049%2F%3Fpromo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&redirect_back=https%3A%2F%2Fdlvr.xcash.com%2F38104%2F%3Fsubaffiliate_id%3D44542%26session_id%3D1022d67c6f92eeadee13de5203c05d%26external_campaign_id%3D10282ff317544eb9e4cdbeef71edf475077%26tt%3D1

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=g6g6b9551nb76hdtus20iu9fn5; path=/; domain=nemflirt.dk remember_me=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=t49.nemflirt.dk pc_aff=adcLfzz9sDtgFeD-g7vq2djrIW8ijGlBN1f6itbShlI2L_1rcHmBgDR90scJEe849w7LGbkdsXT0e4EYf4Kugw_La96kD122NszLOGzCpGoaKZJoZB8nRVwAWBzpMPKLHKKFGSzLFx_WWyEQx4ExgrsuMnOQAMv0uUHMSPXIRBdP99-SKyqNaR6RUZGweNPJZZxiF-JBVi2jOiU0Vu0j3M3YrqvOnYLcXLMXTNvvGpSWWuwQLazD-Sw73CVeGiLJ5dLNJ0qFmo6bYUqEIqN_DTJTlKtKEXKyucduW_IwZUQRL9NhcUu3eMFwRn1i1WU8L-ShkgFv2m4frjhxnIpdoA; expires=Sun, 07-Feb-2021 22:48:56 GMT; Max-Age=2592000; path=/; domain=nemflirt.dk promo_code=102872; expires=Sun, 07-Feb-2021 22:48:56 GMT; Max-Age=2592000; path=/; domain=t49.nemflirt.dk ev=xc161014613591e5d5ff8e157708cc801694292; expires=Sun, 07-Feb-2021 22:48:56 GMT; Max-Age=2592000; path=/; domain=t49.nemflirt.dk keyword=135; expires=Sun, 07-Feb-2021 22:48:56 GMT; Max-Age=2592000; path=/; domain=t49.nemflirt.dk APPID=promo SERVERID=wbs06; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0785c957980000737bfc19b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WOnYixa9Do5ej0NHwUI%2BcU9l2IaFHRE8Wm53Hsk%2BJ1%2FmuUjal5mzqDanEvAFGSYFUrcu8cuUTbGTjRWNE56o3CDhKztiDFuHjWr%2FJ7%2Fs2Zk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60e97805bda4737b-CPH
content-encoding
br

Redirect headers

date
Fri, 08 Jan 2021 22:48:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3ddb81b505ed342b62ea0dd597c645bd1610146135; expires=Sun, 07-Feb-21 22:48:55 GMT; path=/; domain=.nemflirt.dk; HttpOnly; SameSite=Lax SERVERID=wbs07; path=/
location
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
cf-cache-status
DYNAMIC
cf-request-id
0785c957290000737b05180000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OmlOCKyVgXYAbZ8uCQWg3ceT3Yp0J%2FwmsrjGh12LX8pyCkjIvuVrNNZ2McQvr%2Ff6gx8JsWJf%2FGd2ATkBBy0%2FjigOWnSA7WpqwgFLlButAgE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60e978050c75737b-CPH
landing0039.css
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.117.0.master.20201231113540
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
765369727cf328c3ec2ce6550ec26280829e15e7025fac9293edd945e224f9ec

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-cache
HIT
cf-request-id
0759fe2da20000410e5fa72000000001
last-modified
Thu, 31 Dec 2020 10:42:35 GMT
server
NetDNA-cache/2.2
etag
W/"5fedab1b-cf95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1pUhY8fzWkBfFT%2FAFVkIU3Q%2BN0RzmDZ469w5x2t6sYZARHHH3xJmgl7zueuZ4YB1uQvin4Icz5Z2MXpcN%2F9PzniUdWd0Ap4Y8p5ViMEe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
60a366290e8d410e-PRG
expires
Sat, 30 Jan 2021 10:42:08 GMT
config.js
t49.nemflirt.dk/js/dist/ 		2 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/js/dist/config.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.180.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11cc7e35f2660f25bbafda2f592c042db4407312764511d0bb9e104eda6f0416

