urlscan.io logo urlscan.io
SecurityTrails logo

heissetreffen.live Open in urlscan Pro
15.236.131.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.3dxxxadult.com/
Effective URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23...
Submission: On January 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 20 domains to perform 44 HTTP transactions. The main IP is 15.236.131.1, located in Paris, France and belongs to AMAZON-02, US. The main domain is heissetreffen.live.
TLS certificate: Issued by E5 on December 21st 2024. Valid for: 3 months.
This is the only time heissetreffen.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a01:7e01::f0... 63949 (AKAMAI-LI...)
1 2602:816:5001... 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
1 142.250.186.132 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 18.245.60.79 16509 (AMAZON-02)
2 2 2600:9000:225... 16509 (AMAZON-02)
2 2 2600:9000:225... 16509 (AMAZON-02)
1 1 34.236.83.126 14618 (AMAZON-AES)
1 1 13.39.53.198 16509 (AMAZON-02)
4 15.236.131.1 16509 (AMAZON-02)
1 5.200.15.239 49544 (i3Dnet i3...)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
1 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
44 14
4    2a01:7e01::f03c:95ff:fe00:2692 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
app.3dxxxadult.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
1    18.245.60.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-79.fra60.r.cloudfront.net
t.ajrkm.link
2    2600:9000:2250:a400:7:411:6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
a.vfghc.com
2    2600:9000:2250:e600:12:673e:19c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
a.avlm3.com
1    34.236.83.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-126.compute-1.amazonaws.com
s.sloffer1.com
1    13.39.53.198 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-39-53-198.eu-west-3.compute.amazonaws.com
trcke07.xyz
4    15.236.131.1 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-131-1.eu-west-3.compute.amazonaws.com
heissetreffen.live
1    5.200.15.239 (Rotterdam, Netherlands)

ASN49544 (i3Dnet i3D.net B.V, NL)
richinfo.co
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.barecdn.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
4 heissetreffen.live
heissetreffen.live
126 KB
4 3dxxxadult.com
app.3dxxxadult.com
26 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com Failed
31 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
59 KB
2 avlm3.com
a.avlm3.com — Cisco Umbrella Rank: 450642
1 KB
2 vfghc.com
a.vfghc.com
2 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 265
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 barecdn.com
www.barecdn.com
48 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
19 KB
1 richinfo.co
richinfo.co — Cisco Umbrella Rank: 249617
35 KB
1 trcke07.xyz
trcke07.xyz
1 KB
1 sloffer1.com
s.sloffer1.com — Cisco Umbrella Rank: 512692
1 KB
1 ajrkm.link
t.ajrkm.link — Cisco Umbrella Rank: 987655
2 KB
1 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 3335
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5439
262 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
52 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 623
33 KB
0 pushdom.co Failed
rtb.pushdom.co Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
44 20
Domain Requested by
4 heissetreffen.live app.3dxxxadult.com
heissetreffen.live
4 app.3dxxxadult.com app.3dxxxadult.com
2 www.gstatic.com app.3dxxxadult.com
2 cdn.jsdelivr.net heissetreffen.live
2 a.avlm3.com 2 redirects
2 a.vfghc.com 2 redirects
2 bam.nr-data.net app.3dxxxadult.com
1 fonts.googleapis.com heissetreffen.live
1 www.barecdn.com heissetreffen.live
1 cdnjs.cloudflare.com heissetreffen.live
1 richinfo.co heissetreffen.live
1 trcke07.xyz 1 redirects
1 s.sloffer1.com 1 redirects
1 t.ajrkm.link 1 redirects
1 syndicatedsearch.goog app.3dxxxadult.com
1 partner.googleadservices.com app.3dxxxadult.com
1 www.google.com app.3dxxxadult.com
1 js-agent.newrelic.com app.3dxxxadult.com
0 fonts.gstatic.com Failed fonts.googleapis.com
0 rtb.pushdom.co Failed heissetreffen.live
0 www.googletagmanager.com Failed heissetreffen.live
44 21

This site contains no links.

