urlscan.io logo urlscan.io
SecurityTrails logo

t26.heissetreffen.at Open in urlscan Pro
2606:4700:30::6812:36ea  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.not-geil24.at/tracker.php?id=9y-6k96
Effective URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15...
Submission: On January 07 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 2606:4700:30::6812:36ea, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is t26.heissetreffen.at.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 16th 2018. Valid for: 6 months.
This is the only time t26.heissetreffen.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 176.9.26.151 24940 (HETZNER-AS)
1 2 18.203.29.133 16509 (AMAZON-02)
1 6 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
5 151.139.237.33 12989 (HWNG)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.110 54113 (FASTLY)
1 162.247.242.19 23467 (NEWRELIC-...)
15 6
1    176.9.26.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: not-geil24.at
www.not-geil24.at
2    18.203.29.133 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-203-29-133.eu-west-1.compute.amazonaws.com
dlvr.xcash.com
6    2606:4700:30::6812:36ea (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
trk.heissetreffen.at
t26.heissetreffen.at
t.heissetreffen.at
1    2606:4700:30::6812:37ea (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
t26.heissetreffen.at
5    151.139.237.33 (Dallas, United States)

ASN12989 (HWNG, NL)
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
static-02-2ug82pacs7u3bksy.netdna-ssl.com
2    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    151.101.2.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
Domain Requested by
4 t26.heissetreffen.at 1 redirects dlvr.xcash.com
t26.heissetreffen.at
3 static-01-2ug82pacs7u3bksy.netdna-ssl.com t26.heissetreffen.at
static-01-2ug82pacs7u3bksy.netdna-ssl.com
2 t.heissetreffen.at t26.heissetreffen.at
2 www.google-analytics.com t26.heissetreffen.at
2 dlvr.xcash.com 1 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com t26.heissetreffen.at
1 static-02-2ug82pacs7u3bksy.netdna-ssl.com t26.heissetreffen.at
1 static-03-2ug82pacs7u3bksy.netdna-ssl.com t26.heissetreffen.at
1 trk.heissetreffen.at 1 redirects
1 www.not-geil24.at 1 redirects
15 11

This site contains links to these domains. Also see Links.

Domain
heissetreffen.at
support.heissetreffen.at
Subject Issuer Validity Valid
sni64670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-11-16 -
2019-05-25		 6 months crt.sh
*.netdna-ssl.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-28 -
2019-02-28		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-12-06 -
2019-04-14		 4 months crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Frame ID: 982959BC73894191F194A30F12BACB9B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.not-geil24.at/tracker.php?id=9y-6k96 HTTP 302
    http://dlvr.xcash.com/27998 HTTP 302
    http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D1030... Page URL
  2. https://trk.heissetreffen.at/a/ff0026/?promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keywo... HTTP 302
    http://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&k... HTTP 301
    https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&k... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^requirejs$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

15
Requests

93 %
HTTPS

38 %
IPv6

7
Domains

11
Subdomains

6
IPs

3
Countries

322 kB
Transfer

829 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.not-geil24.at/tracker.php?id=9y-6k96 HTTP 302
    http://dlvr.xcash.com/27998 HTTP 302
    http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F27998%2F%3F%26tt%3D1 Page URL
  2. https://trk.heissetreffen.at/a/ff0026/?promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6 HTTP 302
    http://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6 HTTP 301
    https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.not-geil24.at/tracker.php?id=9y-6k96 HTTP 302
  • http://dlvr.xcash.com/27998 HTTP 302
  • http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F27998%2F%3F%26tt%3D1

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set r
dlvr.xcash.com/
Redirect Chain
  • http://www.not-geil24.at/tracker.php?id=9y-6k96
  • http://dlvr.xcash.com/27998
  • http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634...
963 B
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F27998%2F%3F%26tt%3D1
Protocol
HTTP/1.1
Server
18.203.29.133 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-29-133.eu-west-1.compute.amazonaws.com
Software
nginx / HHVM/3.18.1
Resource Hash
fe146e716a99cb44d0f693677667c765c8fb1446abfdda05ae15eeb82a202263