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 31 Dec 2020 10:33:34 GMT
server
cloudflare
etag
W/"5feda8fe-745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LkqJCf6Ii3x99GYCONHbgj0eO8HmyxFBeeIy5gVWFQgKkTZKsoQfQJ%2BWvomc8yfNANk3z0542GfK8oo3zeWpnGR7jaGXi%2FkKDLbv0RqfXrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60e978089a04737b-CPH
cf-request-id
0785c9595b0000737bf719a000000001
expires
Sun, 07 Feb 2021 22:48:56 GMT
require.js
t49.nemflirt.dk/node_modules/requirejs/ 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/node_modules/requirejs/require.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.180.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 27 Aug 2018 06:00:39 GMT
server
cloudflare
etag
W/"5b839387-151d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CZ6hSRYwXda20cHG6UrcroMAta1D7AXNi9h2Dn6oCzgoK%2F201asVkgmzgKWjrDsHX01YEZieoZVnK1PbczPwZl%2FO5%2F1Ui23Dsw%2Fe2z3oivo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60e978089a06737b-CPH
cf-request-id
0785c959640000737b17907000000001
expires
Sun, 07 Feb 2021 22:48:56 GMT
bg_1.jpg
static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0039/ 		617 KB
618 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0039/bg_1.jpg?v=2.117.0.master.20201231113540
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
584fe4084789f308d4adf54b2a54cc573e83b5f79f6f7aa091366c85e373d4bb

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
cf-cache-status
MISS
last-modified
Thu, 31 Oct 2019 07:15:46 GMT
server
NetDNA-cache/2.2
etag
"5dba8a22-9a407"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tQ4iBZd3BPzS4qMt3Orj4v%2F9I7kHjA6UAtRb4D2V8lokvkl5137aibq1xBasaCXlwj%2FnOQZNHem8uPCIzM6MPuePMn5ee3q0sP%2Bk0xVv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-cache
HIT
accept-ranges
bytes
cf-ray
60dd14c6ebe94113-PRG
content-length
631815
cf-request-id
077e0b505500004113b2301000000001
heading_triangle.svg
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/img/landing0039/ 		460 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/img/landing0039/heading_triangle.svg
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.117.0.master.20201231113540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
15c670d38e8f4583cd5e4bd50023c75c15eecb4ec214e36ccdf1082ee4ba668f

Request headers

Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.117.0.master.20201231113540
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 31 Dec 2020 10:42:46 GMT
server
NetDNA-cache/2.2
etag
W/"5fedab26-1cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8g%2BvI2%2BRJbNjmJfYWvZ8BOK6L7FYAlX7t2xzYk%2BSeeXVcY1Mrv6qm76wRBs5RFxI0X6TDow4ROPyb3uzqkzYIu8kndv%2BpzYOHQgicejC"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"report_to":"cf-nel","max_age":604800}
x-cache
HIT
cf-ray
60c4ac9179312778-PRG
cf-request-id
076eca2ee9000027788cb35000000001
OpenSans-Bold.woff
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/OpenSans-Bold.woff
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.117.0.master.20201231113540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0a4d3ba79d0dac0d8b7b4f2571e5f10b6accbac2e29f6cd792483bf2984196e2

Request headers

Origin
https://t49.nemflirt.dk
Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.117.0.master.20201231113540
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-cache
HIT
content-length
70188
cf-request-id
074abd92380000279863a55000000001
last-modified
Fri, 25 Dec 2020 11:39:36 GMT
server
NetDNA-cache/2.2
etag
"5fe5cf78-1122c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FQo1QcBKjm8BIF%2B7%2F%2B9%2BL%2FTNnfH%2FlWxeb%2Bni8pJS2GUoDdXgUF8Sv9AGRZTw38zrGQ3XevhaktKoHBQzfwc29seXi4dZs30qwHD%2B6ilO"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
608afec9fe9c2798-PRG
expires
Wed, 27 Jan 2021 11:37:17 GMT
OpenSans-Regular.woff
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/ 		66 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/OpenSans-Regular.woff
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.117.0.master.20201231113540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
565eb53dab9961bc6d8b78fcd23ba799254aabd7658f21bf385e84675e46fb51

Request headers

Origin
https://t49.nemflirt.dk
Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0039.css?v=2.117.0.master.20201231113540
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-cache
HIT
content-length
67528
cf-request-id
074abd8a66000027c0d0a9b000000001
last-modified
Fri, 25 Dec 2020 11:39:36 GMT
server
NetDNA-cache/2.2
etag
"5fe5cf78-107c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KLUK3%2B3Om0opzdIxQXGeKW6nxavTB%2FUBWF5SUucvPCg9xJ%2FXf7wi5INxHSKM%2BVT%2BAE6yLoGN0J4VYvixAstuoYLTqEoVZmqS%2BsiAXsez"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
608afebd7e9b27c0-PRG
expires
Wed, 27 Jan 2021 11:37:15 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5364
date
Fri, 08 Jan 2021 21:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 08 Jan 2021 23:19:32 GMT
landing0039.js
t49.nemflirt.dk/js/dist/ 		392 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t49.nemflirt.dk/js/dist/landing0039.js?v=2.117.0.master.20201231113540
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/node_modules/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.180.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e0865aee5850573783572bd24943f7ab59de41820d225617c5327fae581bd1

