urlscan.io logo urlscan.io
SecurityTrails logo

jetzt-treffen.com Open in urlscan Pro
172.66.41.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/adeptdagger/adeptdagger.html#02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s
Effective URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Submission: On March 26 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 172.66.41.43, located in United States and belongs to CLOUDFLARENET, US. The main domain is jetzt-treffen.com.
TLS certificate: Issued by E1 on February 9th 2024. Valid for: 3 months.
This is the only time jetzt-treffen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 45.88.223.246 51167 (CONTABO)
2 2 34.76.98.215 396982 (GOOGLE-CL...)
1 1 34.78.223.0 396982 (GOOGLE-CL...)
1 1 34.111.194.218 396982 (GOOGLE-CL...)
1 1 34.96.83.190 396982 (GOOGLE-CL...)
5 172.66.41.43 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
21 2606:4700:310... 13335 (CLOUDFLAR...)
1 13.32.99.118 16509 (AMAZON-02)
29 5
1    2a00:1450:4001:829::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    45.88.223.246 (Los Angeles, United States)

ASN51167 (CONTABO, DE)
PTR: query.rfihub.com
adeptdagger.com
2    34.76.98.215 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.98.76.34.bc.googleusercontent.com
paradingeffort.com
1    34.78.223.0 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 0.223.78.34.bc.googleusercontent.com
route-path.com
1    34.111.194.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.194.111.34.bc.googleusercontent.com
www.trckoja.com
1    34.96.83.190 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 190.83.96.34.bc.googleusercontent.com
www.trckams.com
5    172.66.41.43 (United States)

ASN13335 (CLOUDFLARENET, US)
jetzt-treffen.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    2606:4700:3108::ac42:2bc6 (United States)

ASN13335 (CLOUDFLARENET, US)
g3tfiles.com
1    13.32.99.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-118.fra60.r.cloudfront.net
openfpcdn.io
Apex Domain
Subdomains		 Transfer
21 g3tfiles.com
g3tfiles.com
3 MB
5 jetzt-treffen.com
jetzt-treffen.com
23 KB
2 paradingeffort.com
paradingeffort.com
869 B
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 668
fonts.googleapis.com — Cisco Umbrella Rank: 112
2 KB
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 21759
5 KB
1 trckams.com
www.trckams.com
500 B
1 trckoja.com
www.trckoja.com
492 B
1 route-path.com
route-path.com
739 B
1 adeptdagger.com
adeptdagger.com
291 B
29 9
Domain Requested by
21 g3tfiles.com jetzt-treffen.com
g3tfiles.com
5 jetzt-treffen.com storage.googleapis.com
jetzt-treffen.com
2 paradingeffort.com 2 redirects
1 openfpcdn.io g3tfiles.com
1 fonts.googleapis.com jetzt-treffen.com
1 www.trckams.com 1 redirects
1 www.trckoja.com 1 redirects
1 route-path.com 1 redirects
1 adeptdagger.com 1 redirects
1 storage.googleapis.com
29 10

This site contains links to these domains. Also see Links.

Domain
api.flirtonlinesignon.com
Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
jetzt-treffen.com
E1		 2024-02-09 -
2024-05-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
g3tfiles.com
Cloudflare Inc ECC CA-3		 2024-02-21 -
2024-12-31		 10 months crt.sh
openfpcdn.io
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Frame ID: ABF44BBA71525BD5FFE279EB530D26B5
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sollen wir uns treffen?

Page URL History Show full URLs

  1. https://storage.googleapis.com/adeptdagger/adeptdagger.html Page URL
  2. http://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s HTTP 307
    https://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s HTTP 307
    http://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s HTTP 302
    https://paradingeffort.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&... HTTP 302
    https://paradingeffort.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&... HTTP 302
    https://route-path.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&... HTTP 302
    https://www.trckoja.com/26DKNJF/2KLS3CF/?sub1=4288&sub2=360928291&rotate_uid=1 HTTP 302
    https://www.trckams.com/6SLPJTGF/2DGPX1F8/?uid=10188&sub2=357baa6a1a2647d1b3adc346a4fbe2fe&sub3=736&... HTTP 302
    https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a17... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

