urlscan.io logo urlscan.io
SecurityTrails logo

www.nettesabenteuer.com Open in urlscan Pro
34.78.85.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://yotube.com/
Effective URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Submission: On November 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 14 domains to perform 33 HTTP transactions. The main IP is 34.78.85.215, located in United States and belongs to GOOGLE, US. The main domain is www.nettesabenteuer.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 10th 2020. Valid for: 3 months.
This is the only time www.nettesabenteuer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 192.187.111.219 33387 (NOCIX)
1 2 209.15.13.136 13768 (COGECO-PEER1)
1 2 198.54.112.216 22612 (NAMECHEAP...)
2 18.194.134.212 16509 (AMAZON-02)
1 1 52.207.115.127 14618 (AMAZON-AES)
1 1 34.205.83.125 14618 (AMAZON-AES)
8 34.78.85.215 15169 (GOOGLE)
10 35.195.163.35 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.227.221.175 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 12
2    192.187.111.219 (Kansas City, United States)

ASN33387 (NOCIX, US)
PTR: arf.qwiqo.live
yotube.com
2    209.15.13.136 (Canada)

ASN13768 (COGECO-PEER1, CA)
dprtb.com
2    198.54.112.216 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
6491.wcitianka.com
2    18.194.134.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-134-212.eu-central-1.compute.amazonaws.com
wrison-subustall.com
1    52.207.115.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-115-127.compute-1.amazonaws.com
tracksfaster.com
1    34.205.83.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-83-125.compute-1.amazonaws.com
tracktopspeed.com
8    34.78.85.215 (United States)

ASN15169 (GOOGLE, US)
PTR: 215.85.78.34.bc.googleusercontent.com
www.nettesabenteuer.com
10    35.195.163.35 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 35.163.195.35.bc.googleusercontent.com
einwilligungrecueillir.com
api.einwilligungrecueillir.com
3    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    35.227.221.175 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com
static.dating
1    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
europe-west2-harlem-next.cloudfunctions.net
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
8 api.einwilligungrecueillir.com einwilligungrecueillir.com
8 www.nettesabenteuer.com www.nettesabenteuer.com
3 www.google-analytics.com www.nettesabenteuer.com
www.google-analytics.com
2 stats.g.doubleclick.net www.google-analytics.com
2 static.dating www.nettesabenteuer.com
2 einwilligungrecueillir.com www.nettesabenteuer.com
einwilligungrecueillir.com
2 wrison-subustall.com 6491.wcitianka.com
2 6491.wcitianka.com 1 redirects
2 dprtb.com 1 redirects yotube.com
2 yotube.com 1 redirects
1 www.google.de www.nettesabenteuer.com
1 www.google.com www.nettesabenteuer.com
1 europe-west2-harlem-next.cloudfunctions.net www.nettesabenteuer.com
1 tracktopspeed.com 1 redirects
1 tracksfaster.com 1 redirects
33 15

This site contains no links.

Subject Issuer Validity Valid
wrison-subustall.com
Let's Encrypt Authority X3		 2020-10-12 -
2021-01-10		 3 months crt.sh
nettesabenteuer.com
Let's Encrypt Authority X3		 2020-10-10 -
2021-01-08		 3 months crt.sh
einwilligungrecueillir.com
Let's Encrypt Authority X3		 2020-11-26 -
2021-02-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
static.dating
Let's Encrypt Authority X3		 2020-11-03 -
2021-02-01		 3 months crt.sh
misc.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Frame ID: 2C3C56E46B508F15BC51BA9CB45AF75E
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://yotube.com/ Page URL
  2. http://yotube.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYwNjU... HTTP 302
    http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR... Page URL
  3. http://dprtb.com/Redirect/ HTTP 302
    http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/... Page URL
  4. http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/... HTTP 302
    https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.c... Page URL
  5. https://wrison-subustall.com/redirect?target=BASE64aHR0cHM6Ly90cmFja3NmYXN0ZXIuY29tLz9hPTE2MTQmYz03ODEyMy... Page URL
  6. https://tracksfaster.com/?a=1614&c=78123&s2=wpl7t8l3jetk6pl3ihff85f2&s5=VLS-wpl7t8l3jetk6pl3ihff85f2&... HTTP 302
    https://tracktopspeed.com/?a=1614&c=78123&s2=wpl7t8l3jetk6pl3ihff85f2&s5=VLS-wpl7t8l3jetk6pl3ihff85f2&... HTTP 302
    https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

