www.info-deinseitensprung.com Open in urlscan Pro
2606:4700::6812:ec6  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request mlp8003 Show response www.info-deinseitensprung.com/landing/	12 KB 4 KB	247ms 135ms	Document text/html	2606:4700::6812:ec6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ec6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11ac174c32a6862efe30407a6af7168490f68a93fb0040bd9f3239793aeed8db Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers X-Requested-With, Content-Type, Accept, Origin, Authorization access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD access-control-allow-origin * cache-control max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 7890f66118088fe9-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 13 Jan 2023 20:43:08 GMT pragma no-cache server cloudflare vary Accept-Encoding
GET H2	200	styles.min.css lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/	5 KB 2 KB	141ms 51ms	Stylesheet text/css	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/styles.min.css?982405 Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 10 Jan 2023 10:00:57 GMT server cloudflare age 292256 etag W/"63bd3759-133a" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=691200 cf-ray 7890f662888c913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	corner.css lpmedia.servefilesonly.com/widgets/corner/	170 B 489 B	141ms 51ms	Stylesheet text/css	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lpmedia.servefilesonly.com/widgets/corner/corner.css?982405 Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify last-modified Tue, 10 Jan 2023 10:02:25 GMT server cloudflare age 292257 cf-polished origSize=246 etag W/"63bd37b1-f6" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=691200 cf-ray 7890f6628891913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	style-red.min.css lpmedia.servefilesonly.com/build/templates/MB/MLP003/	12 KB 3 KB	142ms 53ms	Stylesheet text/css	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lpmedia.servefilesonly.com/build/templates/MB/MLP003/style-red.min.css?982405 Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e94772ed3d9ababf9b714000ef47fc5357e86a0df1a3fddb17d9255e2111ec23 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 10 Jan 2023 10:00:57 GMT server cloudflare age 292231 etag W/"63bd3759-2fec" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=691200 cf-ray 7890f662888e913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	155ms 58ms	Script application/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1991 etag W/"ae63ef8ff03da61fffaa7f165729897a" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7890f6637e56bbc1-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Mon, 16 Jan 2023 20:43:08 GMT
GET H2	200	44626b52-2d28-4f34-ad2b-b663bdbf87d9_14.jpg imedia.servefilesonly.com/	44 KB 44 KB	86ms 85ms	Image image/jpeg	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imedia.servefilesonly.com/44626b52-2d28-4f34-ad2b-b663bdbf87d9_14.jpg Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ace8b0b684542c30894253c3f72fabb5b8d1ae0037ab1bd738884926b692ece2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT via 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront) cf-cache-status HIT age 293967 x-amz-cf-pop DUS51-P2 x-cache Hit from cloudfront content-length 44950 cf-bgj h2pri last-modified Thu, 15 Oct 2020 02:18:23 GMT server cloudflare etag "62a4708bce76c9019869d593d5b73b54" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=691200 accept-ranges bytes cf-ray 7890f662e94c913c-FRA x-amz-cf-id 0G0rhRMVf03VJpX0k32ZtBC9gos8OvIxj8_891Jam1SDs1ajvkthEw== expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	1cc74d7d-c38d-4b57-9010-eedb95c7f60a_15.jpg imedia.servefilesonly.com/	47 KB 48 KB	48ms 46ms	Image image/jpeg	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imedia.servefilesonly.com/1cc74d7d-c38d-4b57-9010-eedb95c7f60a_15.jpg Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e561ddfbb3111b4562c60e175f7e55c99999eb6690f2e1114150cbda3d34cee Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT via 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront) cf-cache-status HIT age 293967 x-amz-cf-pop FRA56-P2 x-cache Hit from cloudfront content-length 48525 cf-bgj h2pri last-modified Thu, 15 Oct 2020 02:18:24 GMT server cloudflare etag "5a028cda003a8b5abe394db4810ac71d" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=691200 accept-ranges bytes cf-ray 7890f662e94a913c-FRA x-amz-cf-id O_JLLc5S07HoKPQpUE93OrLYkz0tiapneP605STfrGql-XGyBgBLtA== expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	7324a25a-35cf-4b6a-a5f2-5e0750dff8f6_16.jpg imedia.servefilesonly.com/	54 KB 54 KB	86ms 85ms	Image image/jpeg	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imedia.servefilesonly.com/7324a25a-35cf-4b6a-a5f2-5e0750dff8f6_16.jpg Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc5da32214805d2d307b3c8f298c23170133025d82239d43c09c4867648bdeb6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT via 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront) cf-cache-status HIT age 293967 x-amz-cf-pop MXP64-P1 x-cache Hit from cloudfront content-length 55172 cf-bgj h2pri last-modified Thu, 15 Oct 2020 02:18:24 GMT server cloudflare etag "a06ac8294b4fe702e24d8057f1cdbc99" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=691200 accept-ranges bytes cf-ray 7890f662e948913c-FRA x-amz-cf-id 4ErWu7aUqGjZ_k86pvB1Np0E3lUk13xGj8ax3gYGiRK7mBeK7h7n9Q== expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	like.svg lpmedia.servefilesonly.com/img/_btns/	3 KB 2 KB	86ms 86ms	Image image/svg+xml	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lpmedia.servefilesonly.com/img/_btns/like.svg Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ab611a653ab3a9b40a8bff2d841b60407b905b2b53d180cba1a73a840532c05 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 10 Jan 2023 10:01:00 GMT server cloudflare age 295283 etag W/"63bd375c-ba8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=691200 cf-ray 7890f662d942913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	shield-white.svg lpmedia.servefilesonly.com/img/_btns/	2 KB 967 B	85ms 85ms	Image image/svg+xml	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lpmedia.servefilesonly.com/img/_btns/shield-white.svg Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eae2bfb1d020cdc92a8f8c24e2d3b983fc05c6dad370fb9a246e12053a65c1e0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 10 Jan 2023 10:01:00 GMT server cloudflare age 295283 etag W/"63bd375c-71a" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=691200 cf-ray 7890f662d945913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	mask.svg lpmedia.servefilesonly.com/img/_btns/	3 KB 1 KB	47ms 46ms	Image image/svg+xml	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lpmedia.servefilesonly.com/img/_btns/mask.svg Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cea3b077aeb5e1d41a83dd2c535eb8ba945bd4dc5f82013c9f9277f3f4e8e5fa Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 10 Jan 2023 10:01:00 GMT server cloudflare age 295282 etag W/"63bd375c-cca" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=691200 cf-ray 7890f662d947913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	137ms 39ms	Script text/javascript	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:42:26 GMT content-encoding gzip x-content-type-options nosniff age 176442 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30306 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 19:42:26 GMT
GET H2	200	scripts.min.js Show response lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/	21 KB 7 KB	45ms 45ms	Script application/javascript	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/scripts.min.js?982405 Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1dca8107ce4f619cc1b33257c1f1cbacd657697d91a0551c1feef4803627c45 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 10 Jan 2023 10:00:57 GMT server cloudflare age 292256 etag W/"63bd3759-53e2" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=691200 cf-ray 7890f662d938913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	popwin.js Show response lpmedia.servefilesonly.com/js/	854 B 563 B	46ms 45ms	Script application/javascript	2606:4700::6812:b95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lpmedia.servefilesonly.com/js/popwin.js?982405 Requested by Host: www.info-deinseitensprung.com URL: https://www.info-deinseitensprung.com/landing/mlp8003?subPublisher=popunder:tubecorporate-push_native_usa_desktop_&zone=popunder:tubecorporate-push_native_usa_desktop_&adformat=popunder&auctionid=63c1c20e5d564-364699&uniqueid=3fad9fe1bbaeca79f13cc24c733562c4&name=8216_popunder_usa_all_mlp_pu&newservice=true&cmsid=landing--mlp8003--landing--cd633&tpcampid=369d4eef-66d2-4db5-b351-412814a8837b&imp_tagid=8216_popunder_usa_all_mlp_pu&uid=TP-63c1c20e5d48d5.27369274&campaign_lp=1:landing--mlp8003--landing--cd633&product=iflirtsweb&zz=true&nextPage=/landing/cd633&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299 Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify last-modified Tue, 10 Jan 2023 10:02:20 GMT server cloudflare age 292257 cf-polished origSize=1177 etag W/"63bd37ac-499" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=691200 cf-ray 7890f662d940913c-FRA expires Sat, 21 Jan 2023 20:43:08 GMT
GET H2	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	283 KB 68 KB	58ms 57ms	Script application/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1993 etag W/"2f96824aee4bf927e734cc519e3e726d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7890f663df26bbc1-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Mon, 16 Jan 2023 20:43:08 GMT
GET H2	200	web Show response onesignal.com/api/v1/sync/21e01b35-d50c-4933-94a2-92d107b014f3/	3 KB 2 KB	98ms 88ms	Script text/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/21e01b35-d50c-4933-94a2-92d107b014f3/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e946284e3684a3456ce6c5dbc321035bba92ffcba57c25cfa944637e81feae6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:08 GMT via 1.1 google x-content-type-options nosniff cf-cache-status EXPIRED content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains status 200 OK alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 50b5b8d3-972e-4ef5-8f3a-76e9086736ce x-runtime 0.023702 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"1e946284e3684a3456ce6c5dbc321035" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 7890f66498adbbc1-FRA access-control-allow-headers SDK-Version expires Fri, 13 Jan 2023 21:43:08 GMT