Request headers

Host
dlvr.xcash.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
51D_Bandwidth=1546871630.5839; ubbc=eyJpdiI6IkdlZjl4OGhqNFhnYUdJSDVzMU1IVnc9PSIsInZhbHVlIjoiV01QZHM1UEUwdVJhbmVPdFl5OGVtQT09IiwibWFjIjoiYjNiOTQ0ZmIxZGUwNWFjN2MzMDJjYjcxMjE1NDQ1MWY4MjNjMjFlMTk1YmNmMzQxNjg0YTYyNDIyYTI0NWVlMSJ9; bbuc=eyJpdiI6Im1qY3BNSDI3bjNhXC9HWHNIYnNSeWF3PT0iLCJ2YWx1ZSI6Ikp5WmdBZDIwQWRJbWNaeHRIMHE1d0NjTXdIcmZlZDdDK1B4dGxWODIxdW89IiwibWFjIjoiYzk3ZDg4ZDk4YTc0MWU1YWM5OTE4MDkzOTUzY2ZkOTNkYmFiZTdmMmViZTJhZTc1NjE3YzI3ZjU2MjhmNmU3MiJ9; bbrc=eyJpdiI6InJOZjhpMkxYT253azM1TFNuNVVQT1E9PSIsInZhbHVlIjoiMEJRblpHaFlOb3hRcEdFOWhDY0FkZz09IiwibWFjIjoiMWRlYjU1OGMwMzY5ZmI2NWY0OGJhN2FmODUxOWY5YjA3MzE2MjVlOTRhN2JlNGE0OTdjMDgyM2E2Zjk3YmNmZiJ9; laravel_session=eyJpdiI6IlV3ZVA1OWh5RzdzNFRQWGI2YWNhaUE9PSIsInZhbHVlIjoiRVF5Qk9mUWhUek1namk5RVwvVUVTcXhQaVIyQXErRms1MVMrakNKWTVSazF5Q0luSVQ5UE1GaFVmamJkYUlZT1JWaDlhM2NmRGhqUVJRNVZ3VGJZVkF3PT0iLCJtYWMiOiIyY2E3ZjMzNmRhZDc0MTZkN2NlMzE1Y2IzOGZmMDk0N2RlZTE3MWFiM2M2NDcyNTQ3NTZiMTljMGNmMWRhMzBkIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Jan 2019 14:33:50 GMT
Server
nginx
Set-Cookie
laravel_session=eyJpdiI6IlhXNVQ0V24wZEtRT1Z2c1wvK2RXbjV3PT0iLCJ2YWx1ZSI6ImU0Rm1HcmNlUVdnK1YwR0hLaTlMQjg4a0dQZWMrSHlwM1wvWVByaUZQUkZsYWhKcGpOU1NcL3FUdzd2dTNhejY3cTU4V3RmckRnVkRmaVRjbXEwQ2dkUmc9PSIsIm1hYyI6IjI2YmNhNDc3YzNmNDViNDZmMGJjMjllNzExNTJmOTU2NzAyYmZmNDNmZWI3NWI2MzEwZjA1YjE1MzEzNWUxYTgifQ%3D%3D; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
HHVM/3.18.1
Content-Length
432
Connection
keep-alive

Redirect headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Jan 2019 14:33:50 GMT
Location
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F27998%2F%3F%26tt%3D1
Server
nginx
Set-Cookie
51D_Bandwidth=1546871630.5839 ubbc=eyJpdiI6IkdlZjl4OGhqNFhnYUdJSDVzMU1IVnc9PSIsInZhbHVlIjoiV01QZHM1UEUwdVJhbmVPdFl5OGVtQT09IiwibWFjIjoiYjNiOTQ0ZmIxZGUwNWFjN2MzMDJjYjcxMjE1NDQ1MWY4MjNjMjFlMTk1YmNmMzQxNjg0YTYyNDIyYTI0NWVlMSJ9; expires=Tue, 08-Jan-2019 14:33:50 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6Im1qY3BNSDI3bjNhXC9HWHNIYnNSeWF3PT0iLCJ2YWx1ZSI6Ikp5WmdBZDIwQWRJbWNaeHRIMHE1d0NjTXdIcmZlZDdDK1B4dGxWODIxdW89IiwibWFjIjoiYzk3ZDg4ZDk4YTc0MWU1YWM5OTE4MDkzOTUzY2ZkOTNkYmFiZTdmMmViZTJhZTc1NjE3YzI3ZjU2MjhmNmU3MiJ9; expires=Tue, 08-Jan-2019 14:33:50 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6InJOZjhpMkxYT253azM1TFNuNVVQT1E9PSIsInZhbHVlIjoiMEJRblpHaFlOb3hRcEdFOWhDY0FkZz09IiwibWFjIjoiMWRlYjU1OGMwMzY5ZmI2NWY0OGJhN2FmODUxOWY5YjA3MzE2MjVlOTRhN2JlNGE0OTdjMDgyM2E2Zjk3YmNmZiJ9; expires=Mon, 07-Jan-2019 21:33:50 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6IlV3ZVA1OWh5RzdzNFRQWGI2YWNhaUE9PSIsInZhbHVlIjoiRVF5Qk9mUWhUek1namk5RVwvVUVTcXhQaVIyQXErRms1MVMrakNKWTVSazF5Q0luSVQ5UE1GaFVmamJkYUlZT1JWaDlhM2NmRGhqUVJRNVZ3VGJZVkF3PT0iLCJtYWMiOiIyY2E3ZjMzNmRhZDc0MTZkN2NlMzE1Y2IzOGZmMDk0N2RlZTE3MWFiM2M2NDcyNTQ3NTZiMTljMGNmMWRhMzBkIn0%3D; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
HHVM/3.18.1
Content-Length
369
Connection
keep-alive
Primary Request /
t26.heissetreffen.at/
Redirect Chain
  • https://trk.heissetreffen.at/a/ff0026/?promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
  • http://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
  • https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
104 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Requested by
Host: dlvr.xcash.com
URL: http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F27998%2F%3F%26tt%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:36ea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca23c3eabeee11a40e07442ec7b15f906f9e613524801bb08f8d331b00db3e8