33
Requests

91 %
HTTPS

36 %
IPv6

14
Domains

15
Subdomains

12
IPs

5
Countries

568 kB
Transfer

898 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://yotube.com/ Page URL
  2. http://yotube.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYwNjUwNzEzMSwiaWF0IjoxNjA2NDk5OTMxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycDVtdWI4YnQ1bW44cmM2ZjQwOWhzc2YiLCJuYmYiOjE2MDY0OTk5MzEsInRzIjoxNjA2NDk5OTMxMzUxNzAzfQ.bef-b4v-5imSCSCnkpM-EPyq39FPmZOuY_WLMS_AB7Y&sid=34e5799c-30da-11eb-af0f-c031d63070a6 HTTP 302
    http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR1k2Z0ZqMWpTNDMyREl3T3l6Y0ZZcy1reUFVNUtjUERYdXN2X29yWjZPalducHFLU0Z6TnFTMUhIbXRXclQ1MFMxdURfd1MxdjRnZ3hxRm9RU2cyYTFaNkhHQ0pySExFOHJ4SWhnMg2&id=fda2d08e-a8b9-43ac-9e95-adeaab4a940b Page URL
  3. http://dprtb.com/Redirect/ HTTP 302
    http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed Page URL
  4. http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20= HTTP 302
    https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.com&category=&S1=3791&keyword=&sid=2052029&cid=47879&aff_id=1614&flow_id={flow_id}&cpv=0.001&clickid=1606499934.09-2052029-47879 Page URL
  5. https://wrison-subustall.com/redirect?target=BASE64aHR0cHM6Ly90cmFja3NmYXN0ZXIuY29tLz9hPTE2MTQmYz03ODEyMyZzMj13cGw3dDhsM2pldGs2cGwzaWhmZjg1ZjImczU9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMiZzMz0lN0JmbG93X2lkJTdEJnMxPTM3OTEmczQ9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMg&ts=1606499934284&hash=KqSaIHiC27VnpbXFI6xRtVV1ul3LV5x1UlDaSYJlLN4&rm=D Page URL
  6. https://tracksfaster.com/?a=1614&c=78123&s2=wpl7t8l3jetk6pl3ihff85f2&s5=VLS-wpl7t8l3jetk6pl3ihff85f2&s3=%7Bflow_id%7D&s1=3791&s4=VLS-wpl7t8l3jetk6pl3ihff85f2 HTTP 302
    https://tracktopspeed.com/?a=1614&c=78123&s2=wpl7t8l3jetk6pl3ihff85f2&s5=VLS-wpl7t8l3jetk6pl3ihff85f2&s3=%7Bflow_id%7D&s1=3791&s4=VLS-wpl7t8l3jetk6pl3ihff85f2&ckmguid=e43e6177-098c-4137-abfa-feb07a2e7172 HTTP 302
    https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://yotube.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYwNjUwNzEzMSwiaWF0IjoxNjA2NDk5OTMxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycDVtdWI4YnQ1bW44cmM2ZjQwOWhzc2YiLCJuYmYiOjE2MDY0OTk5MzEsInRzIjoxNjA2NDk5OTMxMzUxNzAzfQ.bef-b4v-5imSCSCnkpM-EPyq39FPmZOuY_WLMS_AB7Y&sid=34e5799c-30da-11eb-af0f-c031d63070a6 HTTP 302
  • http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR1k2Z0ZqMWpTNDMyREl3T3l6Y0ZZcy1reUFVNUtjUERYdXN2X29yWjZPalducHFLU0Z6TnFTMUhIbXRXclQ1MFMxdURfd1MxdjRnZ3hxRm9RU2cyYTFaNkhHQ0pySExFOHJ4SWhnMg2&id=fda2d08e-a8b9-43ac-9e95-adeaab4a940b
Request Chain 2
  • http://dprtb.com/Redirect/ HTTP 302
  • http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed
Request Chain 3
  • http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20= HTTP 302
  • https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.com&category=&S1=3791&keyword=&sid=2052029&cid=47879&aff_id=1614&flow_id={flow_id}&cpv=0.001&clickid=1606499934.09-2052029-47879

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
yotube.com/ 		466 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
http://yotube.com/
Protocol
HTTP/1.1
Server
192.187.111.219 Kansas City, United States, ASN33387 (NOCIX, US),
Reverse DNS
arf.qwiqo.live
Software
nginx /
Resource Hash
24c2eadeb776d6c048e76181b67160943d7ec42db70ace4e4503586da984c08e

