www.whatsaffair.de Open in urlscan Pro
2600:9000:214f:7a00:7:2b30:ac0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://whatsaffair.de/
Effective URL:
https://www.whatsaffair.de/
Submission: On March 11 via manual (March 11th 2020, 2:50:13 pm UTC) from FI

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2600:9000:214f:7a00:7:2b30:ac0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.whatsaffair.de.
TLS certificate: Issued by Amazon on February 26th 2020. Valid for: a year.

This is the only time www.whatsaffair.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:214... 2600:9000:214f:ce00:7:2b30:ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2600:9000:214... 2600:9000:214f:7a00:7:2b30:ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	99.86.3.62 99.86.3.62	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
15	7

1 2600:9000:214f:ce00:7:2b30:ac0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

whatsaffair.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:7a00:7:2b30:ac0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.whatsaffair.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.3.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-62.fra6.r.cloudfront.net

media.whatsaffair.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	whatsaffair.de 2 redirects whatsaffair.de www.whatsaffair.de media.whatsaffair.de	377 KB
1	google.de www.google.de	110 B
1	google.com www.google.com	110 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
15	6

	Domain	Requested by
8	media.whatsaffair.de	www.whatsaffair.de
3	www.whatsaffair.de	1 redirects www.whatsaffair.de
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.whatsaffair.de
1	whatsaffair.de	1 redirects
15	8

This site contains links to these domains. Also see Links.

Domain
bucksmedia.hasoffers.com

Subject Issuer	Validity	Valid
www.whatsaffair.de Amazon	`2020-02-26` - `2021-03-26`	a year	crt.sh
*.whatsaffair.de Amazon	`2020-02-15` - `2021-03-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.whatsaffair.de/
Frame ID: 4500383BC4E5AD7C52EFFA5C85AE8B71
Requests: 9 HTTP requests in this frame

Frame: https://www.whatsaffair.de/trckng/landingpageview
Frame ID: 6FFE787A1162ABB15A64BC08CD7F43B1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://whatsaffair.de/ HTTP 301
http://www.whatsaffair.de/ HTTP 301
https://www.whatsaffair.de/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

15
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

415 kB
Transfer

870 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bucksmedia.hasoffers.com/
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://whatsaffair.de/ HTTP 301
http://www.whatsaffair.de/ HTTP 301
https://www.whatsaffair.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.whatsaffair.de/
Redirect Chain

http://whatsaffair.de/
http://www.whatsaffair.de/
https://www.whatsaffair.de/

26 KB
26 KB

428ms
408ms

Document
text/html

2600:9000:214f:7a00:7:2b30:ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:7a00:7:2b30:ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e156a968a246679666c8c6f249e0d1c3f1663278352fb0d47553c6ffbd462d27

Request headers

:method: GET
:authority: www.whatsaffair.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=23bbt0ksdtjp8ddo2sfoalk6g4; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A3252E67369B1FCB4CD6926682E0C11479F99941526A518EB8BDF607BCDCEA6DA03DFE00E18936640CF12AFD33F06B08807E9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Wed, 11 Mar 2020 14:49:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
set-cookie: consent=1; Expires=Fri, 10-Apr-2020 14:49:57 GMT; Domain=whatsaffair.de; Path=/
x-cache: Miss from cloudfront
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rWbUWktnMlEKaW4BSICgPFC_NP7-39vey7i5VPFC8P69yXqqiN3lqA==

Redirect headers

Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Cache-control: no-cache="set-cookie"
Date: Wed, 11 Mar 2020 14:49:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://www.whatsaffair.de/
Pragma: no-cache
Server: Apache
Set-Cookie: PHPSESSID=23bbt0ksdtjp8ddo2sfoalk6g4; path=/ AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A3252E67369B1FCB4CD6926682E0C11479F99941526A518EB8BDF607BCDCEA6DA03DFE00E18936640CF12AFD33F06B08807E9;PATH=/
X-Cache: Miss from cloudfront
Via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: oH6GflsIqDBGhKjmKhBaL5euZvVOy_wbEzX1ZB2GbyWyOyTf2YH1sA==