Request headers

:method
GET
:authority
t26.heissetreffen.at
:scheme
https
:path
/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F27998%2F%3F%26tt%3D1
accept-encoding
gzip, deflate, br
cookie
__cfduid=d01950c8f5f2ae9a89924e8d42abc85e51546871630
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.heissetreffen.at%2Fa%2Fff0026%2F%3Fpromo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F27998%2F%3F%26tt%3D1

Response headers

status
200
date
Mon, 07 Jan 2019 14:33:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=pmsi8952p1f568iq12ul9f1ts4; path=/; domain=heissetreffen.at pc_aff=gu2uOGusCPbFOzb9reDJz1GE_vUFxu8PJoTFnLIlXLL-i8qN_1-kkqBsx0pTK69XfbGYR6c3pklJzwWT4iShLZ28cYll6Uj8h8sNXsWNcSjkx0s33TZ1lKu3XtQLwMJ54dtl6HT6eMIdpefsGSOWpWs2Pmk48T-mEnc6DDsKWYQdNAO5-Zghrz7DIfYqRTO_bqO5XJt0Mcpdps4kCNchvsOyTuDrTjJXnOW5WToFtDwwHjuY8uOiZMsu0xbLabQmu9vlaSdt0JQpvTNXAImSpnztkamEJ7VMCzCurEjdcLBS71A_mmzPb1MXIrrHHwXaBRY1yaLUY_U-pR45kknNvA; expires=Wed, 06-Feb-2019 14:33:50 GMT; Max-Age=2592000; path=/; domain=heissetreffen.at promo_code=103078; expires=Wed, 06-Feb-2019 14:33:50 GMT; Max-Age=2592000; path=/; domain=t26.heissetreffen.at ev=xc15468716306f0ac5c33634e95eac236097097; expires=Wed, 06-Feb-2019 14:33:50 GMT; Max-Age=2592000; path=/; domain=t26.heissetreffen.at keyword=619; expires=Wed, 06-Feb-2019 14:33:50 GMT; Max-Age=2592000; path=/; domain=t26.heissetreffen.at APPID=promo SERVERID=wbs02; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4957244d5c396415-FRA
content-encoding
br

Redirect headers

Date
Mon, 07 Jan 2019 14:33:50 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 07 Jan 2019 15:33:50 GMT
Location
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4957244d4613c2a1-FRA
landing0023.css
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/ 		61 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0023.css?v=1.144.0.master.20181227113740
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1884a8a5c09335a34af718d1780f5f37234d2cf5a2a6eae275f094f1b576d74c

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=63089
x-cache
HIT
status
200
cf-bgj
minify
last-modified
Thu, 27 Dec 2018 10:52:02 GMT
server
NetDNA-cache/2.2
etag
W/"5c24aed2-f671"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
49519e888d716343-FRA
expires
Tue, 05 Feb 2019 22:28:42 GMT
mail_icon.png
t26.heissetreffen.at/img/modal/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t26.heissetreffen.at/img/modal/mail_icon.png?v=1.144.0.master.20181227113740
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:36ea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3870a28a2bc08b938bccff67416bbd7d338df5ac0e0736d0e08b1e63de4150d9