Request headers

Host
yotube.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
466
content-type
text/html; charset=utf-8
date
Fri, 27 Nov 2020 17:58:50 GMT
server
nginx
set-cookie
sid=34e5799c-30da-11eb-af0f-c031d63070a6; path=/; domain=.yotube.com; expires=Wed, 15 Dec 2088 21:12:58 GMT; max-age=2147483647; HttpOnly
Cookie set click
dprtb.com/
Redirect Chain
  • http://yotube.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYwNjUwNzEzMSwiaWF0IjoxNjA2NDk5OTMxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycDVtdWI4YnQ1bW44cmM2ZjQwOWhzc2YiLC...
  • http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR1k2Z0ZqMWpTNDMyREl3T3l6Y0ZZcy1reUFVNUtjUERYdXN2X29yWjZPalducHFLU0Z6TnFTMUhIbXRXclQ1MFMxdURfd1MxdjRnZ3hxR...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR1k2Z0ZqMWpTNDMyREl3T3l6Y0ZZcy1reUFVNUtjUERYdXN2X29yWjZPalducHFLU0Z6TnFTMUhIbXRXclQ1MFMxdURfd1MxdjRnZ3hxRm9RU2cyYTFaNkhHQ0pySExFOHJ4SWhnMg2&id=fda2d08e-a8b9-43ac-9e95-adeaab4a940b
Requested by
Host: yotube.com
URL: http://yotube.com/
Protocol
HTTP/1.1
Server
209.15.13.136 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
904b2b917a1216bc0fb5fdc25229f778e37a208e13077c3a744ee2ac0164996d

Request headers

Host
dprtb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://yotube.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://yotube.com/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Set-Cookie
HIdYYjXNhRqrvCk=HIdYYjXNhRqrvCk; path=/
X-Server
web02
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Fri, 27 Nov 2020 17:58:52 GMT
Content-Length
2122

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 27 Nov 2020 17:58:51 GMT
location
http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR1k2Z0ZqMWpTNDMyREl3T3l6Y0ZZcy1reUFVNUtjUERYdXN2X29yWjZPalducHFLU0Z6TnFTMUhIbXRXclQ1MFMxdURfd1MxdjRnZ3hxRm9RU2cyYTFaNkhHQ0pySExFOHJ4SWhnMg2&id=fda2d08e-a8b9-43ac-9e95-adeaab4a940b
server
nginx
set-cookie
sid=34e5799c-30da-11eb-af0f-c031d63070a6; path=/; domain=.yotube.com; expires=Wed, 15 Dec 2088 21:12:59 GMT; max-age=2147483647; HttpOnly
feed
6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/
Redirect Chain
  • http://dprtb.com/Redirect/
  • http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed
416 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed
Protocol
HTTP/1.1
Server
198.54.112.216 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
4059da4bc68060ccdaa98fcf9b474905301fabe786089752d3eabb8505f1a142

Request headers

Host
6491.wcitianka.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR1k2Z0ZqMWpTNDMyREl3T3l6Y0ZZcy1reUFVNUtjUERYdXN2X29yWjZPalducHFLU0Z6TnFTMUhIbXRXclQ1MFMxdURfd1MxdjRnZ3hxRm9RU2cyYTFaNkhHQ0pySExFOHJ4SWhnMg2&id=fda2d08e-a8b9-43ac-9e95-adeaab4a940b
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://dprtb.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://dprtb.com/click?data=QjRQeENmYm10N0p0NUo4UkJ0UXBKMlpzZnlFU0NpU0tKbFFscGN0N29UbkJRUmdMR1k2Z0ZqMWpTNDMyREl3T3l6Y0ZZcy1reUFVNUtjUERYdXN2X29yWjZPalducHFLU0Z6TnFTMUhIbXRXclQ1MFMxdURfd1MxdjRnZ3hxRm9RU2cyYTFaNkhHQ0pySExFOHJ4SWhnMg2&id=fda2d08e-a8b9-43ac-9e95-adeaab4a940b

Response headers

Server
nginx/1.14.2
Date
Fri, 27 Nov 2020 17:58:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Content-Encoding
gzip

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web02
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Fri, 27 Nov 2020 17:58:52 GMT
Content-Length
248
Cookie set 8b0384b4-eb5f-42b7-9468-4177830d3930
wrison-subustall.com/
Redirect Chain
  • http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=
  • https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.com&category=&S1=3791&keyword=&sid=2052029&cid=47879&aff_id=1614&flow_id={flow_id}&cpv=0.001&...
548 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.com&category=&S1=3791&keyword=&sid=2052029&cid=47879&aff_id=1614&flow_id={flow_id}&cpv=0.001&clickid=1606499934.09-2052029-47879
Requested by
Host: 6491.wcitianka.com
URL: http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.134.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-134-212.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9cc9efad2659e9ee644c94ce8fbd3f49d9624c053f94560917ed8fbdbd9c4472