GET
H2 200 style.css
media.whatsaffair.de/css/landingpage/matchm/ 272 KB
46 KB 148ms
25ms Stylesheet
text/css 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.whatsaffair.de/css/landingpage/matchm/style.css?version=7694
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60ec76e8f23863291ca01bba96283895b7dd3b5ba9b5010c9c418be0381554d

Request headers

Referer: https://www.whatsaffair.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 09 Mar 2020 22:11:43 GMT
content-encoding: gzip
last-modified: Tue, 03 Mar 2020 12:05:54 GMT
server: AmazonS3
age: 146295
etag: "b50a91caf5f6ed8231c0e07a54ccbf50"
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=3153600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 46538
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
x-amz-cf-id: LKKJdB-4OOZcpXmhPHknbQMQHGljovQcT5MuQvGWmMY4MgvXeoZmZQ==

GET
H2 200 script.js Show response
media.whatsaffair.de/js/landingpage/ 241 KB
73 KB 172ms
50ms Script
text/javascript 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.whatsaffair.de/js/landingpage/script.js?version=7694
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72bca1cc084e7aa8d4988114a5c66fd69784ec47b271c3b7366b322a3f72b81c

Request headers

Referer: https://www.whatsaffair.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 12:10:50 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 11:30:12 GMT
server: AmazonS3
age: 700748
etag: "c8bb30677dfffc4bc6ab6f8d4b559917"
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=3153600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 74439
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
x-amz-cf-id: VARF3xK1T7U-FyKZZUSaVtlNf_mSs-F8-XtGCGuf0nUf6cMUyIKmCg==

GET
H2 200 logo_bright.png
media.whatsaffair.de/project/95/ 10 KB
10 KB 184ms
62ms Image
image/png 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.whatsaffair.de/project/95/logo_bright.png?config=7694
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9da9a72e2f3dffed9a302e4827178271b268370a93b86c97b2cc0558c4841849

Request headers

Referer: https://www.whatsaffair.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 12:12:32 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2019 07:04:34 GMT
server: AmazonS3
age: 700646
etag: "e326156338605ca8655848023f86c710"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=3153600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 10015
x-amz-cf-id: JZj16_Kf64Y7SmRt2dXs8yZiYpgmhxLHE7kAe5IdLU08KkEEUoNKsw==

GET
H2 200 landingpageview Show response
www.whatsaffair.de/trckng/ Frame 6FFE 327 B
654 B 114ms
113ms Document
text/html 2600:9000:214f:7a00:7:2b30:ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.whatsaffair.de/trckng/landingpageview
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:7a00:7:2b30:ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6a8c4765981b703910436b2046defeb06bea4ff5889cf2d4c85a3b384f0da112

Request headers

:method: GET
:authority: www.whatsaffair.de
:scheme: https
:path: /trckng/landingpageview
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.whatsaffair.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=23bbt0ksdtjp8ddo2sfoalk6g4; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A3252E67369B1FCB4CD6926682E0C11479F99941526A518EB8BDF607BCDCEA6DA03DFE00E18936640CF12AFD33F06B08807E9; consent=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.whatsaffair.de/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 327
cache-control: no-store, no-cache, must-revalidate
date: Wed, 11 Mar 2020 14:49:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
x-cache: Miss from cloudfront
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: AA7eoNP4rR95SyGCkG-xN2AqtUWaXhsoLjZKCXYK9s5A6Gvfs4uVuw==

GET
H2 200 motiv.jpg
media.whatsaffair.de/project/95/ 104 KB
104 KB 25ms
24ms Image
image/jpeg 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.whatsaffair.de/project/95/motiv.jpg
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbb34e2014b1b5a0de4dcfa7abd38c45a067edcdb987301e34b45d0be3226e32