Request headers

:path
/img/modal/mail_icon.png?v=1.144.0.master.20181227113740
pragma
no-cache
cookie
__cfduid=d01950c8f5f2ae9a89924e8d42abc85e51546871630; PHPSESSID=pmsi8952p1f568iq12ul9f1ts4; pc_aff=gu2uOGusCPbFOzb9reDJz1GE_vUFxu8PJoTFnLIlXLL-i8qN_1-kkqBsx0pTK69XfbGYR6c3pklJzwWT4iShLZ28cYll6Uj8h8sNXsWNcSjkx0s33TZ1lKu3XtQLwMJ54dtl6HT6eMIdpefsGSOWpWs2Pmk48T-mEnc6DDsKWYQdNAO5-Zghrz7DIfYqRTO_bqO5XJt0Mcpdps4kCNchvsOyTuDrTjJXnOW5WToFtDwwHjuY8uOiZMsu0xbLabQmu9vlaSdt0JQpvTNXAImSpnztkamEJ7VMCzCurEjdcLBS71A_mmzPb1MXIrrHHwXaBRY1yaLUY_U-pR45kknNvA; promo_code=103078; ev=xc15468716306f0ac5c33634e95eac236097097; keyword=619; APPID=promo; SERVERID=wbs02
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
t26.heissetreffen.at
referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
:scheme
https
:method
GET
Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
cf-cache-status
HIT
last-modified
Thu, 27 Dec 2018 10:31:47 GMT
server
cloudflare
etag
"5c24aa13-23ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
49572452384f6415-FRA
content-length
9215
expires
Wed, 06 Feb 2019 14:33:51 GMT
location.jpg
static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0023/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0023/location.jpg?v=1.144.0.master.20181227113740
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d70bc333d8557f3a9d179fc247554703d7aa0c559e92ad0b56a5f48da8dfb38b

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2017 11:43:26 GMT
server
NetDNA-cache/2.2
etag
"59e0a6de-5c7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
49519e88ce8bbeb7-FRA
content-length
23679
expires
Mon, 07 Jan 2019 22:28:43 GMT
loading.gif
t26.heissetreffen.at/img/_forms/steps0014/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t26.heissetreffen.at/img/_forms/steps0014/loading.gif?v=1.144.0.master.20181227113740
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:36ea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a

Request headers

:path
/img/_forms/steps0014/loading.gif?v=1.144.0.master.20181227113740
pragma
no-cache
cookie
__cfduid=d01950c8f5f2ae9a89924e8d42abc85e51546871630; PHPSESSID=pmsi8952p1f568iq12ul9f1ts4; pc_aff=gu2uOGusCPbFOzb9reDJz1GE_vUFxu8PJoTFnLIlXLL-i8qN_1-kkqBsx0pTK69XfbGYR6c3pklJzwWT4iShLZ28cYll6Uj8h8sNXsWNcSjkx0s33TZ1lKu3XtQLwMJ54dtl6HT6eMIdpefsGSOWpWs2Pmk48T-mEnc6DDsKWYQdNAO5-Zghrz7DIfYqRTO_bqO5XJt0Mcpdps4kCNchvsOyTuDrTjJXnOW5WToFtDwwHjuY8uOiZMsu0xbLabQmu9vlaSdt0JQpvTNXAImSpnztkamEJ7VMCzCurEjdcLBS71A_mmzPb1MXIrrHHwXaBRY1yaLUY_U-pR45kknNvA; promo_code=103078; ev=xc15468716306f0ac5c33634e95eac236097097; keyword=619; APPID=promo; SERVERID=wbs02
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
t26.heissetreffen.at
referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
:scheme
https
:method
GET
Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
cf-cache-status
HIT
last-modified
Thu, 27 Dec 2018 10:31:47 GMT
server
cloudflare
etag
"5c24aa13-16cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
49572452485f6415-FRA
content-length
5837
expires
Wed, 06 Feb 2019 14:33:51 GMT
landing1545907792922.min.js
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/landing1545907792922.min.js
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
22211e371e46f175c6e2042f34756820cca00a808d3c3edb8c16cc2b52974c12