Request headers

Host
wrison-subustall.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://6491.wcitianka.com/match-6491/47879/2052029/1606499931/mf_ff83d4ae-11cd-47d5-83ad-f450182ab95e/YXBpeDAxLXlvdHViZS5jb20=/feed

Response headers

Server
nginx
Date
Fri, 27 Nov 2020 17:58:54 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
548
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
8b0384b4-eb5f-42b7-9468-4177830d3930-v4=8b0384b4-eb5f-42b7-9468-4177830d3930; Max-Age=86400; Expires=Sat, 28-Nov-2020 17:58:54 GMT; Domain=wrison-subustall.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=0jE61i2deYL7WBdi7fzVVHwhD%2BqigDPsRW4Es3qcGCBdz0mv9oTTc8JFfn%2FY%2Bfyo1Rc%2BSBq98GnqthXnDrzOaehbCqoJ5Yh1RZMQeSDm9QKmoQq2SGIwsCMVdDXMWkYwAWDeJ2ZFpJED0%2FmUpXRMGg%3D%3D; Max-Age=31536000; Expires=Sat, 27-Nov-2021 17:58:54 GMT; Domain=wrison-subustall.com; Path=/; Secure; HttpOnly;SameSite=None

Redirect headers

Server
nginx/1.14.2
Date
Fri, 27 Nov 2020 17:58:54 GMT
Transfer-Encoding
chunked
Connection
close
Location
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.com&category=&S1=3791&keyword=&sid=2052029&cid=47879&aff_id=1614&flow_id={flow_id}&cpv=0.001&clickid=1606499934.09-2052029-47879
redirect
wrison-subustall.com/ 		369 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wrison-subustall.com/redirect?target=BASE64aHR0cHM6Ly90cmFja3NmYXN0ZXIuY29tLz9hPTE2MTQmYz03ODEyMyZzMj13cGw3dDhsM2pldGs2cGwzaWhmZjg1ZjImczU9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMiZzMz0lN0JmbG93X2lkJTdEJnMxPTM3OTEmczQ9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMg&ts=1606499934284&hash=KqSaIHiC27VnpbXFI6xRtVV1ul3LV5x1UlDaSYJlLN4&rm=D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.134.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-134-212.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
42690d09fe89e3d0df5c8457e9d56c38df52226f28cbc12d29ab1302a7e4f61e

Request headers

Host
wrison-subustall.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.com&category=&S1=3791&keyword=&sid=2052029&cid=47879&aff_id=1614&flow_id={flow_id}&cpv=0.001&clickid=1606499934.09-2052029-47879
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8b0384b4-eb5f-42b7-9468-4177830d3930-v4=8b0384b4-eb5f-42b7-9468-4177830d3930; cc-v4=0jE61i2deYL7WBdi7fzVVHwhD%2BqigDPsRW4Es3qcGCBdz0mv9oTTc8JFfn%2FY%2Bfyo1Rc%2BSBq98GnqthXnDrzOaehbCqoJ5Yh1RZMQeSDm9QKmoQq2SGIwsCMVdDXMWkYwAWDeJ2ZFpJED0%2FmUpXRMGg%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix01-yotube.com&category=&S1=3791&keyword=&sid=2052029&cid=47879&aff_id=1614&flow_id={flow_id}&cpv=0.001&clickid=1606499934.09-2052029-47879