Request headers

Referer: https://www.whatsaffair.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 05 Feb 2020 02:39:43 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2019 13:43:45 GMT
server: AmazonS3
age: 3067815
etag: "77b2e3a67ca12c93324e788cef31b4eb"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=3153600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 106374
x-amz-cf-id: AsI449qH9-5ZmRatyVF1ydDkfiK1h2mvA-NjA4cBbFYT8EFVcypOeg==

GET
H2 200 reg_gender_male.jpg
media.whatsaffair.de/images/zone/casual/ 17 KB
17 KB 29ms
29ms Image
image/jpeg 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.whatsaffair.de/images/zone/casual/reg_gender_male.jpg?version=7694
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 914c03bbf661314b4fdfac726b7b878a2302d517c2c10c7b36e011a0866ffb5a

Request headers

Referer: https://www.whatsaffair.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 06:24:45 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 24 Apr 2018 06:44:50 GMT
server: AmazonS3
age: 30313
etag: "a9247e4213ea16c5473f6b48b59e5485"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 17074
x-amz-cf-id: lTIBbp8q2UTKaCoByeUIZ598fSpiX5hWiqSY4dejvoKOMKzho5fkVA==

GET
H2 200 reg_gender_female.jpg
media.whatsaffair.de/images/zone/casual/ 22 KB
22 KB 30ms
29ms Image
image/jpeg 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.whatsaffair.de/images/zone/casual/reg_gender_female.jpg?version=7694
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfbb23b6df05261b8a1e36607d85320c52dca7a2296e27ccf403d10b2eb71cf3

Request headers

Referer: https://www.whatsaffair.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 00:14:37 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 24 Apr 2018 06:44:50 GMT
server: AmazonS3
age: 52521
etag: "0973faddec5802bbce5412368a101ddc"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 22099
x-amz-cf-id: KolrP1enEmYpDdbERfQ47yB0WLldssLw3Z8tnTULKQoB9colmWrkJA==

GET
H2 200 glyphicons-halflings-regular.woff2
media.whatsaffair.de/images/project/layout/responsive/fonts/ 18 KB
18 KB 80ms
35ms Font
application/octet-stream 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.whatsaffair.de/images/project/layout/responsive/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://media.whatsaffair.de/css/landingpage/matchm/style.css?version=7694
Origin: https://www.whatsaffair.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 00:14:39 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 52519
x-cache: Hit from cloudfront
status: 200
content-length: 18028
last-modified: Tue, 24 Apr 2018 08:38:18 GMT
server: AmazonS3
etag: "448c34a56d699c29117adc64c43affeb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: c293hDIKlnXx8PTkUU4QE28z4jeaw0T3rgmoJhNYLgVhQeZM8SjT9g==

GET
H2 200 landingpages.png
media.whatsaffair.de/images/project/ 59 KB
59 KB 25ms
25ms Image
image/png 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.whatsaffair.de/images/project/landingpages.png?version=7694
Requested by: Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1604a95ef9fcd8faa13e96f3b2229ef6b95a472c0249a51651ab009e13f9e8cd

Request headers

Referer: https://media.whatsaffair.de/css/landingpage/matchm/style.css?version=7694
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 09:53:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 15 May 2018 17:59:00 GMT
server: AmazonS3
age: 17814
etag: "39209b4ea89b427c7bed6f72d645b8b0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 59951
x-amz-cf-id: zyLSLKsO6Q9qgHk9XDm0Wywb5-mgP4jhROH5QD6tXkKY_itdJQ5Oew==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6FFE 75 KB
28 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1033377759