Subject Issuer Validity Valid
3dxxxadult.com
R10		 2024-12-27 -
2025-03-27		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-12 -
2025-08-12		 a year crt.sh
*.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.googleadservices.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
syndicatedsearch.goog
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
hotdates.us
E5		 2024-12-21 -
2025-03-21		 3 months crt.sh
richinfo.co
R10		 2024-12-10 -
2025-03-10		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
barecdn.com
WE1		 2024-12-04 -
2025-03-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Frame ID: CC2E762D4AF29B40D3232EF3670531DD
Requests: 43 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=7637993503&pcsa=false&channel=ch1&domain_name=3dxxxadult.com&client=dp-giantpanda_3ph&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fapp.3dxxxadult.com%2F%3Fafd%3D1&max_radlink_len=50&type=3&swp=as-drid-2439608017877166&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=3251736520721132&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=60&dt=1736520721133&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=712519386&rurl=https%3A%2F%2Fapp.3dxxxadult.com%2F
Frame ID: 8FAC9B04E6ADC45EFD2F0A5407B7ACEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heissetreffen

Page URL History Show full URLs

  1. https://app.3dxxxadult.com/ Page URL
  2. https://t.ajrkm.link/69881/3788/0?source=3dxxxadult.com&aff_sub=6293ada6-666a-492a-aae1-e80728bb2... HTTP 303
    https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb... HTTP 307
    https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728... HTTP 302
    https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-4... HTTP 307
    https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a... HTTP 302
    https://s.sloffer1.com/44542/7018/?aff_sub4=_bucket&aff_sub=1f3d9cf5-7019-4f97-b67e-dafd88516d14&af... HTTP 303
    https://trcke07.xyz/tracker/81?source=44542&subsource=69881_&clickid=102a140e4cb733828f6ff16b12a... HTTP 302
    https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

44
Requests

50 %
HTTPS

44 %
IPv6

20
Domains

21
Subdomains

14
IPs

5
Countries

431 kB
Transfer

1204 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.3dxxxadult.com/ Page URL
  2. https://t.ajrkm.link/69881/3788/0?source=3dxxxadult.com&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=3471,3472,3473,3474,3475&target=domainredirects&po=6456&aff_sub5=SF_006OG000004lmDN HTTP 303
    https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&aff_click_id=1029ae1a6ce6022343f417d81f40ca&affsource=3dxxxadult.com&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 307
    https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&aff_click_id=1029ae1a6ce6022343f417d81f40ca&affsource=3dxxxadult.com&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 302
    https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&target=&Site=&Bnr=&cid=wlm5pl3iopfq3eu639gjac9a&email=&source=69881_3dxxxadult.com&aff_unique4=vlma HTTP 307
    https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&target=&Site=&Bnr=&cid=wlm5pl3iopfq3eu639gjac9a&email=&source=69881_3dxxxadult.com&aff_unique4=vlma HTTP 302
    https://s.sloffer1.com/44542/7018/?aff_sub4=_bucket&aff_sub=1f3d9cf5-7019-4f97-b67e-dafd88516d14&aff_sub2=69881&aff_sub3=wlm5pl3iopfq3eu63v97q3o8&aff_click_id=1029ae1a6ce6022343f417d81f40ca&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=_bucket&source=69881_&aff_unique4=vlma HTTP 303
    https://trcke07.xyz/tracker/81?source=44542&subsource=69881_&clickid=102a140e4cb733828f6ff16b12af99&tsid=777&bo=2753%2C2754%2C2755%2C2756 HTTP 302
    https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.3dxxxadult.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.3dxxxadult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:7e01::f03c:95ff:fe00:2692 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
openresty/1.27.1.1 /
Resource Hash
8c88ee7c40a98d8410f9c0d0fa1b151bcf0e18ac2d11f6aff210ee00cfc99317