Response headers

Server
nginx
Date
Fri, 27 Nov 2020 17:58:54 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
369
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Primary Request landing59
www.nettesabenteuer.com/
Redirect Chain
  • https://tracksfaster.com/?a=1614&c=78123&s2=wpl7t8l3jetk6pl3ihff85f2&s5=VLS-wpl7t8l3jetk6pl3ihff85f2&s3=%7Bflow_id%7D&s1=3791&s4=VLS-wpl7t8l3jetk6pl3ihff85f2
  • https://tracktopspeed.com/?a=1614&c=78123&s2=wpl7t8l3jetk6pl3ihff85f2&s5=VLS-wpl7t8l3jetk6pl3ihff85f2&s3=%7Bflow_id%7D&s1=3791&s4=VLS-wpl7t8l3jetk6pl3ihff85f2&ckmguid=e43e6177-098c-4137-abfa-feb07a...
  • https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) / PHP/7.2.34
Resource Hash
7ca07c281480fd27e359cf22c05ef044a44ebe6e7eca09334cea88eff30f1939
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.nettesabenteuer.com
:scheme
https
:path
/landing59?pi=1614&pt1=3053761608
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://wrison-subustall.com/redirect?target=BASE64aHR0cHM6Ly90cmFja3NmYXN0ZXIuY29tLz9hPTE2MTQmYz03ODEyMyZzMj13cGw3dDhsM2pldGs2cGwzaWhmZjg1ZjImczU9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMiZzMz0lN0JmbG93X2lkJTdEJnMxPTM3OTEmczQ9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMg&ts=1606499934284&hash=KqSaIHiC27VnpbXFI6xRtVV1ul3LV5x1UlDaSYJlLN4&rm=D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wrison-subustall.com/redirect?target=BASE64aHR0cHM6Ly90cmFja3NmYXN0ZXIuY29tLz9hPTE2MTQmYz03ODEyMyZzMj13cGw3dDhsM2pldGs2cGwzaWhmZjg1ZjImczU9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMiZzMz0lN0JmbG93X2lkJTdEJnMxPTM3OTEmczQ9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMg&ts=1606499934284&hash=KqSaIHiC27VnpbXFI6xRtVV1ul3LV5x1UlDaSYJlLN4&rm=D

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Fri, 27 Nov 2020 17:58:55 GMT
content-type
text/html;charset=UTF-8
content-length
3267
x-powered-by
PHP/7.2.34
x-host
nettesabenteuer.com
content-encoding
gzip
x-cacheable
YES
cache-control
max-age=300
xkey
lander
vary
Accept-Encoding
x-varnish
90494022 60522742
age
0
x-cache
HIT
accept-ranges
bytes
via
1.1 varnish (Varnish/6.0), 1.1 google
alt-svc
clear
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff

Redirect headers

Cache-Control
private
Content-Length
185
Content-Type
text/html; charset=utf-8
Date
Fri, 27 Nov 2020 17:58:54 GMT
Location
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=UzIlg1dTCQzLEzUqxpgjcJ33VEBH7et4Km+etz+Ij0cB32ehapJzCA==; domain=.tracktopspeed.com; path=/; HttpOnly trk=UN0eQcnajx1VhGzeKfDyIZ33VEBH7et4Km+etz+Ij0cB32ehapJzCA==; domain=.tracktopspeed.com; expires=Thu, 27-Nov-2025 17:58:55 GMT; path=/; HttpOnly c22960=UzIlg1dTCQxMiEm0a37e6kuinX1109WGh3CMqwpKNYtg1UUw9ETqAg==; domain=.tracktopspeed.com; expires=Sun, 27-Dec-2020 17:58:55 GMT; path=/; HttpOnly
Connection
close
landing59.css
www.nettesabenteuer.com/landers/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nettesabenteuer.com/landers/css/landing59.css
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) / PHP/7.2.34
Resource Hash
cb69e7d1a73ed6e89327e382c2c4822a84c95d5f139dd7b1e119aa16e551155f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
HIT
x-host
nettesabenteuer.com
alt-svc
clear
content-length
2911
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=63072000;
x-varnish
90870959 89129166
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css;charset=UTF-8
pornhub.css
www.nettesabenteuer.com/landers/css/theme/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nettesabenteuer.com/landers/css/theme/pornhub.css
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) / PHP/7.2.34
Resource Hash
f373627880e4c746a2b6e9f7fee13637c3644b47d10edfb5968e826f22a62fba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
HIT
x-host
nettesabenteuer.com
alt-svc
clear
content-length
1749
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=63072000;
x-varnish
90490308 51285389
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css;charset=UTF-8
fontawesome-all.min.css
www.nettesabenteuer.com/landers/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nettesabenteuer.com/landers/css/fontawesome-all.min.css
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
clear
content-length
10650
last-modified
Fri, 27 Nov 2020 07:18:28 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fc0a844-c970"
strict-transport-security
max-age=63072000;
x-varnish
90741321 53674807
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css
loading.gif
www.nettesabenteuer.com/landers/images/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nettesabenteuer.com/landers/images/logos/loading.gif
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
clear
content-length
2892
last-modified
Fri, 27 Nov 2020 07:18:28 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5fc0a844-b4c"
strict-transport-security
max-age=63072000;
x-varnish
90870961 89588542
cache-control
max-age=300
accept-ranges
bytes
content-type
image/gif
vendor.js
www.nettesabenteuer.com/landers/js/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nettesabenteuer.com/landers/js/vendor.js
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a11b4e11bfcfc60c073e78425d00f2ccd53400586ff4702b0780dfa40818f1d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
clear
content-length
43540
last-modified
Fri, 27 Nov 2020 07:18:34 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fc0a84a-1e2ae"
strict-transport-security
max-age=63072000;
x-varnish
90523562 89587826
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript
cc.js
einwilligungrecueillir.com/ 		117 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://einwilligungrecueillir.com/cc.js?wId=2fJivRC1rhH9E9dzgfL9vV&domain=nettesabenteuer.com&languageCode=de&languageTerritory=CH&sessionId=5c8aed919982408e93295241d9d40f76
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
301aeb6abaf46ba0dc34b7637f239af791a223e5c4c7b2e4fc614e46c91a680e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/javascript
vary
Accept-Encoding
content-length
14066
landing59.js
www.nettesabenteuer.com/landers/js/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nettesabenteuer.com/landers/js/landing59.js
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6b7c27771999c9243f075170a10d85aedf4ce0e845bc123c5e2a411927075235
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
clear
content-length
13107
last-modified
Fri, 27 Nov 2020 07:18:34 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fc0a84a-ba28"
strict-transport-security
max-age=63072000;
x-varnish
91250571 87425487
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landers/js/landing59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
544
date
Fri, 27 Nov 2020 17:49:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 27 Nov 2020 19:49:51 GMT
de-ch2.json
static.dating/lander/translations/ 		133 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dating/lander/translations/de-ch2.json
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.221.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.221.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2a90a43a98e25fb13d52a5ad84045928d07e1786014b48ef06a07b050b4fa86