Requested by

Host: www.whatsaffair.de
URL: https://www.whatsaffair.de/trckng/landingpageview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e38d81e169a07ef5bce1d0340940a0e5daaba4b0b96df5dcb1721f6d392d71ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.whatsaffair.de/trckng/landingpageview
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 14:49:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28488
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Mar 2020 14:49:57 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 6FFE 26 KB
10 KB 33ms
33ms Script
text/javascript 172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1033377759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whatsaffair.de/trckng/landingpageview
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 14:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9953
x-xss-protection: 0
server: cafe
etag: 242256469415106277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Mar 2020 14:49:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1033377759/ Frame 6FFE 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1033377759/?random=1583938197444&cv=9&fst=1583938197444&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.whatsaffair.de%2F&ref=https%3A%2F%2Fwww.whatsaffair.de%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39ccb34b58a815dae06a6504bbc8b727991f479c1370720ffd6b8e20790ddb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whatsaffair.de/trckng/landingpageview
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 14:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1008
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1033377759/ Frame 6FFE 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1033377759/?random=1583938197444&cv=9&fst=1583935200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.whatsaffair.de%2F&ref=https%3A%2F%2Fwww.whatsaffair.de%2F&async=1&fmt=3&is_vtc=1&random=1527409889&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whatsaffair.de/trckng/landingpageview
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 14:49:57 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1033377759/ Frame 6FFE 42 B
110 B 24ms
23ms Image
image/gif 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1033377759/?random=1583938197444&cv=9&fst=1583935200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.whatsaffair.de%2F&ref=https%3A%2F%2Fwww.whatsaffair.de%2F&async=1&fmt=3&is_vtc=1&random=1527409889&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whatsaffair.de/trckng/landingpageview
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 14:49:57 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.whatsaffair.de/	1970-01-19 08:42:10	Name: consent Value: 1
www.whatsaffair.de/	1969-12-31 23:59:59	Name: AWSELB Value: 9585594B06F2E7045FD8B793A1BFD2C40F279A3252E67369B1FCB4CD6926682E0C11479F99941526A518EB8BDF607BCDCEA6DA03DFE00E18936640CF12AFD33F06B08807E9
www.whatsaffair.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 23bbt0ksdtjp8ddo2sfoalk6g4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
media.whatsaffair.de
whatsaffair.de
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.whatsaffair.de
172.217.16.162
2600:9000:214f:7a00:7:2b30:ac0:93a1
2600:9000:214f:ce00:7:2b30:ac0:93a1
2a00:1450:4001:800::2008
2a00:1450:4001:808::2004
2a00:1450:4001:820::2002
2a00:1450:4001:825::2003
99.86.3.62
1604a95ef9fcd8faa13e96f3b2229ef6b95a472c0249a51651ab009e13f9e8cd
332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b
39ccb34b58a815dae06a6504bbc8b727991f479c1370720ffd6b8e20790ddb2b
6a8c4765981b703910436b2046defeb06bea4ff5889cf2d4c85a3b384f0da112
72bca1cc084e7aa8d4988114a5c66fd69784ec47b271c3b7366b322a3f72b81c
914c03bbf661314b4fdfac726b7b878a2302d517c2c10c7b36e011a0866ffb5a
9da9a72e2f3dffed9a302e4827178271b268370a93b86c97b2cc0558c4841849
bfbb23b6df05261b8a1e36607d85320c52dca7a2296e27ccf403d10b2eb71cf3
c60ec76e8f23863291ca01bba96283895b7dd3b5ba9b5010c9c418be0381554d
dbb34e2014b1b5a0de4dcfa7abd38c45a067edcdb987301e34b45d0be3226e32
e156a968a246679666c8c6f249e0d1c3f1663278352fb0d47553c6ffbd462d27
e38d81e169a07ef5bce1d0340940a0e5daaba4b0b96df5dcb1721f6d392d71ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.whatsaffair.de Open in urlscan Pro 2600:9000:214f:7a00:7:2b30:ac0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

75 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

415 kBTransfer

870 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

3 Cookies

Indicators

www.whatsaffair.de Open in urlscan Pro
2600:9000:214f:7a00:7:2b30:ac0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

415 kB
Transfer

870 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions