urlscan.io logo urlscan.io
SecurityTrails logo

signup.bumsenstattwichsen.com Open in urlscan Pro
185.222.108.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4
Effective URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_ei...
Submission: On October 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 13 domains to perform 33 HTTP transactions. The main IP is 185.222.108.41, located in Netherlands and belongs to SUPPORTA, NL. The main domain is signup.bumsenstattwichsen.com.
TLS certificate: Issued by R10 on October 22nd 2024. Valid for: 3 months.
This is the only time signup.bumsenstattwichsen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 194.116.151.56 44949 (GIGACODES-AS)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
16 185.222.108.41 205316 (SUPPORTA)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
3 185.222.108.15 205316 (SUPPORTA)
5 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
1 1 142.250.184.196 15169 (GOOGLE)
1 216.58.206.34 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
33 8
3    194.116.151.56 (Switzerland)

ASN44949 (GIGACODES-AS, DE)
zuhulu.com
www.zuhulu.com
www.flibzee.com
1    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
1.de04trckingmic.com
16    185.222.108.41 (Netherlands)

ASN205316 (SUPPORTA, NL)
PTR: NS01.hostingfinity.com
signup.bumsenstattwichsen.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    185.222.108.15 (Netherlands)

ASN205316 (SUPPORTA, NL)
lpapi.campaignbarn.com
api.mastersinleads.com
5    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
googleads.g.doubleclick.net
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 bumsenstattwichsen.com
signup.bumsenstattwichsen.com
432 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
389 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
10 KB
2 gstatic.com
fonts.gstatic.com
51 KB
2 mastersinleads.com
api.mastersinleads.com
2 KB
2 zuhulu.com
zuhulu.com
www.zuhulu.com
348 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
65 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
24 B
1 campaignbarn.com
lpapi.campaignbarn.com
340 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 de04trckingmic.com
1.de04trckingmic.com
423 B
1 flibzee.com
www.flibzee.com
230 B
33 13
Domain Requested by
16 signup.bumsenstattwichsen.com signup.bumsenstattwichsen.com
5 www.googletagmanager.com signup.bumsenstattwichsen.com
www.googletagmanager.com
4 region1.google-analytics.com www.googletagmanager.com
3 unpkg.com 2 redirects signup.bumsenstattwichsen.com
2 fonts.gstatic.com fonts.googleapis.com
2 api.mastersinleads.com signup.bumsenstattwichsen.com
1 googleads.g.doubleclick.net signup.bumsenstattwichsen.com
1 www.google.com 1 redirects
1 lpapi.campaignbarn.com signup.bumsenstattwichsen.com
1 fonts.googleapis.com signup.bumsenstattwichsen.com
1 1.de04trckingmic.com 1 redirects
1 www.flibzee.com 1 redirects
1 www.zuhulu.com 1 redirects
1 zuhulu.com 1 redirects
33 14

This site contains links to these domains. Also see Links.

Domain
www.meinmilfkontakt.com
Subject Issuer Validity Valid
signup.bumsenstattwichsen.com
R10		 2024-10-22 -
2025-01-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
lpapi.campaignbarn.com
R10		 2024-10-01 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
api.mastersinleads.com
R11		 2024-10-06 -
2025-01-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Frame ID: FD169C22123C7993605BF6F1DC9AEB47
Requests: 32 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsignup.bumsenstattwichsen.com
Frame ID: B93F15F7F39188A0A3987A4005226C45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Finde deinen Chatpartner

Page URL History Show full URLs

  1. http://zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6... HTTP 307
    https://zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6... HTTP 301
    https://www.zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6... HTTP 307
    https://www.flibzee.com/gekko/dating/12/?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4 HTTP 307
    https://1.de04trckingmic.com/click?pid=150&offer_id=638&sub1=6719b410908147eeb0a474bdeaf82aa9&sub2=52679&... HTTP 302
    https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f6... Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