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:36:09 GMT
age
1366
x-guploader-uploadid
ABg5-UwSRMF0DQoSeWXdvj-bhc1qEFcUNP79jzNlW3h2Y2oFa6bQkufMv5t1ggRi1HNd4lB30CpTSTEXnkh85yJJVsSKfDSwgQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
136306
last-modified
Wed, 25 Nov 2020 14:57:40 GMT
server
UploadServer
etag
"28d34138f1ab0fcb37673cb09824e115"
x-goog-hash
crc32c=sNKniQ==, md5=KNNBOPGrD8s3ZzywmCThFQ==
x-goog-generation
1606316260937920
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
136306
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 27 Nov 2020 18:36:09 GMT
collect
www.google-analytics.com/j/ 		4 B
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1113043503&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nettesabenteuer.com%2Flanding59%3Fpi%3D1614%26pt1%3D3053761608&dr=https%3A%2F%2Fwrison-subustall.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly90cmFja3NmYXN0ZXIuY29tLz9hPTE2MTQmYz03ODEyMyZzMj13cGw3dDhsM2pldGs2cGwzaWhmZjg1ZjImczU9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMiZzMz0lN0JmbG93X2lkJTdEJnMxPTM3OTEmczQ9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMg%26ts%3D1606499934284%26hash%3DKqSaIHiC27VnpbXFI6xRtVV1ul3LV5x1UlDaSYJlLN4%26rm%3DD&ul=en-us&de=UTF-8&dt=nettesabenteuer.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABEAAAAC~&jid=44145021&gjid=1378113573&cid=622943738.1606499936&tid=UA-132064855-2&_gid=1890868459.1606499936&_r=1&_slc=1&z=1225849747
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nettesabenteuer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1113043503&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nettesabenteuer.com%2Flanding59%3Fpi%3D1614%26pt1%3D3053761608&dr=https%3A%2F%2Fwrison-subustall.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly90cmFja3NmYXN0ZXIuY29tLz9hPTE2MTQmYz03ODEyMyZzMj13cGw3dDhsM2pldGs2cGwzaWhmZjg1ZjImczU9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMiZzMz0lN0JmbG93X2lkJTdEJnMxPTM3OTEmczQ9VkxTLXdwbDd0OGwzamV0azZwbDNpaGZmODVmMg%26ts%3D1606499934284%26hash%3DKqSaIHiC27VnpbXFI6xRtVV1ul3LV5x1UlDaSYJlLN4%26rm%3DD&ul=en-us&de=UTF-8&dt=nettesabenteuer.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=695457629&gjid=562615180&cid=622943738.1606499936&tid=UA-132064855-5&_gid=1890868459.1606499936&_r=1&_slc=1&z=1467887427
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nettesabenteuer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
geolocation
europe-west2-harlem-next.cloudfunctions.net/ 		131 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://europe-west2-harlem-next.cloudfunctions.net/geolocation
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e284c1d7635b612aae5e2d414582cb77f84ba7c08722bba0e13c80d92b730fea