5
IPs

3
Countries

2981 kB
Transfer

3202 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/adeptdagger/adeptdagger.html Page URL
  2. http://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s HTTP 307
    https://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s HTTP 307
    http://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s HTTP 302
    https://paradingeffort.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&s3=753315715_81-95-5-38 HTTP 302
    https://paradingeffort.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&s3=753315715_81-95-5-38&ch-redir=1&ckmxid=co1gb7260001jv2ddfh0 HTTP 302
    https://route-path.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&s3=753315715_81-95-5-38&ch-redir=1&ckmxid=co1gb7260001jv2ddfh0&ckmguid=78ca95f3-37d5-4a7c-9302-4d7ad354c59b HTTP 302
    https://www.trckoja.com/26DKNJF/2KLS3CF/?sub1=4288&sub2=360928291&rotate_uid=1 HTTP 302
    https://www.trckams.com/6SLPJTGF/2DGPX1F8/?uid=10188&sub2=357baa6a1a2647d1b3adc346a4fbe2fe&sub3=736&sub4=4288 HTTP 302
    https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
adeptdagger.html
storage.googleapis.com/adeptdagger/ 		629 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adeptdagger/adeptdagger.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
629
content-type
text/html
date
Tue, 26 Mar 2024 17:27:56 GMT
etag
"077fd62e098b38c7ac64cb50d6f8772d"
expires
Tue, 26 Mar 2024 18:27:56 GMT
last-modified
Tue, 13 Sep 2022 15:53:25 GMT
server
UploadServer
x-goog-generation
1663084405434236
x-goog-hash
crc32c=YQhkxA== md5=B3/WLgmLOMesZMtQ1vh3LQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
629
x-guploader-uploadid
ABPtcPqZ4rVwNAW8gkqQXow0hycI413HJFUKj5-9ahfglHZtD2fwqY3k1GAVztip4QBeq2kiguoC6lTg4Q
Primary Request landing4
jetzt-treffen.com/
Redirect Chain
  • http://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s
  • https://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s
  • http://adeptdagger.com/02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s
  • https://paradingeffort.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&s3=753315715_81-95-5-38
  • https://paradingeffort.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&s3=753315715_81-95-5-38&ch-redir=1&ckmxid=co1gb7260001jv2ddfh0
  • https://route-path.com/?a=4288&oc=20523&c=55162&m=3&s1=2_220726_2845919&s2=2312_3285475_4801087_62&s3=753315715_81-95-5-38&ch-redir=1&ckmxid=co1gb7260001jv2ddfh0&ckmguid=78ca95f3-37d5-4a7c-9302-4d7...
  • https://www.trckoja.com/26DKNJF/2KLS3CF/?sub1=4288&sub2=360928291&rotate_uid=1
  • https://www.trckams.com/6SLPJTGF/2DGPX1F8/?uid=10188&sub2=357baa6a1a2647d1b3adc346a4fbe2fe&sub3=736&sub4=4288
  • https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/adeptdagger/adeptdagger.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4688618d8c5c8eebccd6f3512408582c16f3fb8a2bb6571938c4c9c3ae360259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://storage.googleapis.com/adeptdagger/adeptdagger.html#02pvE.HSjSNcByPDKIWhMVjVjMCJOQ?dZc8gGcc2ydpczq4pcdcR3dncFk7Bd8CKcbbb4s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86a8dab8bc613a68-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 26 Mar 2024 17:27:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNhGb1AsVbum7H1srrhD6Z0Pv12bvS1wgMO3aUq4rtxyzrOAyZCQDQpjQmvH1Z4i7%2F8bUT2QqRZ9iwN8NyrkYxHlC9cf1t3m0YdzRGMXZzUbgIdQAz%2FS%2FT4JlpEmL9wQnQUc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171
content-type
text/html; charset=utf-8
date
Tue, 26 Mar 2024 17:27:57 GMT
location
https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
8dc1491f-512a-4e2a-ab67-2651a1559534
css2
fonts.googleapis.com/ 		2 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@600;700&display=swap
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a75334e75c9a322a3bb16ec87b29a0a9d415f67f02e5486e293d0bbc6974014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 16:56:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Mar 2024 17:27:57 GMT
lp-4.16e2f4ac90d990d94713.css
g3tfiles.com/lander/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g3tfiles.com/lander/css/lp-4.16e2f4ac90d990d94713.css
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daafc1d30f190517183536b78fb727e474705bdbe720ea65c07a0a09e3f8f5ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1796
cf-polished
origSize=14724
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 13:35:01 GMT
server
cloudflare
etag
W/"3ebe25ef48a3e0a09e4d8d9cda11e1a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sf8Lq9zvalePsg%2FT0VdGmidGzxFeek9elzJU8gUEEkI0v74%2FrbN5sxuEiRsLPSbmO4W5cbuGRCPNj7uLbbqxRLrFuLGhgbAZImuYUY4LDSjZXu8UifNa3o3oK1g1dOAv8eoPjin71ksAJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
86a8dab95dcb6969-FRA
vendor.1b3d8e01e193c88a4f5f.js
g3tfiles.com/assets/js/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g3tfiles.com/assets/js/vendor.1b3d8e01e193c88a4f5f.js
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d2af5b5fee6ee9f861b9b37729ab53988d03837c0d4fdb850b9c766ab8e251