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 31 Dec 2020 10:41:03 GMT
server
cloudflare
etag
W/"5fedaabf-61f3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eoQESgyjVhEj8ctT0dDKK0q5MAs8qZQrJaPS0dZiWG4O2C8JqlclQ6GcCNDdlqDowrnVB5vKlTlvOxsL5kaxdc9HHJIWEtGaasli66SMm%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60e978098bad737b-CPH
cf-request-id
0785c959fa0000737b051ae000000001
expires
Sun, 07 Feb 2021 22:48:56 GMT
collect
www.google-analytics.com/j/ 		2 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=281095135&t=pageview&_s=1&dl=https%3A%2F%2Ft49.nemflirt.dk%2F%3Fq%3D%2Fa%2Fff0049%2F%26promo_code%3D102872%26ev%3Dxc161014613591e5d5ff8e157708cc801694292%26keyword%3D135%26pass%3Dxc161014613591e5d5ff8e157708cc801694292%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D18%26fb_pixel%3D&dr=https%3A%2F%2Fdlvr.xcash.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrk.nemflirt.dk%252Fa%252Fff0049%252F%253Fpromo_code%253D102872%2526ev%253Dxc161014613591e5d5ff8e157708cc801694292%2526keyword%253D135%2526pass%253Dxc161014613591e5d5ff8e157708cc801694292%2526m%253D0%257C0%257C0%257C0%2526email%253D%2526email_encoded%253D%2526flow%253D18%2526fb_pixel%253D%26redirect_back%3Dhttps%253A%252F%252Fdlvr.xcash.com%252F38104%252F%253Fsubaffiliate_id%253D44542%2526session_id%253D1022d67c6f92eeadee13de5203c05d%2526external_campaign_id%253D10282ff317544eb9e4cdbeef71edf475077%2526tt%253D1&ul=en-us&de=UTF-8&dt=Nemflirt%3A%20Dates%20og%20Casual%20Engangsknald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=97542644&gjid=1552789907&cid=508653090.1610146137&tid=UA-87667025-37&_gid=1640418855.1610146137&_r=1&_slc=1&z=173732696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Jan 2021 22:48:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://t49.nemflirt.dk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1184.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: t49.nemflirt.dk
URL: https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 22:48:56 GMT
content-encoding
gzip
x-amz-request-id
DCAF92F89A2CA027
x-cache
HIT
content-length
10624
x-amz-id-2
TRHerhVqdOKsza8E2v00gPT2CAbWzfpInLOFmUaGEwIXQEnp+g+VCzJEiqRyaVzOv5v636FnSaM=
x-served-by
cache-fra19158-FRA
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1610146137.852773,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
14223
6cbab69a58
bam-cell.nr-data.net/1/ 		57 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/6cbab69a58?a=192394552&v=1184.ab39b52&to=ZlNaYhEDDEBYBUZQDF8Ze0MQFg1eFiNHXTNDWVVZTDIQXFQJHXANVVNAGSoMBlZB&rst=1103&ck=1&ref=https://t49.nemflirt.dk/&ap=354&be=621&fe=991&dc=774&perf=%7B%22timing%22:%7B%22of%22:1610146135785,%22n%22:0,%22f%22:147,%22dn%22:147,%22dne%22:147,%22c%22:147,%22ce%22:147,%22rq%22:168,%22rp%22:606,%22rpe%22:608,%22dl%22:610,%22di%22:774,%22ds%22:774,%22de%22:774,%22dc%22:991,%22l%22:991,%22le%22:992%7D,%22navigation%22:%7B%7D%7D&fp=773&fcp=773&at=ShRZFFkZH04%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02cdaa490caecb3bb5303b6e28acdb8a08d4f866ec1eb932a2d2c81bc95ebe9