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 10 Jan 2025 14:51:59 GMT
server
openresty/1.27.1.1
vary
Accept-Encoding
nrb.js
app.3dxxxadult.com/_static/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.3dxxxadult.com/_static/nrb.js
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:7e01::f03c:95ff:fe00:2692 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
openresty/1.27.1.1 /
Resource Hash
9a9622bf899b7d4a0e3e56f1051aeb09114f1d19cebd4e4b2e6f498d1283b687
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.3dxxxadult.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
gzip
etag
W/"673b7c25-e308"
date
Fri, 10 Jan 2025 14:51:59 GMT
content-type
text/javascript
last-modified
Mon, 18 Nov 2024 17:40:53 GMT
server
openresty/1.27.1.1
vary
Accept-Encoding
deliver.js
app.3dxxxadult.com/_static/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.3dxxxadult.com/_static/deliver.js
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:7e01::f03c:95ff:fe00:2692 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
openresty/1.27.1.1 /
Resource Hash
2eb7e0c02b6014f45dcf02acc2ba369276f154be763d5c89669b08ee6c234090
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.3dxxxadult.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
gzip
etag
W/"677403fe-3ea2"
date
Fri, 10 Jan 2025 14:51:59 GMT
content-type
text/javascript
last-modified
Tue, 31 Dec 2024 14:47:26 GMT
server
openresty/1.27.1.1
vary
Accept-Encoding
_d
app.3dxxxadult.com/ 		700 B
580 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.3dxxxadult.com/_d
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/nrb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:7e01::f03c:95ff:fe00:2692 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
openresty/1.27.1.1 /
Resource Hash
ede98151b9db3ca4ea38aba9b28f5bfd167995721c52d22f114197d51b2a67b1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload

Request headers

traceparent
00-3e62af8a0e81f76f181c307aaaf12c66-9fe2c207084a51c2-01
Referer
https://app.3dxxxadult.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjcwMjEzNSIsImFwIjoiNzE4Mzg3MTMyIiwiaWQiOiI5ZmUyYzIwNzA4NGE1MWMyIiwidHIiOiIzZTYyYWY4YTBlODFmNzZmMTgxYzMwN2FhYWYxMmM2NiIsInRpIjoxNzM2NTIwNzE5OTgwfX0=
tracestate
702135@nr=0-1-702135-718387132-9fe2c207084a51c2----1736520719980

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
gzip
date
Fri, 10 Jan 2025 14:52:01 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
openresty/1.27.1.1
nr-spa-1.273.0.min.js
js-agent.newrelic.com/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.273.0.min.js
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/nrb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.3dxxxadult.com
Referer
https://app.3dxxxadult.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"38ea02666fda0fcf9ad33eca8b7c5b9c"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
33182
date
Fri, 10 Jan 2025 14:52:00 GMT
last-modified
Mon, 11 Nov 2024 18:20:59 GMT
content-type
application/javascript
x-served-by
cache-mad2200117-MAD
x-cache-hits
4480
vary
Accept-Encoding
0d385ba8a0
bam.nr-data.net/1/ 		185 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/0d385ba8a0?a=718387132&sa=1&v=1.273.0&t=Unnamed%20Transaction&rst=254&ck=0&s=d747213e3e095a76&ref=https://app.3dxxxadult.com/&ptid=02e190437410d48a&af=err,spa,xhr,stn,ins&be=49&fe=70&dc=67&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1736520719865,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:14,%22c%22:14,%22s%22:21,%22ce%22:39,%22rq%22:40,%22rp%22:50,%22rpe%22:54,%22di%22:114,%22ds%22:114,%22de%22:116,%22dc%22:118,%22l%22:118,%22le%22:119%7D,%22navigation%22:%7B%7D%7D&fp=187
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/nrb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb289587f62b292cfdfb28c873f644951bd5b395dd501dba3b3030000274347

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://app.3dxxxadult.com/

Response headers

Transfer-Encoding
chunked
access-control-expose-headers
Date
timing-allow-origin
https://app.3dxxxadult.com
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy
cross-origin
CF-Ray
8ffd7d04f8d3995c-FRA
Access-Control-Allow-Origin
https://app.3dxxxadult.com
Date
Fri, 10 Jan 2025 14:52:00 GMT
Content-Type
text/plain
Vary
Accept-Encoding
Server
cloudflare
0d385ba8a0
bam.nr-data.net/events/1/ 		24 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/0d385ba8a0?a=718387132&sa=1&v=1.273.0&t=Unnamed%20Transaction&rst=437&ck=0&s=d747213e3e095a76&ref=https://app.3dxxxadult.com/&ptid=02e190437410d48a
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/nrb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://app.3dxxxadult.com/