94 %
HTTPS

36 %
IPv6

13
Domains

14
Subdomains

8
IPs

4
Countries

885 kB
Transfer

1846 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4 HTTP 307
    https://zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4 HTTP 301
    https://www.zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4 HTTP 307
    https://www.flibzee.com/gekko/dating/12/?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4 HTTP 307
    https://1.de04trckingmic.com/click?pid=150&offer_id=638&sub1=6719b410908147eeb0a474bdeaf82aa9&sub2=52679&sub3=6455_1220_1210&l=1726557935 HTTP 302
    https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://unpkg.com/@popperjs/core@2 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Request Chain 22
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101686685~101794737~101823848&rnd=1336781529.1729737746&url=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n91T4DMVWSTv9191401094za200&auid=898438411.1729737746 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101686685~101794737~101823848&rnd=1336781529.1729737746&url=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n91T4DMVWSTv9191401094za200&auid=898438411.1729737746

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/
Redirect Chain
  • http://zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4
  • https://zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4
  • https://www.zuhulu.com/gekko/12/655b5978-7f16-1ac8-670d-2f949b551c6c?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4
  • https://www.flibzee.com/gekko/dating/12/?w=52679&ws=6455_1220_1210&wt=6714bed93a770a0001a10fc4
  • https://1.de04trckingmic.com/click?pid=150&offer_id=638&sub1=6719b410908147eeb0a474bdeaf82aa9&sub2=52679&sub3=6455_1220_1210&l=1726557935
  • https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2...
61 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
4ea9edf2ab8889a1854aa1e3a8a69dce88271747946cecbcafb46b40150e54d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
13536
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 02:42:24 GMT
etag
"6710db48-f57e"
last-modified
Thu, 17 Oct 2024 09:39:20 GMT
server
httpd
vary
Accept-Encoding
x-aspnet-version
x-powered-by

Redirect headers

access-control-allow-origin
*
content-length
0
date
Thu, 24 Oct 2024 02:42:24 GMT
location
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
server
nginx
x-adjust-use-original-forwarded-for
1
bundle.css
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/css/ 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/css/bundle.css?v=1729157904971
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
9d07aad2f8bbe82ffcaf43b3fccecd0d4290a507809daa249381893753912552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
content-encoding
gzip
etag
"6710db48-7867"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
9586
date
Thu, 24 Oct 2024 02:42:24 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 09:39:20 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
CbSidV100.js
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/CbSidV100.js?a=dGVtcGxhdGU9RElTUDAwNCZnZW89REUmbmljaGU9TWF0dXJlJm51ZGl0eT1Ob24tbnVkZSZpc0dvb2dsZVNhZmU9ZmFsc2UmbGFuZ3VhZ2U9REUmdmFyaWF0aW9uPURFLU0tMiZidWlsZFZlcj0yMDI0LTEwLTE3VDA5JTNBMzglM0EyNC45NzFa
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
3e6b6e7cec3e31f88d53003cf3390a12c6dd778d35d065cc6eb9bb78cec22bf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
content-encoding
gzip
etag
"66d85fbc-2b13"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
4757
date
Thu, 24 Oct 2024 02:42:24 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 04 Sep 2024 13:25:16 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lobster&family=Roboto:wght@400;600;700&display=swap
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bdd592feb7b9e0d0b29deedf946d7ae1dbacaa6caece6765b6c75fa344e8a173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 02:42:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 24 Oct 2024 02:42:25 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
logoicon.png
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/logoicon.png
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
66674310bfeaff8465e502b8410581cea7beed5ed5350b0f679747cfa3a245f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
etag
"66c5dc93-bc7"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
3015
date
Thu, 24 Oct 2024 02:42:24 GMT
content-type
image/png
last-modified
Wed, 21 Aug 2024 12:24:51 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
profilepic01.jpg
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/profilepic01.jpg
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
579a9322f10181b04a568e7e2cd829400ba48166f2f70f8187e1be18ac100de4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
etag
"66c5dc93-4bad"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
19373
date
Thu, 24 Oct 2024 02:42:24 GMT
content-type
image/jpeg
last-modified
Wed, 21 Aug 2024 12:24:51 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
profilepic02.jpg
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/profilepic02.jpg
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
09e9d91e1185fb09cdbe7e6da9b4ec20ededce0b7b368e5a9a4896d170fd0161