Request headers

Referer
https://t49.nemflirt.dk/?q=/a/ff0049/&promo_code=102872&ev=xc161014613591e5d5ff8e157708cc801694292&keyword=135&pass=xc161014613591e5d5ff8e157708cc801694292&m=0|0|0|0&email=&email_encoded=&flow=18&fb_pixel=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 08 Jan 2021 22:48:57 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
60e9780bda3b7357-CPH
cf-request-id
0785c95b6c000073571da1d000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| URL_PARAMS object| SITE_PRODUCT string| DOMAIN string| ENV object| WL_SITE string| SITE_NAME string| SITE_LAYOUT string| SITE_TYPE string| THIRD_PARTY_VIDEO_ID string| CURRENT_LANG object| TRANSLATIONS object| STATIC_DOMAINS object| SITE_VARIABLES string| EMAIL_LIMIT_REACHED string| EMAIL_BLACKLISTED object| ERROR_MESSAGES object| SUCCESS_MESSAGES object| NDConfig function| requirejs function| require function| define string| GOOGLE_ANALYTICS_CODE string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Twig function| $ function| jQuery function| Bloodhound function| Swiper

11 Cookies

Domain/Path Name / Value
.nemflirt.dk/ Name: _gid
Value: GA1.2.1640418855.1610146137
.nemflirt.dk/ Name: _ga
Value: GA1.2.508653090.1610146137
t49.nemflirt.dk/ Name: SERVERID
Value: wbs06
t49.nemflirt.dk/ Name: APPID
Value: promo
.t49.nemflirt.dk/ Name: keyword
Value: 135
.t49.nemflirt.dk/ Name: promo_code
Value: 102872
.nemflirt.dk/ Name: pc_aff
Value: adcLfzz9sDtgFeD-g7vq2djrIW8ijGlBN1f6itbShlI2L_1rcHmBgDR90scJEe849w7LGbkdsXT0e4EYf4Kugw_La96kD122NszLOGzCpGoaKZJoZB8nRVwAWBzpMPKLHKKFGSzLFx_WWyEQx4ExgrsuMnOQAMv0uUHMSPXIRBdP99-SKyqNaR6RUZGweNPJZZxiF-JBVi2jOiU0Vu0j3M3YrqvOnYLcXLMXTNvvGpSWWuwQLazD-Sw73CVeGiLJ5dLNJ0qFmo6bYUqEIqN_DTJTlKtKEXKyucduW_IwZUQRL9NhcUu3eMFwRn1i1WU8L-ShkgFv2m4frjhxnIpdoA
.nemflirt.dk/ Name: _gat
Value: 1
.nemflirt.dk/ Name: PHPSESSID
Value: g6g6b9551nb76hdtus20iu9fn5
.t49.nemflirt.dk/ Name: ev
Value: xc161014613591e5d5ff8e157708cc801694292
.nemflirt.dk/ Name: __cfduid
Value: d3ddb81b505ed342b62ea0dd597c645bd1610146135

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vfgtg.com
bam-cell.nr-data.net
ckstatic.com
dlvr.xcash.com
js-agent.newrelic.com
pic.hiltonheadbreakfast.com
s.aslnk.link
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
t.hrtyi.com
t49.nemflirt.dk
trk.nemflirt.dk
www.google-analytics.com
104.27.180.112
128.0.45.252
151.101.14.110
151.139.237.33
162.247.243.147
18.195.149.11
205.185.216.10
2a00:1450:4001:814::200e
3.213.249.202
50.31.5.196
65.9.7.28
0a4d3ba79d0dac0d8b7b4f2571e5f10b6accbac2e29f6cd792483bf2984196e2
11cc7e35f2660f25bbafda2f592c042db4407312764511d0bb9e104eda6f0416
15c670d38e8f4583cd5e4bd50023c75c15eecb4ec214e36ccdf1082ee4ba668f
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
545bf67a3e2d631e633d3583f713bbc22d439555ae303c91f2b1ca0dda5443a4
565eb53dab9961bc6d8b78fcd23ba799254aabd7658f21bf385e84675e46fb51
584fe4084789f308d4adf54b2a54cc573e83b5f79f6f7aa091366c85e373d4bb
68cd292e71615868206f1b82d1c66371af3751059b42e5b04710a2473d991737
6a1226f7d6115958aee4287cdcc5804c0cbee3549a1f8747059ded2e3b322304
71cf6c7325ccf362ee194fa09a455c18ef7f1ed54234854593521e26190f3dff
765369727cf328c3ec2ce6550ec26280829e15e7025fac9293edd945e224f9ec
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
78e0865aee5850573783572bd24943f7ab59de41820d225617c5327fae581bd1
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b69879f563398c00e2a3accbd37c4192f5f601d12f1d04b20b787bc8ddbb3362
e02cdaa490caecb3bb5303b6e28acdb8a08d4f866ec1eb932a2d2c81bc95ebe9
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b