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6405
cf-polished
origSize=113073
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 Oct 2023 00:13:04 GMT
server
cloudflare
etag
W/"1b3d8e01e193c88a4f5fad9449f4edb0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDbkuX5%2FTQ%2Bc6QJTeNp0iszNnejB2CA5nVPaRwDVx5XuzgJhYwI66cj4AYmgfAMORPQIfpTTTLa6LcuqnhDUeCCG%2FguBI4LWuQJSdA8DPzf2f5b1KJG5la%2ByjTJZIEwiyxtUKH4MaUh2kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
86a8dab97df66969-FRA
lp-4.16e2f4ac90d990d94713.js
g3tfiles.com/lander/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g3tfiles.com/lander/js/lp-4.16e2f4ac90d990d94713.js
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f31012c5a8010220daba1dd04d6a9da4dc2aa75915d97b55172507291db3e26

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 13:34:47 GMT
server
cloudflare
age
1796
etag
W/"1f6c41e221510d6e07ebd8f1f6a2b0e3"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUuXegJ5dqZlhDxUMTLAkk9AVD0M06PCexH6M4r3oga%2Fyl6r7YGSMOp6KPf5Y%2BHfBoOXVq6nWncKkb7l%2BSXHS9JcnmkFW%2FZsXLuEmBUTdmTWiCZlw34I948DnEipooRSvTQ3nAISKHTF%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
86a8dab97df76969-FRA
alt-svc
h3=":443"; ma=86400
google-logo.svg
g3tfiles.com/assets/img/ 		688 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/assets/img/google-logo.svg
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Mar 2023 18:16:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"686f8efa6e3e28e96d1c08399e8d353d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rJMlwMX8NCBEvVR1lsO615gwqs3coMzmrLIyzqU9a44%2FtyRUlQS%2FdV%2F53gcKqDZ51PiehBAGQtO6bAsZ1W7Syc5MxIhxTjqvUHNdvv7tRb1voS1t%2BOU8Opx7RF4UtuxQ4%2BB0MBP0rEueg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
86a8dab95dd36969-FRA
alt-svc
h3=":443"; ma=86400
scoring-service.505cb8fbefee37038976.js
g3tfiles.com/assets/js/ 		96 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g3tfiles.com/assets/js/scoring-service.505cb8fbefee37038976.js
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438e5bfb21fcf1e237ce7b8f599367a43f2c228d9688466fe49295f00a0be294

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6331
cf-polished
origSize=98190
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 29 Aug 2023 00:27:20 GMT
server
cloudflare
etag
W/"505cb8fbefee370389764ff6551a8918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2B7D3I3%2F7MLczw3lqXKvJQPVbFeBfVf60a9fXyALwQ6j9iNjGT%2FU2PixtgnRXsc4e26jnSkcLdwQsjo%2BDMXFZI%2BTjQ3CnaJy6opyg30%2BR2XmNJePGzCJkFrq3%2BlnBAksiJm5kT4x1UiNoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
86a8dab95dd16969-FRA
shapes.png
g3tfiles.com/assets/img/lp4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/assets/img/lp4/shapes.png
Requested by
Host: g3tfiles.com
URL: https://g3tfiles.com/lander/css/lp-4.16e2f4ac90d990d94713.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2a30602a4585765afc5119fb2cdf2868384c8703aadfdf00181465b8a8daa92