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
etag
"66c5dc93-5471"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
21617
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/jpeg
last-modified
Wed, 21 Aug 2024 12:24:51 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
thumbs-down.svg
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/thumbs-down.svg
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
11e2c257e1369243b3158ea650480d3e79be4e14ab15c3a6a06c333f2caf55aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

x-aspnet-version
etag
"66b6026c-410"
accept-ranges
bytes
content-length
1040
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/svg+xml
last-modified
Fri, 09 Aug 2024 11:50:04 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
thumbs-up.svg
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/thumbs-up.svg
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
d0959cd006673886a211cbac7c0ab32d3dd187dc544b5a1bd31e490b6a0d3966

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

x-aspnet-version
etag
"66b6026c-417"
accept-ranges
bytes
content-length
1047
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/svg+xml
last-modified
Fri, 09 Aug 2024 11:50:04 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
profilepic03.jpg
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/profilepic03.jpg
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
9d206f0778499ae63a8d3a9bdb42eaa81a2dd34a6557674ad3713f163f33271b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
etag
"66c5dc93-4ea3"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
20131
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/jpeg
last-modified
Wed, 21 Aug 2024 12:24:51 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
eye.svg
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		753 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/eye.svg
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
f907f596af1b75e15b0f6d4418bf08938ceee0a2a8661b192624067a63b87156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

x-aspnet-version
etag
"66b6026c-2f1"
accept-ranges
bytes
content-length
753
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/svg+xml
last-modified
Fri, 09 Aug 2024 11:50:04 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
pristine.min.js
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/pristine.min.js?v=1729157904971
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
162fd56c6066385a3e3c5bda42667b2c272fad3ad3145bd46080cf9c020ec81e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
content-encoding
gzip
etag
"6602e5d7-1b79"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
3262
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 26 Mar 2024 15:12:23 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
EHawkTalon.js
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/ 		96 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/EHawkTalon.js?v=1729157904971
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
6be9802be5929a5c82bcb44ae2bee2054918a3f6b1e08ca0e50e80483c8edea1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
content-encoding
gzip
etag
"6617b3bc-18106"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
43937
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 11 Apr 2024 09:56:12 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
bundle.js
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/ 		83 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/bundle.js?v=1729157904971
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
7b09f4d37f224b1c361a9ed4af15f349cd3c2ad9b109caa64c44ba012bae0ae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
content-encoding
gzip
etag
"6710db45-14ae2"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
36305
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 17 Oct 2024 09:39:17 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
popper.min.js
unpkg.com/@popperjs/core@2.11.8/dist/umd/
Redirect Chain
  • https://unpkg.com/@popperjs/core@2
  • https://unpkg.com/@popperjs/core@2.11.8
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
age
27512
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 26 May 2023 17:27:16 GMT
fly-request-id
01JAXC73PCE6JS7EEMH2VPZG62-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d769d0e1d8cd3c2-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
location
/@popperjs/core@2.11.8/dist/umd/popper.min.js
content-encoding
br
cf-cache-status
HIT
age
1151497
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8d769d0d9d14d3c2-FRA
access-control-allow-origin
*
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01J9VW9RG6WNTE05AVBWJJZ5HG-fra
server
cloudflare
get
lpapi.campaignbarn.com/api/v1.0/lp/ 		79 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lpapi.campaignbarn.com/api/v1.0/lp/get?Cid=CI8df5947542c942f9b40e&Mid=MIabc3a4f65d614f8aa265&Cv%5Bcid%5D=CI8df5947542c942f9b40e&Cv%5Bmid%5D=MIabc3a4f65d614f8aa265&Cv%5Blp_scriptversion%5D=1.0.0&TcV%5Bclickid%5D=6719b4104132120001656c50&TcV%5Bpid%5D=150&TcV%5Bsub2%5D=52679&TcV%5Bsub3%5D=6455_1220_1210&TcV%5Boffer_id%5D=638&Qv%5Bpref_eid%5D=28&Clv%5Bbrowserlanguage%5D=de-DE&Clv%5Bclientipaddress%5D=&Clv%5Blanderurl%5D=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F%3Fcid%3DCI8df5947542c942f9b40e%26mid%3DMIabc3a4f65d614f8aa265%26pref_eid%3D28%26clickid%3D6719b4104132120001656c50%26offer_id%3D638%26pid%3D150%26sub2%3D52679%26sub3%3D6455_1220_1210&Clv%5Breferer%5D=&Clv%5Buseragent%5D=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F130.0.0.0+Safari%2F537.36&Lv%5Btemplate%5D=DISP004&Lv%5Bgeo%5D=DE&Lv%5Bniche%5D=Mature&Lv%5Bnudity%5D=Non-nude&Lv%5BisGoogleSafe%5D=false&Lv%5Blanguage%5D=DE&Lv%5Bvariation%5D=DE-M-2&Lv%5BbuildVer%5D=2024-10-17T09%3A38%3A24.971Z
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/CbSidV100.js?a=dGVtcGxhdGU9RElTUDAwNCZnZW89REUmbmljaGU9TWF0dXJlJm51ZGl0eT1Ob24tbnVkZSZpc0dvb2dsZVNhZmU9ZmFsc2UmbGFuZ3VhZ2U9REUmdmFyaWF0aW9uPURFLU0tMiZidWlsZFZlcj0yMDI0LTEwLTE3VDA5JTNBMzglM0EyNC45NzFa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.15 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
Software
httpd /
Resource Hash
d2396d6577a298962fa430a8b7c0b6f46fd15a578514430167bfa0f89a85233c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