Request headers

Accept
*/*
Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:56 GMT
content-encoding
gzip
server
Google Frontend
x-powered-by
Express
etag
W/"83-a8MWoxwXIBifeBkSoPzp/JNBN5Y"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nettesabenteuer.com
x-cloud-trace-context
55f713919bfaa35f5f84e9c2d94ade08
cache-control
private
function-execution-id
yv9vxmku7ly1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
set09_01.jpg
www.nettesabenteuer.com/landers/images/sets/default/default/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nettesabenteuer.com/landers/images/sets/default/default/set09_01.jpg?geo=ch
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.78.85.215 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.85.78.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d59540e7a6221c0a3d4f80aba24458a7c604e8b8cc6d168206d0719831d35023
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:55 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
clear
content-length
176171
last-modified
Fri, 27 Nov 2020 07:18:29 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5fc0a845-2b02b"
strict-transport-security
max-age=63072000;
x-varnish
91271751 89161930
cache-control
max-age=300
accept-ranges
bytes
content-type
image/jpeg
collect
stats.g.doubleclick.net/j/ 		4 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-132064855-5&cid=622943738.1606499936&jid=695457629&gjid=562615180&_gid=1890868459.1606499936&_u=KEDAAEABEAAAAC~&z=867217782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 27 Nov 2020 17:58:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.nettesabenteuer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-132064855-2&cid=622943738.1606499936&jid=44145021&gjid=1378113573&_gid=1890868459.1606499936&_u=KEBAAEAAEAAAAC~&z=1240244530
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 27 Nov 2020 17:58:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.nettesabenteuer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-132064855-5&cid=622943738.1606499936&jid=695457629&_u=KEDAAEABEAAAAC~&z=171098672
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 17:58:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-132064855-5&cid=622943738.1606499936&jid=695457629&_u=KEDAAEABEAAAAC~&z=171098672
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 17:58:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collector
api.einwilligungrecueillir.com/consent/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/collector
Protocol
H2
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nettesabenteuer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Fri, 27 Nov 2020 17:58:56 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
cc.css
einwilligungrecueillir.com/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://einwilligungrecueillir.com/cc.css
Requested by
Host: einwilligungrecueillir.com
URL: https://einwilligungrecueillir.com/cc.js?wId=2fJivRC1rhH9E9dzgfL9vV&domain=nettesabenteuer.com&languageCode=de&languageTerritory=CH&sessionId=5c8aed919982408e93295241d9d40f76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Oct 2020 08:07:25 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6073-5b1b123761e40-gzip"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
3892
collector
api.einwilligungrecueillir.com/consent/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/collector
Requested by
Host: einwilligungrecueillir.com
URL: https://einwilligungrecueillir.com/cc.js?wId=2fJivRC1rhH9E9dzgfL9vV&domain=nettesabenteuer.com&languageCode=de&languageTerritory=CH&sessionId=5c8aed919982408e93295241d9d40f76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7dd1bc81c516c3c646fe2344c9e3eca21303200eae9c859f1064b9699c007166
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Nov 2020 17:58:56 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
content-length
4103
de-ch2.json
static.dating/lander/translations/ 		133 KB
133 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dating/lander/translations/de-ch2.json
Requested by
Host: www.nettesabenteuer.com
URL: https://www.nettesabenteuer.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.221.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.221.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2a90a43a98e25fb13d52a5ad84045928d07e1786014b48ef06a07b050b4fa86