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Dec 2018 10:52:10 GMT
server
NetDNA-cache/2.2
etag
W/"5c24aeda-4834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=2592000
cf-ray
49519e888b616361-FRA
expires
Tue, 05 Feb 2019 22:28:42 GMT
Roboto-Regular.woff
static-02-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/ 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-02-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/Roboto-Regular.woff?1545811722
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8e363031576e1d8c7d18952dd2fb30006a8acd9937bc034d24017e650e803d78

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0023.css?v=1.144.0.master.20181227113740
Origin
https://t26.heissetreffen.at

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
cf-cache-status
HIT
last-modified
Thu, 27 Dec 2018 10:51:53 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"5c24aec9-12140"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
content-type
application/font-woff
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
49519e654985c28d-FRA
content-length
74048
expires
Tue, 05 Feb 2019 22:28:37 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
6285
date
Mon, 07 Jan 2019 12:49:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Mon, 07 Jan 2019 14:49:06 GMT
tm.js
t.heissetreffen.at/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.heissetreffen.at/tm.js
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:36ea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d7e9fc78fe61d062392ae2b1ee0254b4d5cff7803a4d354b967598c3994e1f

Request headers

:path
/tm.js
pragma
no-cache
cookie
__cfduid=d01950c8f5f2ae9a89924e8d42abc85e51546871630; PHPSESSID=pmsi8952p1f568iq12ul9f1ts4; pc_aff=gu2uOGusCPbFOzb9reDJz1GE_vUFxu8PJoTFnLIlXLL-i8qN_1-kkqBsx0pTK69XfbGYR6c3pklJzwWT4iShLZ28cYll6Uj8h8sNXsWNcSjkx0s33TZ1lKu3XtQLwMJ54dtl6HT6eMIdpefsGSOWpWs2Pmk48T-mEnc6DDsKWYQdNAO5-Zghrz7DIfYqRTO_bqO5XJt0Mcpdps4kCNchvsOyTuDrTjJXnOW5WToFtDwwHjuY8uOiZMsu0xbLabQmu9vlaSdt0JQpvTNXAImSpnztkamEJ7VMCzCurEjdcLBS71A_mmzPb1MXIrrHHwXaBRY1yaLUY_U-pR45kknNvA
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
t.heissetreffen.at
referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
:scheme
https
:method
GET
Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=86400
cf-ray
49572452f8fd6415-FRA
expires
Tue, 08 Jan 2019 14:33:51 GMT
landing.js
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/dist/ 		444 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/dist/landing.js?v=1.144.0.master.20181227113740
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/landing1545907792922.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0bfa4a498fc0449b7116ca8c00fad600035a8ea28be23bdedba1137b8c614b59