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://g3tfiles.com/lander/css/lp-4.16e2f4ac90d990d94713.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1796
cf-polished
origFmt=png, origSize=3247
content-disposition
inline; filename="shapes.webp"
alt-svc
h3=":443"; ma=86400
content-length
2934
cf-bgj
imgq:100,h2pri
last-modified
Fri, 24 Mar 2023 18:16:34 GMT
server
cloudflare
etag
"84c048d22afaba694df802630188542e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Q0eGb%2BLpKeIaeV7%2FWFtj%2FELzrY%2BINsyVTPZ2IL%2BwQp8KyyzrY507zPKfZtS5l3mgl7VlfFLnGx9FBH4%2BFq5NOBKCWYaXXYyQeixfnit4jT3KYGDFGIBwdjHELPaG5rCHFsmFszEOgtZ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8dab97df86969-FRA
normal.woff2
jetzt-treffen.com/cf-fonts/s/poppins/5.0.11/latin/600/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jetzt-treffen.com/cf-fonts/s/poppins/5.0.11/latin/600/normal.woff2
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Origin
https://jetzt-treffen.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5uBnCl3hKYQZmGx4fPRpnr9a4Mpay83CtRsVrlHX8F2hEbqTq0476kz2Usa%2BHBPgDF8XEQL%2B2YZdNYT%2B5DjwLiW9sPVI6TB79wNeotLNSkp1w5PlLFnIRwcXHgs8aeSni27"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
86a8dab9dd803a68-FRA
alt-svc
h3=":443"; ma=86400
content-length
8000
iife.min.js
openfpcdn.io/botd/v1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/botd/v1/iife.min.js
Requested by
Host: g3tfiles.com
URL: https://g3tfiles.com/assets/js/scoring-service.505cb8fbefee37038976.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-118.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
7e2b6be1b8b56a7de4a0f3c6ac56b03f2458f499047e293079961786616f438b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 26 Mar 2024 15:56:12 GMT
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
5505
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
CloudFront
etag
W/"NaZkd+EbhYUZBkJaGeXhunt88zg"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590595, s-maxage=11190
x-amz-cf-id
6stO-4wbReesEw09Dv5cirvUzMeH1ojI3NWxdBnhjyzoqObEDWACNQ==
de.json
g3tfiles.com/translations/ 		37 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g3tfiles.com/translations/de.json
Requested by
Host: g3tfiles.com
URL: https://g3tfiles.com/assets/js/vendor.1b3d8e01e193c88a4f5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2008e59942f21ad0f2fbe2f9556941762b66303280067cc260eb42e432a4ac67

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 16 Jun 2023 23:43:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9e0c8a978fe3fb5d02d8f048d789b745"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eKjv8nPG%2BZ0UizP78gujOeV5FmDyVvCnkIk1bMP3bxGVNz4N2ovUlNk62uMLzldTz18xQhbZaRGlr5dxSrGbPb4MWBRQPxUib1ZmH8WR0mj9BeTfmh49FxnWwESXLtjXPQdAhxNRzGzg%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
86a8daba4f2e9070-FRA
alt-svc
h3=":443"; ma=86400
content-de.json
g3tfiles.com/translations/ 		35 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g3tfiles.com/translations/content-de.json
Requested by
Host: g3tfiles.com
URL: https://g3tfiles.com/lander/js/lp-4.16e2f4ac90d990d94713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a627b77c369979f2fbd709bf9a4dd582589581cdea1ccc9e6f29bae56bd4acd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 10 Apr 2023 22:05:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1a9cb187f6a7be2c0b03cdd4d9265904"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7WZbmYhkL6y%2BJnHZs1iemmujfN6S1bGsVJU2u9gjNEgoj%2B5kLSxQR%2B74%2F8T6WsRHmgcbVW2k0bhOKp7J67jI%2Fs%2Bf9jkAkRjzGVaWovwsSZhaq3vC4nWNJ2ZDSGmGboqWFPOdsb%2BV4V60w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
86a8daba4f309070-FRA
alt-svc
h3=":443"; ma=86400
mails-de.json
g3tfiles.com/assets/json/ 		234 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g3tfiles.com/assets/json/mails-de.json
Requested by
Host: g3tfiles.com
URL: https://g3tfiles.com/lander/js/lp-4.16e2f4ac90d990d94713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0054d4c8eb8ea6aea01dc0e73449e191457a7681c75e6c7188bac4b9a56613

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 30 Mar 2023 18:09:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"188675b5e145f0d86fbbf4dd691e0fe8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzArDhspHp5cCuUoJzgYPRGWsSfoDj0J2Zwq9zooqIaT4pFbrNQxuBJfAJXYlUuuyiCy2daV9GX8bWWfecOMEs9r%2Bz%2BbAxmDhP6CP7goHuKgXeWMkDlYzWKHRuFGoMY14ZTSXYSiCeUVEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
86a8daba4f319070-FRA
alt-svc
h3=":443"; ma=86400
step1.png
g3tfiles.com/media/general/004/adult/granny/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step1.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112781a980106cddf8e7e083abf343c5b921d073e3581b998356fa1e917c115c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=266039
content-disposition
inline; filename="step1.webp"
alt-svc
h3=":443"; ma=86400
content-length
237624
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"4192313d49801f4598f28b69a448271c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2BraR8OiWwn7qLU9uktw3Ysm4YF9JqIEBh%2FHSkyHy9IxLM2sKL2Tk%2FyD7mESv%2FcUH4LjAP4F9SSsrUaNzjXEGDSh1qxUYYvxcMogbnvmZgaiuGHbFe5tTxZGwrKCDggnHGkX%2BKg%2BRRqZMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2eb26969-FRA
step2.png
g3tfiles.com/media/general/004/adult/granny/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step2.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020f456468f760099f1ca8e104d1ca675d54c338fde4e9b6eee2bec476e2b1d8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:58 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=206135
content-disposition
inline; filename="step2.webp"
alt-svc
h3=":443"; ma=86400
content-length
186394
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"ef17819ce2ed1f4e8e7cc5a0bd898c08"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCYwTlOIjJ6SQxl6HWxOkXOWrvx6xUE4jyd7pVb7bliyicDFw3BhnLlyTn2spFFUhki%2BuTJEClJtl6X14JSGh3AD5tji21GSBFXYnh%2BmV2Dd7DQpv3%2BfRmYl2dQNj%2FMQUvDfIggX%2BYF0VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2eb66969-FRA
step3.png
g3tfiles.com/media/general/004/adult/granny/ 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step3.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb37aaac8ae96d11a8e9a467b72db2f4a6ba00c335092e83b6fbf36b2853669c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=280610
content-disposition
inline; filename="step3.webp"
alt-svc
h3=":443"; ma=86400
content-length
256638
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"8b3f5d0bb825df2df2b5a939ef5d7bad"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2BOOnaOQQhb3UjyZrd5DJPHps%2Bm4PnmtM7qbKbAqMqaOagdE244GVOlYaFW6k2uLdaHxISXuiUlVG%2FACAJl8zjhdCnewEUGVZJtaSDCpo21ggjt84pJkrtg4mEf%2FcrCKg6sCJs4GzDglCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2eb96969-FRA
step4.png
g3tfiles.com/media/general/004/adult/granny/ 		243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step4.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b5beb14ca2f1707ba834b8427f2a2c57def72742ffd78b03ba4dbc2e928153

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=273259
content-disposition
inline; filename="step4.webp"
alt-svc
h3=":443"; ma=86400
content-length
249266
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"e18c73b43a8b6063ba1810aaba2fbe79"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zdj5uye5wX8zQW5udqQ99b4FB5cyEFmTnm%2F2y2kdFaWtKY9RAhJDkyhTmvz26FIpSObfoh6D%2F5ivbwk0jFFx82OTp3LlH3XEeM%2Bal%2BmCEOqGkdUysyQefqpslcFjpL%2FhGxbQcluOrYxFvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2eba6969-FRA
step5.png
g3tfiles.com/media/general/004/adult/granny/ 		231 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step5.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e1ee255d642dde2e7065ad47d40de8616def8d0b4c48c9242382e0deaabdf3e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=260290
content-disposition
inline; filename="step5.webp"
alt-svc
h3=":443"; ma=86400
content-length
236742
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"c73b7393613d7910abcd6c2c0549b243"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AzWjhFLlFUDeIRDvEeISylHNS%2F0gDNCvny1ATTBizZ3VqjkFrvdT1tQIQPfGzXD1jZDe8wPifpzyeKJVAI2zWpT%2Fs7woGhnyUBbecLDBhrj7l8W259V8golE3LvBsRi52YoiGTtVu1a4LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ebb6969-FRA
step6.png
g3tfiles.com/media/general/004/adult/granny/ 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step6.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af02747fec8f7a6b930286e7cd0d4f96da70a88ea0ee3eeb570791f3fe479cb0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=271910
content-disposition
inline; filename="step6.webp"
alt-svc
h3=":443"; ma=86400
content-length
249356
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:43 GMT
server
cloudflare
etag
"37401eb20908861615d071ce937a7c83"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIB0SAk3Qlf%2FeO%2Bghqw2ZF7KthNFxX7%2BGGoz3KCl4ddKY5puN1yopSauCPIXDc4PxDRylffUjvCRHx70shec%2FwMyBKbBtqjw%2B6bM7P1DqxNCe%2FWEM73hMBRekgqormNtoATlljz9L61OEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ebc6969-FRA
step7.png
g3tfiles.com/media/general/004/adult/granny/ 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step7.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e48cfa55bca21cc9a26d757441950d6fbc67985d65461b1c1a6d278a39a726