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 17:36:09 GMT
age
1367
x-guploader-uploadid
ABg5-UwSRMF0DQoSeWXdvj-bhc1qEFcUNP79jzNlW3h2Y2oFa6bQkufMv5t1ggRi1HNd4lB30CpTSTEXnkh85yJJVsSKfDSwgQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
136306
last-modified
Wed, 25 Nov 2020 14:57:40 GMT
server
UploadServer
etag
"28d34138f1ab0fcb37673cb09824e115"
x-goog-hash
crc32c=sNKniQ==, md5=KNNBOPGrD8s3ZzywmCThFQ==
x-goog-generation
1606316260937920
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
136306
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 27 Nov 2020 18:36:09 GMT
loadSegment
api.einwilligungrecueillir.com/consent/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/loadSegment
Protocol
H2
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nettesabenteuer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Fri, 27 Nov 2020 17:58:56 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.einwilligungrecueillir.com/consent/ 		345 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/loadSegment
Requested by
Host: einwilligungrecueillir.com
URL: https://einwilligungrecueillir.com/cc.js?wId=2fJivRC1rhH9E9dzgfL9vV&domain=nettesabenteuer.com&languageCode=de&languageTerritory=CH&sessionId=5c8aed919982408e93295241d9d40f76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
28aa785b4a846b691f23d212657365dbec4cad9f4f2fa4999168cfe0b5965a88
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Nov 2020 17:58:56 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
content-length
345
loadSegment
api.einwilligungrecueillir.com/consent/ 		406 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/loadSegment
Requested by
Host: einwilligungrecueillir.com
URL: https://einwilligungrecueillir.com/cc.js?wId=2fJivRC1rhH9E9dzgfL9vV&domain=nettesabenteuer.com&languageCode=de&languageTerritory=CH&sessionId=5c8aed919982408e93295241d9d40f76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
371377d7a0bb734d0cfe20c913a0e02f552f6021be538b68ebcdb264c8d47888
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Nov 2020 17:58:56 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
content-length
406
loadSegment
api.einwilligungrecueillir.com/consent/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/loadSegment
Protocol
H2
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nettesabenteuer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Fri, 27 Nov 2020 17:58:56 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
confirmExplicit
api.einwilligungrecueillir.com/consent/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/confirmExplicit
Protocol
H2
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nettesabenteuer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Fri, 27 Nov 2020 17:58:56 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
confirmExplicit
api.einwilligungrecueillir.com/consent/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.einwilligungrecueillir.com/consent/confirmExplicit
Requested by
Host: einwilligungrecueillir.com
URL: https://einwilligungrecueillir.com/cc.js?wId=2fJivRC1rhH9E9dzgfL9vV&domain=nettesabenteuer.com&languageCode=de&languageTerritory=CH&sessionId=5c8aed919982408e93295241d9d40f76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nettesabenteuer.com/landing59?pi=1614&pt1=3053761608
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Nov 2020 17:58:56 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.nettesabenteuer.com
access-control-allow-credentials
true
content-length
0

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| bootstrap object| Lander function| $ function| jQuery function| url object| setRegister object| isMobile object| getUrl string| GoogleAnalyticsObject function| ga object| setInit object| setApi object| geoDataService object| setImage object| setAgeSearch object| setBirthDate object| setCity object| setConditions object| setEmail object| setGender object| setLength object| setPassword object| setRegion object| setUsername function| startLander object| google_tag_data object| gaplugins object| CollectConsent object| gaGlobal object| gaData object| dataLayer

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6491.wcitianka.com
api.einwilligungrecueillir.com
dprtb.com
einwilligungrecueillir.com
europe-west2-harlem-next.cloudfunctions.net
static.dating
stats.g.doubleclick.net
tracksfaster.com
tracktopspeed.com
wrison-subustall.com
www.google-analytics.com
www.google.com
www.google.de
www.nettesabenteuer.com
yotube.com
18.194.134.212
192.187.111.219
198.54.112.216
2001:4860:4802:36::36
209.15.13.136
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9d
34.205.83.125
34.78.85.215
35.195.163.35
35.227.221.175
52.207.115.127
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
24c2eadeb776d6c048e76181b67160943d7ec42db70ace4e4503586da984c08e
28aa785b4a846b691f23d212657365dbec4cad9f4f2fa4999168cfe0b5965a88
301aeb6abaf46ba0dc34b7637f239af791a223e5c4c7b2e4fc614e46c91a680e
371377d7a0bb734d0cfe20c913a0e02f552f6021be538b68ebcdb264c8d47888
4059da4bc68060ccdaa98fcf9b474905301fabe786089752d3eabb8505f1a142
42690d09fe89e3d0df5c8457e9d56c38df52226f28cbc12d29ab1302a7e4f61e
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
6b7c27771999c9243f075170a10d85aedf4ce0e845bc123c5e2a411927075235
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ca07c281480fd27e359cf22c05ef044a44ebe6e7eca09334cea88eff30f1939
7dd1bc81c516c3c646fe2344c9e3eca21303200eae9c859f1064b9699c007166
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
904b2b917a1216bc0fb5fdc25229f778e37a208e13077c3a744ee2ac0164996d
9cc9efad2659e9ee644c94ce8fbd3f49d9624c053f94560917ed8fbdbd9c4472
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a11b4e11bfcfc60c073e78425d00f2ccd53400586ff4702b0780dfa40818f1d6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
cb69e7d1a73ed6e89327e382c2c4822a84c95d5f139dd7b1e119aa16e551155f
d59540e7a6221c0a3d4f80aba24458a7c604e8b8cc6d168206d0719831d35023
e284c1d7635b612aae5e2d414582cb77f84ba7c08722bba0e13c80d92b730fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a90a43a98e25fb13d52a5ad84045928d07e1786014b48ef06a07b050b4fa86
f373627880e4c746a2b6e9f7fee13637c3644b47d10edfb5968e826f22a62fba