x-powered-by
cache-control
no-cache
x-aspnet-version
api-supported-versions
1.0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://signup.bumsenstattwichsen.com
content-length
79
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
httpd
access-control-allow-headers
*
gtm.js
www.googletagmanager.com/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3W4Z2V&l=newDataLayer
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e260c0d94f14decd52c08e5158b055cb17652a2f136ed6bbcb2c1f77f0582a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 24 Oct 2024 02:42:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
70004
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		327 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4DMVWST&l=newDataLayer
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c551f2b44b6d84648c7e4e47dca61c795e3cf0b5ef56b816a98f6d98d4ae62bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 24 Oct 2024 02:42:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109458
x-xss-protection
0
server
Google Tag Manager
MIabc3a4f65d614f8aa265
api.mastersinleads.com/api/v1/manager/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.mastersinleads.com/api/v1/manager/MIabc3a4f65d614f8aa265
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/bundle.js?v=1729157904971
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.15 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
Software
httpd /
Resource Hash
9f2a9a3f01c98111bb49407c6e1a87a2e33f7fad84b70184a6a527d3b19bc900

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

x-powered-by
cache-control
no-cache
x-aspnet-version
api-supported-versions
1.0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://signup.bumsenstattwichsen.com
content-length
1440
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
httpd
access-control-allow-headers
*
getuseripaddress
api.mastersinleads.com/api/v1/location/ 		73 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.mastersinleads.com/api/v1/location/getuseripaddress
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/js/bundle.js?v=1729157904971
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.15 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
Software
httpd /
Resource Hash
935df3675deb15e46b7a7dbfbc89da0293edd86c28851e4739718df4cb88d6b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

x-powered-by
cache-control
no-cache
x-aspnet-version
api-supported-versions
1.0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://signup.bumsenstattwichsen.com
content-length
73
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
httpd
access-control-allow-headers
*
bgmain.jpg
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/=ZGU/ 		252 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/=ZGU/bgmain.jpg
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
71619c8a7172fdedaa0f6bbb3f228b0396de499f40b86b381e005b70afac5083