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=302684
content-disposition
inline; filename="step7.webp"
alt-svc
h3=":443"; ma=86400
content-length
274182
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:43 GMT
server
cloudflare
etag
"c962a64a92cf0313ab757cf66e074511"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvMvBSv885uSrWaZg%2FAdSMmdWPCC1WDqq9euRUBHhmgamsgv9gRfRw%2F9sbKWbaNare9Jv6dwp55Zwoaa12Dgq%2FWuOyQgkQQ8xGlNrhSMAM%2BuJW1x5S6WZIUGSFPH4%2F5arBqd7ZJh6KHssw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ebd6969-FRA
step8.png
g3tfiles.com/media/general/004/adult/granny/ 		222 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step8.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf2b78126dc747273bba87a5dbacb5d36c41cca133f4965285c13ee030aa5fa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=249422
content-disposition
inline; filename="step8.webp"
alt-svc
h3=":443"; ma=86400
content-length
227618
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:43 GMT
server
cloudflare
etag
"d2961b5c500029c43a9902543c762ce6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPcGPljgfVVO7TIQ%2BbPv21am2J5OAgHsnL7%2BCqkCkeDJViLBr6TKwnHQ%2BRU%2F1YxTTScCdyz2t%2BPuAKIFIk6mjzGjrVIB2AZpgCsc%2BcuIGfiOpRVFs1BLhaXLrBEa8dlRNq7biIIcfU2oUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ebf6969-FRA
step9.png
g3tfiles.com/media/general/004/adult/granny/ 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step9.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702d376866858d7f21bc8ab5e99e610e0ca4f76d7e6f6d6495b334a5e5fe29ea

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=254509
content-disposition
inline; filename="step9.webp"
alt-svc
h3=":443"; ma=86400
content-length
236112
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:43 GMT
server
cloudflare
etag
"b7b2ab30e2237da3014f8b9d71e21e13"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pa5HjIlVARwPTTWyXfmVY82CtXsnKpFwQxgiVCslM0wCYP1%2FWDpA8B54Bqt6kbH5m2bxP60vkmZABWFirc29AMVTItjlbZL8oLDVcwMam2XA4KiT3RKdeMrlfKAa9XL2W7qAUJOOJ5Ikyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ec06969-FRA
step10.png
g3tfiles.com/media/general/004/adult/granny/ 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step10.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34fe0c25dd6e7fa0046d9804090f25a0d691f9f1d49cf2a031a1c997759b315

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4232
cf-polished
origFmt=png, origSize=251396
content-disposition
inline; filename="step10.webp"
alt-svc
h3=":443"; ma=86400
content-length
232528
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"8b7225ed8eed8d4eaeccd8aa6feee426"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Q9c1NS6eqZ5B5BPDl3%2FZOwuOg%2FvD4ynTru083ubzMyxQKj7Cs%2FrOjr4y3U5ibTTPUGqvjYt7vfsJqwtZdXJJf5lcNO5zdDE0Lt5AY98UfV4wZ%2BwVARsK%2BGGb7DcLgyeFv5lRZxIYNr1Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ec26969-FRA
step11.png
g3tfiles.com/media/general/004/adult/granny/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step11.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1f6d3bc798157003c776c1813aa710239fdf239a5e417a2d8242fe633767b0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=266127
content-disposition
inline; filename="step11.webp"
alt-svc
h3=":443"; ma=86400
content-length
246152
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"c52d140f143b5f835b30e578d3e3f095"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gniFu09FNV7vbDqaacFcMSsfv7my7vSrKDW%2FtlVI%2BiokBkDhKhQdjsIkeduCajz4ckO7PJpwwMRX577ALev8ATVd2eEUwrHhWGnkCUwGqkGiQOXltDUY0P5GDgovfGOeaZmDXG2nBl3Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ec66969-FRA
step12.png
g3tfiles.com/media/general/004/adult/granny/ 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3tfiles.com/media/general/004/adult/granny/step12.png
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86bfacf225b0b39e93e8f7f144a9bda390de21055b17d0e60fac18ce973dc761