Response headers

CF-Cache-Status
DYNAMIC
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
CF-Ray
8ffd7d05e943995c-FRA
Access-Control-Allow-Origin
https://app.3dxxxadult.com
Content-Length
24
Date
Fri, 10 Jan 2025 14:52:00 GMT
Content-Type
image/gif
Vary
Accept-Encoding
Server
cloudflare
caf.js
www.google.com/adsense/domains/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1&abpgo=true
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/nrb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
sffe /
Resource Hash
3ac12dbc4217b6b08c6ba9a40dae26bdc66ffe961df76db97542c6da9deeed2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.3dxxxadult.com/

Response headers

content-encoding
gzip
etag
"7989637092869664727"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 14:52:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 14:52:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
cookie.js
partner.googleadservices.com/gampad/ 		382 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=app.3dxxxadult.com&client=partner-dp-giantpanda_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/nrb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
680dec2e6101c4a292478ddd383266799bbaa973a27a7db59ccdb335bed28b44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.3dxxxadult.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
241
date
Fri, 10 Jan 2025 14:52:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
syndicatedsearch.goog/afs/ Frame 8FAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=7637993503&pcsa=false&channel=ch1&domain_name=3dxxxadult.com&client=dp-giantpanda_3ph&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fapp.3dxxxadult.com%2F%3Fafd%3D1&max_radlink_len=50&type=3&swp=as-drid-2439608017877166&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=3251736520721132&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=60&dt=1736520721133&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=712519386&rurl=https%3A%2F%2Fapp.3dxxxadult.com%2F
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/nrb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-H2rmx28-2QChzO1UdOl3Jg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://app.3dxxxadult.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
625
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-H2rmx28-2QChzO1UdOl3Jg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Fri, 10 Jan 2025 14:52:01 GMT
expires
Fri, 10 Jan 2025 14:52:01 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
_e
app.3dxxxadult.com/ 		0
0
Primary Request lp13
heissetreffen.live/
Redirect Chain
  • https://t.ajrkm.link/69881/3788/0?source=3dxxxadult.com&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=3471,3472,3473,3474,3475&target=domainredirects&po=6456&aff_sub5=SF_006OG000004lmDN
  • https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&aff_click_id=1029ae1a6ce602...
  • https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&aff_click_id=1029ae1a6ce6...
  • https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&target=&Si...
  • https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=1029ae1a6ce6022343f417d81f40ca&subID2=69881&target=&...
  • https://s.sloffer1.com/44542/7018/?aff_sub4=_bucket&aff_sub=1f3d9cf5-7019-4f97-b67e-dafd88516d14&aff_sub2=69881&aff_sub3=wlm5pl3iopfq3eu63v97q3o8&aff_click_id=1029ae1a6ce6022343f417d81f40ca&bo=2753...
  • https://trcke07.xyz/tracker/81?source=44542&subsource=69881_&clickid=102a140e4cb733828f6ff16b12af99&tsid=777&bo=2753%2C2754%2C2755%2C2756
  • https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/_static/deliver.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.236.131.1 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-131-1.eu-west-3.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
c309f8f6f59eb4ab9cc90575248778197029216719a95d882f65ea66928a944d

Request headers

Referer
https://app.3dxxxadult.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 10 Jan 2025 14:52:03 GMT
ETag
W/"678100c0-9bf"
Last-Modified
Fri, 10 Jan 2025 11:13:04 GMT
Server
nginx/1.24.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Jan 2025 14:52:03 GMT
Location
https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Server
nginx
Transfer-Encoding
chunked
Vary
X-Inertia
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
_e
app.3dxxxadult.com/ 		0
0
rp-cl-ob.js
richinfo.co/richpartners/push/js/ 		93 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=946538&siteid=353924&niche=33
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.200.15.239 Rotterdam, Netherlands, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
1083e15f17276402d259f207d321498179dac9996221d7945ac21055bb7bf2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer
https://heissetreffen.live/