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
etag
"66d996a3-3f06b"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
258155
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/jpeg
last-modified
Thu, 05 Sep 2024 11:31:47 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v30/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9zoKmMw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.bumsenstattwichsen.com
Referer
https://fonts.googleapis.com/

Response headers

age
122841
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:35:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:35:04 GMT
last-modified
Thu, 24 Aug 2023 20:01:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33896
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://signup.bumsenstattwichsen.com
Referer
https://fonts.googleapis.com/

Response headers

age
123161
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:29:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:29:44 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101686685~101794737~101823848&rnd=1336781529.1729737746&url=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101686685~101794737~101823848&rnd=1336781529.1729737746&url=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101686685~101794737~101823848&rnd=1336781529.1729737746&url=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n91T4DMVWSTv9191401094za200&auid=898438411.1729737746
Requested by
Host: signup.bumsenstattwichsen.com
URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 24 Oct 2024 02:42:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101686685~101794737~101823848&rnd=1336781529.1729737746&url=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n91T4DMVWSTv9191401094za200&auid=898438411.1729737746
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 02:42:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
destination
www.googletagmanager.com/gtag/ 		320 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-Y81TD7609V&l=newDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4DMVWST&l=newDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6bae8889195a71d281b09f107008a9d081c80b53c0d8261d9ccb00fd20fd9232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Thu, 24 Oct 2024 02:42:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108631
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		320 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y81TD7609V&l=newDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4DMVWST&l=newDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aadb2a26f2ada4f77f6311ea912f478fab0bdd9d48f09a1e0a970b90ce2f9025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 02:42:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108576
x-xss-protection
0
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame B93F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsignup.bumsenstattwichsen.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4DMVWST&l=newDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
120767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 17:09:38 GMT
expires
Wed, 22 Oct 2025 17:09:38 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y81TD7609V&gtm=45je4al0v9191893642z89191401094za200zb9191401094&_p=1729737745361&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823848&cid=760900045.1729737746&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729737745&sct=1&seg=0&dl=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F%3Fcid%3DCI8df5947542c942f9b40e%26mid%3DMIabc3a4f65d614f8aa265%26pref_eid%3D28%26clickid%3D6719b4104132120001656c50%26offer_id%3D638%26pid%3D150%26sub2%3D52679%26sub3%3D6455_1220_1210&dt=Finde%20deinen%20Chatpartner&en=show_form&_fv=1&_nsi=1&_ss=2&ep.form_name=DISP004-M-2&ep.form_id=DISP004&epn.number_of_steps=15&ep.is_skippable=false&ep.has_cities=true&ep.campaign_prid=&ep.campaign_pcode=&ep.campaign_pi=&ep.campaign_nas=&ep.country=DE&tfd=1684
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-Y81TD7609V&l=newDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://signup.bumsenstattwichsen.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y81TD7609V&gtm=45je4al0v9191893642z89191401094za200zb9191401094&_p=1729737745361&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823848&cid=760900045.1729737746&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1729737745&sct=1&seg=0&dl=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F%3Fcid%3DCI8df5947542c942f9b40e%26mid%3DMIabc3a4f65d614f8aa265%26pref_eid%3D28%26clickid%3D6719b4104132120001656c50%26offer_id%3D638%26pid%3D150%26sub2%3D52679%26sub3%3D6455_1220_1210&dt=Finde%20deinen%20Chatpartner&_s=2&tfd=1731
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-Y81TD7609V&l=newDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://signup.bumsenstattwichsen.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://signup.bumsenstattwichsen.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y81TD7609V&gtm=45je4al0v9191893642za200zb9191401094&_p=1729737745361&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823848&cid=760900045.1729737746&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1729737745&sct=1&seg=1&dl=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F%3Fcid%3DCI8df5947542c942f9b40e%26mid%3DMIabc3a4f65d614f8aa265%26pref_eid%3D28%26clickid%3D6719b4104132120001656c50%26offer_id%3D638%26pid%3D150%26sub2%3D52679%26sub3%3D6455_1220_1210&dt=Finde%20deinen%20Chatpartner&en=scroll&ep.country=DE&epn.percent_scrolled=90&_et=16&tfd=1746
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-Y81TD7609V&l=newDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://signup.bumsenstattwichsen.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
text/plain
server
Golfe2
favicon-32x32.png
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
8c80e729e83f05505d540e6abb33f39fd202219f7e839961a40fc6c328a3d1bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
etag
"6707b435-ad8"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
2776
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 11:02:13 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
favicon-16x16.png
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/_assets/img/default/favicon-16x16.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.222.108.41 , Netherlands, ASN205316 (SUPPORTA, NL),
Reverse DNS
NS01.hostingfinity.com
Software
httpd /
Resource Hash
da9293869d42774764d1e565617ec53a14c58d8af87731ae4482fb9e1a5e1655