GET H3	200	OneSignalSDKStyles.css onesignal.com/sdks/	82 KB 9 KB	52ms 51ms	Stylesheet text/css	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:09 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1991 etag W/"4e9aaefffd5f8ae7dc83361aa2294190" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000 cf-ray 7890f6655b029118-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sun, 12 Feb 2023 20:43:09 GMT
GET H3	200	icon Show response onesignal.com/api/v1/apps/21e01b35-d50c-4933-94a2-92d107b014f3/	184 B 613 B	111ms 69ms	Fetch application/json	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/apps/21e01b35-d50c-4933-94a2-92d107b014f3/icon Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c619b5d3a964933cddda76105a208885b2e05c363437c6c464c7880c16dffc9 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:09 GMT via 1.1 google x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains status 200 OK x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 2adde16b-7d26-4018-99ed-5606600588b8 x-runtime 0.006312 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"6c619b5d3a964933cddda76105a20888" x-download-options noopen vary Accept, Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=0, private, must-revalidate cf-ray 7890f665fd332c29-FRA access-control-allow-headers SDK-Version
GET H2	200	d6d8fa19-a99b-4468-b8b4-2d814de2da24 img.onesignal.com/permanent/	7 KB 8 KB	437ms 424ms	Image image/png	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.onesignal.com/permanent/d6d8fa19-a99b-4468-b8b4-2d814de2da24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b26626897e533b99491a5f69051350ea0fe8e5ff6b808197b06e7aaeeb41393c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.info-deinseitensprung.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:43:09 GMT x-amz-meta-cache-control public, maxage=604800 cf-cache-status REVALIDATED strict-transport-security max-age=15552000; includeSubDomains x-amz-request-id 8WMAF2P4ND3BA2MM alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7471 x-amz-id-2 JCxiC297G1rgpUjeE2ir9Gz2GDJjvZUQNewSiKGkW0wd99GOm7t/CEb1sdJImsxidIIgY/xrgv8= last-modified Mon, 23 Aug 2021 20:52:11 GMT server cloudflare etag "4ca372a09b7a2528ece9018ca438bb2b" vary Accept-Encoding cache-control public, max-age=2678400 accept-ranges bytes cf-ray 7890f6668cf8bbc1-FRA expires Mon, 13 Feb 2023 20:43:09 GMT

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| OneSignal function| $ function| jQuery object| x undefined| j undefined| ll undefined| selElmnt undefined| a undefined| b undefined| c function| closeAllSelect undefined| typingTimer object| dataCountries object| $country undefined| $countryName object| $zipCity undefined| $btnLocation undefined| $btnValidateLocation undefined| $displayErrorLocation boolean| isLocationByGeolocation number| doneTyping object| countries undefined| curLanguage function| _eventClickAutocomplete function| findCountryCode function| displayCountry function| findCountryName function| buildAutocomplete function| getCurentLocation function| getCurentLocationByIp function| sendCurrentLocation function| sendValidateLocation function| fillLocationValidated function| validateLocation function| validateLocationMessage function| getCurrentLink function| goToStep function| countdownToNextStep function| activeProgressBar function| Validator object| Popwin function| populateLinks number| __oneSignalSdkLoadCount function| __jp0

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.info-deinseitensprung.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2lg9qgrbrrb2fj955cmpcbee0h
			.info-deinseitensprung.com/	1970-01-20 08:54:04	Name: __cf_bm Value: AOorq8jMxMRTFVGc1LH7Ans_rUwNHbzxmwrrQ5hBi8M-1673642588-0-AZW0sr5gxraXiikJcTC6NTEh1Fbb7idssUutySVWaL/O7xno51RVtnKXRo8hvg/w4zd3M/JbxuPhO3RbkQx4j10=
			.servefilesonly.com/	1970-01-20 08:54:04	Name: __cf_bm Value: Kasy_CllLrqg0DNjEVlHDUarhNFHp2shIXXuLUiwPXQ-1673642588-0-AYjmDBIOtC7LD/JRv0ZnYK2HXKpS8oOWfOb10G+EfeRcAdTe4CmuAOJ3cwRUSr3SV1aqAwwHUfNzr+d6Zu9I1IY=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.onesignal.com
imedia.servefilesonly.com
img.onesignal.com
lpmedia.servefilesonly.com
onesignal.com
www.info-deinseitensprung.com
2606:4700::6812:b95
2606:4700::6812:e134
2606:4700::6812:ec6
2a00:1450:4001:801::200a
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299
11ac174c32a6862efe30407a6af7168490f68a93fb0040bd9f3239793aeed8db
1e946284e3684a3456ce6c5dbc321035bba92ffcba57c25cfa944637e81feae6
4e561ddfbb3111b4562c60e175f7e55c99999eb6690f2e1114150cbda3d34cee
6c619b5d3a964933cddda76105a208885b2e05c363437c6c464c7880c16dffc9
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895
9ab611a653ab3a9b40a8bff2d841b60407b905b2b53d180cba1a73a840532c05
a1dca8107ce4f619cc1b33257c1f1cbacd657697d91a0551c1feef4803627c45
ace8b0b684542c30894253c3f72fabb5b8d1ae0037ab1bd738884926b692ece2
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181
b26626897e533b99491a5f69051350ea0fe8e5ff6b808197b06e7aaeeb41393c
cea3b077aeb5e1d41a83dd2c535eb8ba945bd4dc5f82013c9f9277f3f4e8e5fa
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc5da32214805d2d307b3c8f298c23170133025d82239d43c09c4867648bdeb6
e94772ed3d9ababf9b714000ef47fc5357e86a0df1a3fddb17d9255e2111ec23
eae2bfb1d020cdc92a8f8c24e2d3b983fc05c6dad370fb9a246e12053a65c1e0