Response headers

x-amz-id-2
V/4UkkkPBE6aQayE2tOYoj6GHes9hXxcw6chTriyBtpsvp4hV8c3remHqLs53w2kGr/mOjoT4NM=
content-encoding
gzip
etag
W/"4eb2c767f3bc7992a918be3558d2a0a4"
access-control-allow-credentials
true
x-amz-request-id
G4CE93MX34QM1N35
access-control-allow-origin
https://heissetreffen.live
date
Fri, 10 Jan 2025 14:52:03 GMT
content-type
application/x-javascript
last-modified
Thu, 09 Jan 2025 11:08:37 GMT
server
openresty/1.21.4.1
x-amz-server-side-encryption
AES256
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6421d693-4940"
age
78183
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NETsnfDQ2H9mPupPGtemdFWVxR1xV5sDUJbKAgFgDkErxcjhX53T2600yQoX8KhWGms99B9%2BQjLuLTmLtrzXfgdtxjqRPhowCDLu1pt%2Bn1yYWa3viij287e5%2Bw5lZeBCv3tMfOul"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 31 Dec 2025 14:52:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 14:52:03 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ffd7d18ae9065d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18752
server
cloudflare
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/ 		226 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/bootstrap.min.css
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b6aa6018aa6ea3ae4027e02236405fbfa0b9de70a9029165572ddbb2de1c7e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer
https://heissetreffen.live/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"387e0-kol8xBxbCwiMXO4drK1nrE++qEQ"
age
3852970
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 10 Jan 2025 14:52:03 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA, cache-mad22046-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
34681
x-jsd-version
5.3.0-alpha2
index-f7d17062.js
heissetreffen.live/assets/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.live/assets/index-f7d17062.js
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.236.131.1 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-131-1.eu-west-3.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
576af229a9430a87f541023159dbc170298d53decf817e662d7f5c9637024744

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer
https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7

Response headers

ETag
"678100c0-190a5"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102565
Date
Fri, 10 Jan 2025 14:52:03 GMT
Content-Type
application/javascript
Last-Modified
Fri, 10 Jan 2025 11:13:04 GMT
Server
nginx/1.24.0 (Ubuntu)
index-31432941.css
heissetreffen.live/assets/ 		125 B
370 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.live/assets/index-31432941.css
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.236.131.1 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-131-1.eu-west-3.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
314329410abde08feb4303d45328c727e61a858157e704b06036e5f641764f54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7

Response headers

ETag
"678100c0-7d"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
125
Date
Fri, 10 Jan 2025 14:52:03 GMT
Content-Type
text/css
Last-Modified
Fri, 10 Jan 2025 11:13:04 GMT
Server
nginx/1.24.0 (Ubuntu)
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/bootstrap.bundle.min.js
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2925a1337f2046c1196fd30e6f3c2ff0cc68f11bd156d633ea169f2cd5dcfa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer
https://heissetreffen.live/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13ab0-zDkgqihecutKnzGqD/VTgB+CozY"
age
2634743
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 10 Jan 2025 14:52:03 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220043-FRA, cache-mad22046-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24716
x-jsd-version
5.3.0-alpha2
EHawkTalon.js
www.barecdn.com/Scripts/ExternalScoringService/ 		116 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.barecdn.com/Scripts/ExternalScoringService/EHawkTalon.js
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/lp13?video=8&click_id=1e0766651ebce5b88f83dedf3c1643d4&t1=54a246ca94&t2=c0b42f1154&select={32,23,160,142}&source=54a246ca94&subsource=c0b42f1154&tsid=777&bo=2753%2C2754%2C2755%2C2756&&traf_id=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ,
Resource Hash
4a79a8d4133104bf939bc1fe0c439e1243d3c930845529cb39c5d0c70f03ec6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heissetreffen.live/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"16d857af34dda1:0"
age
890247
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pg1XS0j5uzprA1vZKocjso9AtaMfoslWCu7di%2BmTXYX7BVZgwity2IqHtF%2B8yxFg4Fb%2FPy8We2UGbG1daAe0cexY%2BOmj25MlhTTwpM49dMwi3Z2coNv3a%2FaMGKlUZWfulW4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6582&min_rtt=6499&rtt_var=1433&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4201&recv_bytes=4374&delivery_rate=96530&cwnd=12000&unsent_bytes=0&cid=e0709c5e8def950c&ts=22&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 10 Jan 2025 14:52:03 GMT
content-type
application/javascript
last-modified
Tue, 23 Jan 2024 11:58:28 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
x-aspnet-version
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffd7d18bfb3d2a4-FRA
accept-ranges
bytes
content-length
48105
x-powered-by
,
server
cloudflare
firebase-app.js
www.gstatic.com/firebasejs/10.12.2/ 		99 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.12.2/firebase-app.js
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08b83f02859328aabb9acea9370d600ffe739d9e2c251b6668b6f6ff56a2e1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer
https://richinfo.co/

Response headers

content-encoding
gzip
age
280968
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 08:49:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 08:49:15 GMT
last-modified
Mon, 27 May 2024 17:13:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
22535
x-xss-protection
0
server
sffe
firebase-messaging.js
www.gstatic.com/firebasejs/10.12.2/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.12.2/firebase-messaging.js
Requested by
Host: app.3dxxxadult.com
URL: https://app.3dxxxadult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c28064598de8d36d4f19bffbf443141ede3879ae7f59a3df2aafad3f92afe93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer
https://richinfo.co/

Response headers

content-encoding
gzip
age
280035
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 09:04:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 09:04:48 GMT
last-modified
Mon, 27 May 2024 17:13:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
8646
x-xss-protection
0
server
sffe
gtm.js
www.googletagmanager.com/ 		0
0
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/assets/index-31432941.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ede014f47795c3d04812b724ef687909970f776d37854e7312a5ad859c84e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heissetreffen.live/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 14:52:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 14:52:03 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 10 Jan 2025 14:04:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
Index-0bc99eed.js
heissetreffen.live/assets/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heissetreffen.live/assets/Index-0bc99eed.js
Requested by
Host: heissetreffen.live
URL: https://heissetreffen.live/assets/index-f7d17062.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.236.131.1 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-131-1.eu-west-3.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
fe8d5dc8a41f518dd077893c6baddd0b9f6e0bedcc3b1ebf61cc042740f28836

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://heissetreffen.live
Referer

Response headers

ETag
"678100c0-5eca"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24266
Date
Fri, 10 Jan 2025 14:52:03 GMT
Content-Type
application/javascript
Last-Modified
Fri, 10 Jan 2025 11:13:04 GMT
Server
nginx/1.24.0 (Ubuntu)
endpoints-f0a1f713.js
heissetreffen.live/assets/ 		0
0
StepsMarker-81c4b8a0.js
heissetreffen.live/assets/ 		0
0
config-1f26b75d.js
heissetreffen.live/assets/ 		0
0
Language-f0ecbc64.js
heissetreffen.live/assets/ 		0
0
Searching-3826d523.js
heissetreffen.live/assets/ 		0
0
Searching-014fe419.css
heissetreffen.live/assets/ 		0
0
sweetalert2.all-ffd69327.js
heissetreffen.live/assets/ 		0
0
urlParameters-a2a6915e.js
heissetreffen.live/assets/ 		0
0
api-ee6e96fa.js
heissetreffen.live/assets/ 		0
0
Searching-94c4a5fd.js
heissetreffen.live/assets/ 		0
0
Searching-4f5f747c.css
heissetreffen.live/assets/ 		0
0
Footer12-547db272.js
heissetreffen.live/assets/ 		0
0
Footer12-48c52db1.css
heissetreffen.live/assets/ 		0
0
Background-93f68d24.js
heissetreffen.live/assets/ 		0
0
Background-db2dc60b.css
heissetreffen.live/assets/ 		0
0
Index-187f8fd5.css
heissetreffen.live/assets/ 		0
0
st
rtb.pushdom.co/pb/ 		0
0
st
rtb.pushdom.co/pb/ 		0
0
KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
fonts.gstatic.com/s/roboto/v47/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.3dxxxadult.com
URL
https://app.3dxxxadult.com/_e
Domain
app.3dxxxadult.com
URL
https://app.3dxxxadult.com/_e
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSFQF6D
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/endpoints-f0a1f713.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/StepsMarker-81c4b8a0.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/config-1f26b75d.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Language-f0ecbc64.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Searching-3826d523.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Searching-014fe419.css
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/sweetalert2.all-ffd69327.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/urlParameters-a2a6915e.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/api-ee6e96fa.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Searching-94c4a5fd.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Searching-4f5f747c.css
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Footer12-547db272.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Footer12-48c52db1.css
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Background-93f68d24.js
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Background-db2dc60b.css
Domain
heissetreffen.live
URL
https://heissetreffen.live/assets/Index-187f8fd5.css
Domain
rtb.pushdom.co
URL
https://rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=946538&sid=353924&dm=heissetreffen.live&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Domain
rtb.pushdom.co
URL
https://rtb.pushdom.co/pb/st?sctp=content-locker&m=si&pid=946538&sid=353924&dm=heissetreffen.live&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer number| uidEvent object| bootstrap object| Talon object| regeneratorRuntime object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__