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=456747
x-cache
HIT
status
200
cf-bgj
minify
last-modified
Thu, 27 Dec 2018 10:52:10 GMT
server
NetDNA-cache/2.2
etag
W/"5c24aeda-6f82b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2592000
cf-ray
49519e647e3f6343-FRA
expires
Tue, 05 Feb 2019 22:28:37 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1210577233&t=pageview&_s=1&dl=https%3A%2F%2Ft26.heissetreffen.at%2F%3Fq%3D%2Fa%2Fff0026%2F%26promo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&dr=http%3A%2F%2Fdlvr.xcash.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrk.heissetreffen.at%252Fa%252Fff0026%252F%253Fpromo_code%253D103078%2526ev%253Dxc15468716306f0ac5c33634e95eac236097097%2526keyword%253D619%2526pass%253Dxc15468716306f0ac5c33634e95eac236097097%2526m%253D0%257C0%257C0%257C0%2526email%253D%2526flow%253D6%26redirect_back%3D%252F%252Fdlvr.xcash.com%252F27998%252F%253F%2526tt%253D1&ul=en-us&de=UTF-8&dt=Heisse%20Treffen%3A%20Dates%20und%20unverbindliche%20Treffen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=919658261&gjid=410784205&cid=505364456.1546871632&tid=UA-87667025-29&_gid=2125295357.1546871632&_r=1&z=731948385
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jan 2019 14:33:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1099.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1099.min.js
Requested by
Host: t26.heissetreffen.at
URL: https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 07 Jan 2019 14:33:51 GMT
content-encoding
gzip
x-amz-request-id
721001A39CB7D50B
x-cache
HIT
status
200
content-length
9139
x-amz-id-2
NxMxfptyk7m72ZRtwDBFrYLt42q+zxYhs3n9RkXhwCypFX0QIhKQ++L2sfAGR6WMd083eZI9VXw=
x-served-by
cache-hhn1543-HHN
last-modified
Tue, 02 Oct 2018 02:58:53 GMT
server
AmazonS3
x-timer
S1546871632.893778,VS0,VE0
etag
"eed931ffe2a555a310715cf8678d32f5"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
46474
0.png
t.heissetreffen.at/ 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.heissetreffen.at/0.png?ver=3.8&n=0.03967876050831731&cvn1=formprop&cvv1=N%2FA&cvs1=3&cvn2=ContentGroupName&cvv2=undefined&cvs2=3&cvn3=SubContentGroupName&cvv3=false&cvs3=3&cvn4=Promo%20Code&cvv4=619&cvs4=1&cvn5=Account%20ID&cvv5=&cvs5=1&cvn6=Gender-Orientation&cvv6=&cvs6=1&cvn7=Current%20Member%20Level&cvv7=false&cvs7=1&cvn8=Single%27s%20Flag&cvv8=false&cvs8=1&cvn9=Primary%20Profile%27s%20Age&cvv9=false&cvs9=1&cvn10=Secondary%20Profile%27s%20Age&cvv10=false&cvs10=1&cvn11=ScenarioAnalysisName&cvv11=undefined&cvs11=3&cvn12=ScenarioStepName&cvv12=undefined%3Bundefined&cvs12=3&cvn13=ScenarioStepPosition&cvv13=undefined&cvs13=3&cvn14=productSKU&cvv14=&cvs14=3&cvn15=TransactionEventType&cvv15=undefined&cvs15=3&cvn16=SubTotalforSKU&cvv16=undefined&cvs16=3&cvn17=TourName&cvv17=&cvs17=3&cvn18=Campaign%20ID&cvv18=&cvs18=2&cvn19=Target%20Element&cvv19=undefined&cvs19=3&cvn20=Event%20Type&cvv20=undefined&cvs20=3&js=&pst=1546871631804&pi=1546871631887&ct=5&ci=0&a=42&ns=1&nv=1&nvt=1&rc=0&v=888900118745145500&si=919715461016060500&c=1&se=&sp=&cd=&pl=Linux&l=en&an=&h=t26.heissetreffen.at&p=%2F%3Fq%3D%2Fa%2Fff0026%2F%26promo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&r=https%3A%2F%2Fdlvr.xcash.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrk.heissetreffen.at%252Fa%252Fff0026%252F%253Fpromo_code%253D103078%2526ev%253Dxc15468716306f0ac5c33634e95eac236097097%2526keyword%253D619%2526pass%253Dxc15468716306f0ac5c33634e95eac236097097%2526m%253D0%257C0%257C0%257C0%2526email%253D%2526flow%253D6%26redirect_back%3D%252F%252Fdlvr.xcash.com%252F27998%252F%253F%2526tt%253D1&f=0%2C0%2C0&t=Heisse%20Treffen%3A%20Dates%20und%20unverbindliche%20Treffen&sw=1600&sh=1200&sd=24&j=0&tzo=0&ps=0&pid=1546871631889&pdr=1546871631891
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:36ea , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path