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=291119
content-disposition
inline; filename="step12.webp"
alt-svc
h3=":443"; ma=86400
content-length
270102
cf-bgj
imgq:100,h2pri
last-modified
Sun, 02 Apr 2023 12:27:42 GMT
server
cloudflare
etag
"53567834af2fa956e3a356f55438c751"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ax1WewIDkXQQj%2BcH9LY%2BRBeLQczvXKV3AsKFT2F%2BBrpB3VPk2614m6iSzq5GmLrojoPKjamVQb3i2PZpPATV7byYc99nxDcyy8RfJwj3J4IfBVxDwPzuYXJT05%2FEsl65Kpgn%2BhopluZcZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86a8daba2ec86969-FRA
normal.woff2
jetzt-treffen.com/cf-fonts/s/poppins/5.0.11/latin/700/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jetzt-treffen.com/cf-fonts/s/poppins/5.0.11/latin/700/normal.woff2
Requested by
Host: jetzt-treffen.com
URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Origin
https://jetzt-treffen.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7plOgM1cPTGDFsQk69%2Fw3ghGJvoJxo32SADWjdtiYeGJBXxQRaQovgWC%2B5HdKBbaFjNAtoe8rUB1S3Fq9RYtTPqf%2BM1gvanSGF2XPEaizAMdtD012QHdIjlCa84Tr9a9ur2t"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
86a8dabb0ed73a68-FRA
alt-svc
h3=":443"; ma=86400
content-length
7816
favicon.svg
jetzt-treffen.com/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://jetzt-treffen.com/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a499b2735c750cc44c6f190dda25fc0bddffe0b6cfd085ebad0edf6895e40a7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 13:56:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6889
etag
W/"657714f7-71f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUwBxqKN9i3NhP0Y1KmFwaVmlnSAmsCZoO5S7O1z8PLkkq%2Fgapa0TMGjfR8o04D0wyRUPC8O7B9j3YZbZgBKqqe5%2FX5hQ9YCxMiRkTbjp%2BjD4yZiRk%2BcWBWr7Dulip321tkT"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
86a8dabe7a193a68-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
jetzt-treffen.com/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://jetzt-treffen.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d98320f51eed58ccf3589bbd6810e8bc6c66c5f1bd17c1baa60a16ade2212f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:27:58 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
929
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 11 Dec 2023 13:56:07 GMT
server
cloudflare
etag
W/"657714f7-1cee"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXUPEidPISQnK7QTnlomNXmu9XRD4i5jlPx%2BqySH02NFcxOS61zcA1qWsoWbgQSFQEIgOs888cyNJ5ft024Q%2FM0e62uY5et4KBQ3WQBeAw6lObXyscph0CF3Hq%2B2Q50ZkN7Q"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
86a8dabeaa473a68-FRA

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| lpConfig object| Talon object| regeneratorRuntime object| BotDetectionService function| $ function| jQuery function| pluralRuleParser function| setMedia function| startLander function| emailSuggestion function| nextStep function| randomIntFromInterval object| BotD

8 Cookies

Domain/Path Name / Value
.route-path.com/ Name: sfd
Value: w9lA+g81k8tTs8ljSdE7rYGSJr6u6pUzrjCjJNny66CT7Q9qY6GCOg==
.route-path.com/ Name: tib
Value: taUJivLAUIkUbGHDtKGOMIGSJr6u6pUzrjCjJNny66CT7Q9qY6GCOg==
.route-path.com/ Name: c20471
Value: w9lA+g81k8vSnMR56O2s3zLL8Z6Ge729z9PBe4fad8ndn14YiHQYhw==
www.trckoja.com/ Name: uniqueClick_2KLS3CF
Value: 2edd2e9a-93a3-4907-9ce6-abe536f13535:1711474077
www.trckoja.com/ Name: transaction_id
Value: 357baa6a1a2647d1b3adc346a4fbe2fe
www.trckams.com/ Name: uniqueClick_2DGPX1F8
Value: 2c54cfd5-403f-4977-8381-8bf303aa8d8c:1711474077
www.trckams.com/ Name: transaction_id
Value: db125d1d794c4b2db6f162a170ec8d0c
jetzt-treffen.com/ Name: gbu9uvfhph6a0mdatwbzomssrlboczvs
Value: %7B%22v%22%3A%226.0.4%22%2C%22a%22%3A533340746%2C%22b%22%3A%2203b9a4be8eef71f9f5e86dc0a2c360bf%22%2C%22c%22%3A1711474077821%2C%22d%22%3A%22384bd5b408b1c316ab6159b083ed955e%22%2C%22e%22%3Anull%7D

1 Console Messages

Source Level URL
Text
javascript warning URL: https://jetzt-treffen.com/landing4?product=1&type=granny&pid=1&pt=100920&cid=db125d1d794c4b2db6f162a170ec8d0c&sub=736&email=
Message:
The resource https://fonts.googleapis.com/css2?family=Poppins:wght@600;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adeptdagger.com
fonts.googleapis.com
g3tfiles.com
jetzt-treffen.com
openfpcdn.io
paradingeffort.com
route-path.com
storage.googleapis.com
www.trckams.com
www.trckoja.com
13.32.99.118
172.66.41.43
2606:4700:3108::ac42:2bc6
2a00:1450:4001:80e::200a
2a00:1450:4001:829::201b
34.111.194.218
34.76.98.215
34.78.223.0
34.96.83.190
45.88.223.246
020f456468f760099f1ca8e104d1ca675d54c338fde4e9b6eee2bec476e2b1d8
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
112781a980106cddf8e7e083abf343c5b921d073e3581b998356fa1e917c115c
1b1f6d3bc798157003c776c1813aa710239fdf239a5e417a2d8242fe633767b0
1cf2b78126dc747273bba87a5dbacb5d36c41cca133f4965285c13ee030aa5fa
1e1ee255d642dde2e7065ad47d40de8616def8d0b4c48c9242382e0deaabdf3e
2008e59942f21ad0f2fbe2f9556941762b66303280067cc260eb42e432a4ac67
2a499b2735c750cc44c6f190dda25fc0bddffe0b6cfd085ebad0edf6895e40a7
438e5bfb21fcf1e237ce7b8f599367a43f2c228d9688466fe49295f00a0be294
4688618d8c5c8eebccd6f3512408582c16f3fb8a2bb6571938c4c9c3ae360259
4a75334e75c9a322a3bb16ec87b29a0a9d415f67f02e5486e293d0bbc6974014
53e48cfa55bca21cc9a26d757441950d6fbc67985d65461b1c1a6d278a39a726
702d376866858d7f21bc8ab5e99e610e0ca4f76d7e6f6d6495b334a5e5fe29ea
7a627b77c369979f2fbd709bf9a4dd582589581cdea1ccc9e6f29bae56bd4acd
7e2b6be1b8b56a7de4a0f3c6ac56b03f2458f499047e293079961786616f438b
86bfacf225b0b39e93e8f7f144a9bda390de21055b17d0e60fac18ce973dc761
8f31012c5a8010220daba1dd04d6a9da4dc2aa75915d97b55172507291db3e26
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a34fe0c25dd6e7fa0046d9804090f25a0d691f9f1d49cf2a031a1c997759b315
af02747fec8f7a6b930286e7cd0d4f96da70a88ea0ee3eeb570791f3fe479cb0
b9b5beb14ca2f1707ba834b8427f2a2c57def72742ffd78b03ba4dbc2e928153
ba0054d4c8eb8ea6aea01dc0e73449e191457a7681c75e6c7188bac4b9a56613
c4d2af5b5fee6ee9f861b9b37729ab53988d03837c0d4fdb850b9c766ab8e251
cb37aaac8ae96d11a8e9a467b72db2f4a6ba00c335092e83b6fbf36b2853669c
daafc1d30f190517183536b78fb727e474705bdbe720ea65c07a0a09e3f8f5ac
f2a30602a4585765afc5119fb2cdf2868384c8703aadfdf00181465b8a8daa92
f3d98320f51eed58ccf3589bbd6810e8bc6c66c5f1bd17c1baa60a16ade2212f
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149