13 Cookies

Domain/Path Name / Value
app.3dxxxadult.com/ Name: session_id
Value: 5216c955e4c14ad9126b3c9198b571af
app.3dxxxadult.com/ Name: afd_style_id
Value: 7637993503
.3dxxxadult.com/ Name: __gsas
Value: ID=cd7312125bc08503:T=1736520721:RT=1736520721:S=ALNI_MamPQk2P2zI0x190g8j5iYim9p8KA
t.ajrkm.link/ Name: enc_aff_session_3788
Value: ENC03d47d9798ca1c2b25ded41b75f91ddee35e0eafdfefafb6df3b48a8e842f678cbe7fe9188dc30d79660b4ce3d4fdcb5c025555299b9963632da9942806e43a42b418044b9d77f140bdb6ceee8651e533b881061cdf1c294decbab1aa447b57b15b9addbd425aa9f6edf65d12e5a1fc29d643e60758e28c4a9629dcd76210d6da8b181e8530c4523e33e4b2fb119c7df985fa79fdc76809890cd3d352cbad2024b7295d80171c7be4f0b288016e5b44471a1f0f9e8fc9f32f8a266389af90c87989781a8aaaf1354d287f40f01e1ce2b15ab52f8ea691e1a246ea7ec39b8cd70663505db5a
t.ajrkm.link/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
.a.vfghc.com/ Name: 487c489c-8ee4-40f8-b2ec-dc0e342b5275-v4
Value: VKZB_nleCnLsMNI6oM-AM0MsVYTc4CC_yYJSiSuSPq4
.a.vfghc.com/ Name: cc-v4
Value: a4qKU9KVtUlnNPE%2BqAIdvkyWw2n6mNcSVcsUPnKL5HI40erlcYWNHit%2F94M8kJMO0Zk2gwCbdVBkJqxp%2BJgW6CpGbKxUGmz4I7UP8rwENfy0qQLwkP%2F0kbIuWz4%2Fzb%2F3rXIL0WhYeR%2Bcp%2BZLicqQKA%3D%3D
.a.avlm3.com/ Name: 6dea95f7-febc-4fec-b477-c5c9e4651559-v4
Value: EO6pUBBYM2pSVIRKhjYOMQ-4zFWOJnG-9jkI25T7aWw
.a.avlm3.com/ Name: cc-v4
Value: RTvr32NIPSdw5sepMPiqfIrMOMZI3e507CYGHlGif8rPDv%2F3OR9P3lx2v2nlzfarXF%2Bmy0CrHmUeSQ5jFiZ7vE7ocTTGJ2LCrtAoLmZ9lhkDxjPE9or5nHPPCudwE9T8Tvc7vBqnsXuH3tj89GwKmg%3D%3D
s.sloffer1.com/ Name: enc_aff_session_9688
Value: ENC03654eb70e1242cf36bd453021f175741587ae6e1a0b5d826400fc0a9679637fa715f995c599decf9f708e51ce002a127dd50df4dd081c9b9d75dc77860a7e36428c0cb7cb12eec7a497d22542350bb7bfd876ebd8652f97c07715ee14ab0215526df906b3bded8acb3757c47f02fec858468b7c21464d3f831c8f851ab2170f06ca6a7c89c6590b043d6f17f736a348f97a6a59d00fcdb769513090ccc604782277b457fac12d6497ec285603184be9c35724f4c648a1c6ae3d074ebf50af9dca8c97524c1db6d80986b03b039865f0df4a3da2c1f75e9d124977cd3f7bd6e2b774a72c798b221416d3fa1a76becbd63d49ce678c9c956e4d865d3c837b69f84b0f1a1ff9
s.sloffer1.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
trcke07.xyz/ Name: XSRF-TOKEN
Value: eyJpdiI6IjM1QnJQbm5IVCtVUnJVYWNkazMvcnc9PSIsInZhbHVlIjoicENwc0NmWThkVWVUdytaekY4dFBCT0I3eEM0MWplT20yekFBWS9WV0hGQkNMZTNnZ2p6UUYyWFIvTkVzR0lXTTZwL3hqUlk4VEhYSlY4K003UGdyYmZSUlV0RVpJZFllRWdKWnVnbkJKL0RhaEwzV2lYd2VpNWM0V0VGeWF4QlYiLCJtYWMiOiI0M2Q0NmI0NTU1N2VjY2Y2YjQ2MDBjMDQ5YjhiNDI3N2VlMWEyNTQ3ZTA5ZDg2ODc2YjMzMTkxNDUzNjIwMWRhIiwidGFnIjoiIn0%3D