/0.png?ver=3.8&n=0.03967876050831731&cvn1=formprop&cvv1=N%2FA&cvs1=3&cvn2=ContentGroupName&cvv2=undefined&cvs2=3&cvn3=SubContentGroupName&cvv3=false&cvs3=3&cvn4=Promo%20Code&cvv4=619&cvs4=1&cvn5=Account%20ID&cvv5=&cvs5=1&cvn6=Gender-Orientation&cvv6=&cvs6=1&cvn7=Current%20Member%20Level&cvv7=false&cvs7=1&cvn8=Single%27s%20Flag&cvv8=false&cvs8=1&cvn9=Primary%20Profile%27s%20Age&cvv9=false&cvs9=1&cvn10=Secondary%20Profile%27s%20Age&cvv10=false&cvs10=1&cvn11=ScenarioAnalysisName&cvv11=undefined&cvs11=3&cvn12=ScenarioStepName&cvv12=undefined%3Bundefined&cvs12=3&cvn13=ScenarioStepPosition&cvv13=undefined&cvs13=3&cvn14=productSKU&cvv14=&cvs14=3&cvn15=TransactionEventType&cvv15=undefined&cvs15=3&cvn16=SubTotalforSKU&cvv16=undefined&cvs16=3&cvn17=TourName&cvv17=&cvs17=3&cvn18=Campaign%20ID&cvv18=&cvs18=2&cvn19=Target%20Element&cvv19=undefined&cvs19=3&cvn20=Event%20Type&cvv20=undefined&cvs20=3&js=&pst=1546871631804&pi=1546871631887&ct=5&ci=0&a=42&ns=1&nv=1&nvt=1&rc=0&v=888900118745145500&si=919715461016060500&c=1&se=&sp=&cd=&pl=Linux&l=en&an=&h=t26.heissetreffen.at&p=%2F%3Fq%3D%2Fa%2Fff0026%2F%26promo_code%3D103078%26ev%3Dxc15468716306f0ac5c33634e95eac236097097%26keyword%3D619%26pass%3Dxc15468716306f0ac5c33634e95eac236097097%26m%3D0%7C0%7C0%7C0%26email%3D%26flow%3D6&r=https%3A%2F%2Fdlvr.xcash.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrk.heissetreffen.at%252Fa%252Fff0026%252F%253Fpromo_code%253D103078%2526ev%253Dxc15468716306f0ac5c33634e95eac236097097%2526keyword%253D619%2526pass%253Dxc15468716306f0ac5c33634e95eac236097097%2526m%253D0%257C0%257C0%257C0%2526email%253D%2526flow%253D6%26redirect_back%3D%252F%252Fdlvr.xcash.com%252F27998%252F%253F%2526tt%253D1&f=0%2C0%2C0&t=Heisse%20Treffen%3A%20Dates%20und%20unverbindliche%20Treffen&sw=1600&sh=1200&sd=24&j=0&tzo=0&ps=0&pid=1546871631889&pdr=1546871631891
pragma
no-cache
cookie
__cfduid=d01950c8f5f2ae9a89924e8d42abc85e51546871630; PHPSESSID=pmsi8952p1f568iq12ul9f1ts4; pc_aff=gu2uOGusCPbFOzb9reDJz1GE_vUFxu8PJoTFnLIlXLL-i8qN_1-kkqBsx0pTK69XfbGYR6c3pklJzwWT4iShLZ28cYll6Uj8h8sNXsWNcSjkx0s33TZ1lKu3XtQLwMJ54dtl6HT6eMIdpefsGSOWpWs2Pmk48T-mEnc6DDsKWYQdNAO5-Zghrz7DIfYqRTO_bqO5XJt0Mcpdps4kCNchvsOyTuDrTjJXnOW5WToFtDwwHjuY8uOiZMsu0xbLabQmu9vlaSdt0JQpvTNXAImSpnztkamEJ7VMCzCurEjdcLBS71A_mmzPb1MXIrrHHwXaBRY1yaLUY_U-pR45kknNvA; _ga=GA1.2.505364456.1546871632; _gid=GA1.2.2125295357.1546871632; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
t.heissetreffen.at
referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
:scheme
https
:method
GET
Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jan 2019 14:33:52 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
x-back-end
webetl02
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
accept-ranges
bytes
cf-ray
4957245359536415-FRA
content-length
35
expires
Thu, 01 Jan 1970 00:00:01 GMT
6cbab69a58
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/6cbab69a58?a=192394552&v=1099.d27c17c&to=ZlNaYhEDDEBYBUZQDF8Ze0MQFg1eFiNHXTNDWVVZTDIQXFQJHXANVVNAGSoMBlZB&rst=1171&ref=https://t26.heissetreffen.at/&ap=736&be=968&fe=1143&dc=1057&perf=%7B%22timing%22:%7B%22of%22:1546871630747,%22n%22:0,%22f%22:186,%22dn%22:186,%22dne%22:186,%22c%22:186,%22ce%22:186,%22rq%22:187,%22rp%22:956,%22rpe%22:966,%22dl%22:960,%22di%22:1057,%22ds%22:1057,%22de%22:1057,%22dc%22:1142,%22l%22:1143,%22le%22:1148%7D,%22navigation%22:%7B%7D%7D&at=ShRZFFkZH04%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1099.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://t26.heissetreffen.at/?q=/a/ff0026/&promo_code=103078&ev=xc15468716306f0ac5c33634e95eac236097097&keyword=619&pass=xc15468716306f0ac5c33634e95eac236097097&m=0|0|0|0&email=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require object| URL_PARAMS object| SITE_PRODUCT string| DOMAIN string| ENV object| WL_SITE string| SITE_NAME string| SITE_LAYOUT string| SITE_TYPE string| THIRD_PARTY_VIDEO_ID string| CURRENT_LANG object| TRANSLATIONS object| STATIC_DOMAINS object| SITE_VARIABLES object| ERROR_MESSAGES object| SUCCESS_MESSAGES object| NDConfig function| requirejs function| require function| define string| GOOGLE_ANALYTICS_CODE string| GoogleAnalyticsObject function| ga string| asset_id string| tracking_host string| WebETLObject function| webetl object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Twig function| $ function| jQuery function| Bloodhound function| Swiper function| getRefUrlParameter function| __hook_webetl function| __hook_webetl_ajax