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210

Response headers

cache-control
max-age=315360000
x-aspnet-version
etag
"6707b435-6cd"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
1741
date
Thu, 24 Oct 2024 02:42:25 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 11:02:13 GMT
vary
Accept-Encoding
server
httpd
x-powered-by
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y81TD7609V&gtm=45je4al0v9191893642z89191401094za200zb9191401094&_p=1729737745361&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823848&cid=760900045.1729737746&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1729737745&sct=1&seg=1&dl=https%3A%2F%2Fsignup.bumsenstattwichsen.com%2Fjoin%2Fb974di%2FTRE%3DlUDAwNA%3D%2FtZG0UbSy%2F%3Fcid%3DCI8df5947542c942f9b40e%26mid%3DMIabc3a4f65d614f8aa265%26pref_eid%3D28%26clickid%3D6719b4104132120001656c50%26offer_id%3D638%26pid%3D150%26sub2%3D52679%26sub3%3D6455_1220_1210&dt=Finde%20deinen%20Chatpartner&en=page_load_time&ep.country=DE&epn.loading_time_sec=1.73&_et=9&tfd=6747
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-Y81TD7609V&l=newDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://signup.bumsenstattwichsen.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://signup.bumsenstattwichsen.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:42:30 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _0x5bb7 function| _0x5916 object| Cb object| newDataLayer object| eHawkTalonSettings function| Pristine object| Talon object| regeneratorRuntime object| Alpine object| google_tag_manager object| google_tag_data object| Popper object| dataLayer function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy Name: gbu9uvfhph6a0mdatwbzomssrlboczvs
Value: %7B%22v%22%3A%226.0.7%22%2C%22a%22%3A1295086284%2C%22b%22%3A%2260685e95ee1f11bd14b4bbc170270229%22%2C%22c%22%3A1729737745585%2C%22d%22%3A%223b8982bd97ed6e095a3334da9e78e33c%22%2C%22e%22%3Anull%7D
1.de04trckingmic.com/ Name: afclick
Value: 6719b4104132120001656c50
1.de04trckingmic.com/ Name: afoffers
Value: {"638":1729737744}
.bumsenstattwichsen.com/ Name: _gcl_au
Value: 1.1.898438411.1729737746
.bumsenstattwichsen.com/ Name: _ga
Value: GA1.1.760900045.1729737746
.bumsenstattwichsen.com/ Name: _ga_Y81TD7609V
Value: GS1.1.1729737745.1.1.1729737745.0.0.0
signup.bumsenstattwichsen.com/ Name: CbSid