trcke07.xyz/ Name: leadbull_session
Value: eyJpdiI6IkJFK1pETUkySkpBUlpCMDZWSzJURHc9PSIsInZhbHVlIjoiTk9ESXVDMlhHWlJKNndIV0xOQ3NmUkR6QjlldXpBWkdPMHQxWTdpQnJvRkRtK1YwY25aN2Z6bVBBNHJoaHJ5MGIxMzFtNzQvUGtMSTNzWFJJT2ZTbkFmMlBUcmpKUmp1aFgzK1hMZEt1VWVFKzRMdkZXVzdBQUU1M1h1OVQ1aFMiLCJtYWMiOiI3YmQ5MGEzZjk0ZjU1OGE2YmJlYWQ5NTQ0YTBjMjQ1N2NiMjU5OWQ2YWU1YzcxZjFkOWUxYmU3N2JjNWQyZjc2IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.avlm3.com
a.vfghc.com
app.3dxxxadult.com
bam.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
heissetreffen.live
js-agent.newrelic.com
partner.googleadservices.com
richinfo.co
rtb.pushdom.co
s.sloffer1.com
syndicatedsearch.goog
t.ajrkm.link
trcke07.xyz
www.barecdn.com
www.google.com
www.googletagmanager.com
www.gstatic.com
app.3dxxxadult.com
fonts.gstatic.com
heissetreffen.live
rtb.pushdom.co
www.googletagmanager.com
104.17.24.14
13.39.53.198
142.250.186.132
15.236.131.1
162.247.241.14
172.217.23.98
18.245.60.79
188.114.97.3
2600:9000:2250:a400:7:411:6c0:93a1
2600:9000:2250:e600:12:673e:19c0:93a1
2602:816:5001::39
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200e
2a01:7e01::f03c:95ff:fe00:2692
2a04:4e42:600::485
34.236.83.126
5.200.15.239
08b83f02859328aabb9acea9370d600ffe739d9e2c251b6668b6f6ff56a2e1d1
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1083e15f17276402d259f207d321498179dac9996221d7945ac21055bb7bf2f4
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
1ede014f47795c3d04812b724ef687909970f776d37854e7312a5ad859c84e41
2925a1337f2046c1196fd30e6f3c2ff0cc68f11bd156d633ea169f2cd5dcfa5e
2eb7e0c02b6014f45dcf02acc2ba369276f154be763d5c89669b08ee6c234090
314329410abde08feb4303d45328c727e61a858157e704b06036e5f641764f54
3ac12dbc4217b6b08c6ba9a40dae26bdc66ffe961df76db97542c6da9deeed2c
4a79a8d4133104bf939bc1fe0c439e1243d3c930845529cb39c5d0c70f03ec6d
576af229a9430a87f541023159dbc170298d53decf817e662d7f5c9637024744
5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed
680dec2e6101c4a292478ddd383266799bbaa973a27a7db59ccdb335bed28b44
6b6aa6018aa6ea3ae4027e02236405fbfa0b9de70a9029165572ddbb2de1c7e1
8c88ee7c40a98d8410f9c0d0fa1b151bcf0e18ac2d11f6aff210ee00cfc99317
9a9622bf899b7d4a0e3e56f1051aeb09114f1d19cebd4e4b2e6f498d1283b687
bcb289587f62b292cfdfb28c873f644951bd5b395dd501dba3b3030000274347
c28064598de8d36d4f19bffbf443141ede3879ae7f59a3df2aafad3f92afe93c
c309f8f6f59eb4ab9cc90575248778197029216719a95d882f65ea66928a944d
ede98151b9db3ca4ea38aba9b28f5bfd167995721c52d22f114197d51b2a67b1
fe8d5dc8a41f518dd077893c6baddd0b9f6e0bedcc3b1ebf61cc042740f28836