16 Cookies

Domain/Path Name / Value
.t26.heissetreffen.at/ Name: __go_ps
Value: 90
.t26.heissetreffen.at/ Name: __go_vt
Value: 472588233662485570.42.1546871631.1546871631.1546871631.1
.t26.heissetreffen.at/ Name: __go_x
Value: 919715461016060500.42
.heissetreffen.at/ Name: PHPSESSID
Value: pmsi8952p1f568iq12ul9f1ts4
.heissetreffen.at/ Name: _gat
Value: 1
.heissetreffen.at/ Name: _ga
Value: GA1.2.505364456.1546871632
t26.heissetreffen.at/ Name: APPID
Value: promo
.heissetreffen.at/ Name: _gid
Value: GA1.2.2125295357.1546871632
.heissetreffen.at/ Name: __cfduid
Value: d01950c8f5f2ae9a89924e8d42abc85e51546871630
.t26.heissetreffen.at/ Name: keyword
Value: 619
.t26.heissetreffen.at/ Name: promo_code
Value: 103078
.t26.heissetreffen.at/ Name: ev
Value: xc15468716306f0ac5c33634e95eac236097097
.t26.heissetreffen.at/ Name: __go_s
Value: 919715461016060500.42.1546871631.1
.heissetreffen.at/ Name: pc_aff
Value: gu2uOGusCPbFOzb9reDJz1GE_vUFxu8PJoTFnLIlXLL-i8qN_1-kkqBsx0pTK69XfbGYR6c3pklJzwWT4iShLZ28cYll6Uj8h8sNXsWNcSjkx0s33TZ1lKu3XtQLwMJ54dtl6HT6eMIdpefsGSOWpWs2Pmk48T-mEnc6DDsKWYQdNAO5-Zghrz7DIfYqRTO_bqO5XJt0Mcpdps4kCNchvsOyTuDrTjJXnOW5WToFtDwwHjuY8uOiZMsu0xbLabQmu9vlaSdt0JQpvTNXAImSpnztkamEJ7VMCzCurEjdcLBS71A_mmzPb1MXIrrHHwXaBRY1yaLUY_U-pR45kknNvA
.t26.heissetreffen.at/ Name: __go_v
Value: 888900118745145500.42.1546871631.1546871631.1546871631.1
t26.heissetreffen.at/ Name: SERVERID
Value: wbs02

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
dlvr.xcash.com
js-agent.newrelic.com
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-02-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
t.heissetreffen.at
t26.heissetreffen.at
trk.heissetreffen.at
www.google-analytics.com
www.not-geil24.at
151.101.2.110
151.139.237.33
162.247.242.19
176.9.26.151
18.203.29.133
2606:4700:30::6812:36ea
2606:4700:30::6812:37ea
2a00:1450:4001:821::200e
0bfa4a498fc0449b7116ca8c00fad600035a8ea28be23bdedba1137b8c614b59
1884a8a5c09335a34af718d1780f5f37234d2cf5a2a6eae275f094f1b576d74c
22211e371e46f175c6e2042f34756820cca00a808d3c3edb8c16cc2b52974c12
3870a28a2bc08b938bccff67416bbd7d338df5ac0e0736d0e08b1e63de4150d9
685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794
79d7e9fc78fe61d062392ae2b1ee0254b4d5cff7803a4d354b967598c3994e1f
7ca23c3eabeee11a40e07442ec7b15f906f9e613524801bb08f8d331b00db3e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e363031576e1d8c7d18952dd2fb30006a8acd9937bc034d24017e650e803d78
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
d70bc333d8557f3a9d179fc247554703d7aa0c559e92ad0b56a5f48da8dfb38b
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fe146e716a99cb44d0f693677667c765c8fb1446abfdda05ae15eeb82a202263