Value: eyJjYlNpZCI6IlNJMDQ1MDFhYTlkZTgyNDFkZmFmMGYiLCJ1cmxQYXJhbXMiOiJjaWQ9Q0k4ZGY1OTQ3NTQyYzk0MmY5YjQwZSZjbGlja2lkPTY3MTliNDEwNDEzMjEyMDAwMTY1NmM1MCZtaWQ9TUlhYmMzYTRmNjVkNjE0ZjhhYTI2NSZvZmZlcl9pZD02MzgmcGlkPTE1MCZwcmVmX2VpZD0yOCZzdWIyPTUyNjc5JnN1YjM9NjQ1NV8xMjIwXzEyMTAifQ==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://signup.bumsenstattwichsen.com/join/b974di/TRE=lUDAwNA=/tZG0UbSy/?cid=CI8df5947542c942f9b40e&mid=MIabc3a4f65d614f8aa265&pref_eid=28&clickid=6719b4104132120001656c50&offer_id=638&pid=150&sub2=52679&sub3=6455_1220_1210
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.de04trckingmic.com
api.mastersinleads.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lpapi.campaignbarn.com
region1.google-analytics.com
signup.bumsenstattwichsen.com
unpkg.com
www.flibzee.com
www.google.com
www.googletagmanager.com
www.zuhulu.com
zuhulu.com
142.250.184.196
142.250.186.163
185.222.108.15
185.222.108.41
194.116.151.56
2001:4860:4802:32::36
216.58.206.34
2606:4700::6811:f6cb
2a00:1450:4001:827::2008
2a00:1450:4001:831::200a
34.90.46.36
09e9d91e1185fb09cdbe7e6da9b4ec20ededce0b7b368e5a9a4896d170fd0161
11e2c257e1369243b3158ea650480d3e79be4e14ab15c3a6a06c333f2caf55aa
162fd56c6066385a3e3c5bda42667b2c272fad3ad3145bd46080cf9c020ec81e
3e6b6e7cec3e31f88d53003cf3390a12c6dd778d35d065cc6eb9bb78cec22bf0
4ea9edf2ab8889a1854aa1e3a8a69dce88271747946cecbcafb46b40150e54d7
579a9322f10181b04a568e7e2cd829400ba48166f2f70f8187e1be18ac100de4
66674310bfeaff8465e502b8410581cea7beed5ed5350b0f679747cfa3a245f5
6bae8889195a71d281b09f107008a9d081c80b53c0d8261d9ccb00fd20fd9232
6be9802be5929a5c82bcb44ae2bee2054918a3f6b1e08ca0e50e80483c8edea1
71619c8a7172fdedaa0f6bbb3f228b0396de499f40b86b381e005b70afac5083
7b09f4d37f224b1c361a9ed4af15f349cd3c2ad9b109caa64c44ba012bae0ae8
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c80e729e83f05505d540e6abb33f39fd202219f7e839961a40fc6c328a3d1bd
935df3675deb15e46b7a7dbfbc89da0293edd86c28851e4739718df4cb88d6b0
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
9d07aad2f8bbe82ffcaf43b3fccecd0d4290a507809daa249381893753912552
9d206f0778499ae63a8d3a9bdb42eaa81a2dd34a6557674ad3713f163f33271b
9e260c0d94f14decd52c08e5158b055cb17652a2f136ed6bbcb2c1f77f0582a1
9f2a9a3f01c98111bb49407c6e1a87a2e33f7fad84b70184a6a527d3b19bc900
aadb2a26f2ada4f77f6311ea912f478fab0bdd9d48f09a1e0a970b90ce2f9025
bdd592feb7b9e0d0b29deedf946d7ae1dbacaa6caece6765b6c75fa344e8a173
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
c551f2b44b6d84648c7e4e47dca61c795e3cf0b5ef56b816a98f6d98d4ae62bc
d0959cd006673886a211cbac7c0ab32d3dd187dc544b5a1bd31e490b6a0d3966
d2396d6577a298962fa430a8b7c0b6f46fd15a578514430167bfa0f89a85233c
da9293869d42774764d1e565617ec53a14c58d8af87731ae4482fb9e1a5e1655
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f907f596af1b75e15b0f6d4418bf08938ceee0a2a8661b192624067a63b87156