Submitted URL: https://smart-link.cc/MPR5bv?sub_id_1=978986d23a5489880d64272e898f43ad-5602-0826&sub_id_2=Kadam.net2022&sub_id_3=13801...
Effective URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavi...
Submission: On October 15 via api from LU — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3036::ac43:84a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is fickmir.de.
TLS certificate: Issued by WE1 on August 24th 2024. Valid for: 3 months.
This is the only time fickmir.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:4f8:10a:... 24940 (HETZNER-AS)
1 1 2a01:4f8:10a:... 24940 (HETZNER-AS)
1 1 35.204.100.195 396982 (GOOGLE-CL...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
14 4
Apex Domain
Subdomains
Transfer
10 fickmir.de
fickmir.de
108 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
83 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
31 KB
1 topsrcs.com
assets.topsrcs.com — Cisco Umbrella Rank: 328234
1 KB
1 apply-for-sex.com
www.apply-for-sex.com
916 B
1 g2afse.com
approachx.g2afse.com
405 B
1 bestbsdatingservices.com
redirect.bestbsdatingservices.com
785 B
1 smart-link.cc
smart-link.cc
568 B
14 8
Domain Requested by
10 fickmir.de fickmir.de
2 maxcdn.bootstrapcdn.com fickmir.de
maxcdn.bootstrapcdn.com
1 code.jquery.com fickmir.de
1 assets.topsrcs.com fickmir.de
1 www.apply-for-sex.com 1 redirects
1 approachx.g2afse.com 1 redirects
1 redirect.bestbsdatingservices.com 1 redirects
1 smart-link.cc 1 redirects
14 8

This site contains links to these domains. Also see Links.

Domain
www.forquickies.com
Subject Issuer Validity Valid
fickmir.de
WE1
2024-08-24 -
2024-11-22
3 months crt.sh
bootstrapcdn.com
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
topsrcs.com
WE1
2024-09-19 -
2024-12-18
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Frame ID: 82A4C5EAFF02442D81535BB1277E0B2A
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://smart-link.cc/MPR5bv?sub_id_1=978986d23a5489880d64272e898f43ad-5602-0826&sub_id_2=Kadam.ne... HTTP 307
    https://redirect.bestbsdatingservices.com/15H0nf?source={SOURCE_ID}&campaign={CAMPAIGN_ID}&cost={CPC}&external_id={CLI... HTTP 302
    https://approachx.g2afse.com/click?pid=175&offer_id=229&ref_id=fbe4814ebb86aa52c7f7aa6d8cafb301-5602-1015... HTTP 302
    https://www.apply-for-sex.com/c/4a2a96c4a075401c?clickid=670e9d5816541c00016e111f&token1=26667175229&token... HTTP 302
    https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

4
IPs

3
Countries

223 kB
Transfer

495 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://smart-link.cc/MPR5bv?sub_id_1=978986d23a5489880d64272e898f43ad-5602-0826&sub_id_2=Kadam.net2022&sub_id_3=1380117630708719 HTTP 307
    https://redirect.bestbsdatingservices.com/15H0nf?source={SOURCE_ID}&campaign={CAMPAIGN_ID}&cost={CPC}&external_id={CLICKID} HTTP 302
    https://approachx.g2afse.com/click?pid=175&offer_id=229&ref_id=fbe4814ebb86aa52c7f7aa6d8cafb301-5602-1015&sub1=Evadavinpage+-+Clone{SOURCE_ID}&sub2={CPC} HTTP 302
    https://www.apply-for-sex.com/c/4a2a96c4a075401c?clickid=670e9d5816541c00016e111f&token1=26667175229&token2=x&token3=x&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token7= HTTP 302
    https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fickmir.de/lps/jumps/05/
Redirect Chain
  • https://smart-link.cc/MPR5bv?sub_id_1=978986d23a5489880d64272e898f43ad-5602-0826&sub_id_2=Kadam.net2022&sub_id_3=1380117630708719
  • https://redirect.bestbsdatingservices.com/15H0nf?source={SOURCE_ID}&campaign={CAMPAIGN_ID}&cost={CPC}&external_id={CLICKID}
  • https://approachx.g2afse.com/click?pid=175&offer_id=229&ref_id=fbe4814ebb86aa52c7f7aa6d8cafb301-5602-1015&sub1=Evadavinpage+-+Clone{SOURCE_ID}&sub2={CPC}
  • https://www.apply-for-sex.com/c/4a2a96c4a075401c?clickid=670e9d5816541c00016e111f&token1=26667175229&token2=x&token3=x&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token7=
  • https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
20 KB
4 KB
Document
General
Full URL
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba96ef52b281c0cc995941b12f6786796ae15ea7a0533d116d79467d1eb1873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d314f0a7dbbdc59-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 15 Oct 2024 16:50:32 GMT
last-modified
Fri, 07 Apr 2023 13:23:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBldAD1Uj2yJZEhuGlA4HdGzBaBJzaxWSAznXl%2Fxqdan%2BbSqz0UyAz3Jee2GzThhlDdzOeFMzU2ED4VjUwVewmp4rAPFhkwf2ih3cXCp1lUG5TDBzOdvT4Zmtufl9bRSXorB031Sqmw0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d314f090ac99177-FRA
content-type
text/html; charset=utf-8
date
Tue, 15 Oct 2024 16:50:32 GMT
location
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage - Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PF0%2Fy7qMQkETmAictSf%2BV%2BNAhQzWVRfknmcXfSGW3uRguiZKdS00qe8sU%2B4CrZKZgC7o%2Ba%2BgGMXS1wUSj2yiYPVnb5Nx4ViR0aRgfdQApMivPLZX1zrsDTGsO3Ziutfi0fuZ6gXY64lbhF3S2f4B51%2FlqI8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
speculation
fickmir.de/cdn-cgi/
128 B
577 B
Other
General
Full URL
https://fickmir.de/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin
https://fickmir.de
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQhb6yhHtrPYLdgchmzPaDrZFtyRavOq1Avmjbr8Sm7f1e6lmIZxRe5WtB8MYG4nkKhQpReZlJvs%2FUXM3n62Ir9%2FZMmdWzKlmnEXFYQSJsCjChCwuA%2FoDmSg8oeFTlSukQICuA13lO4d"}],"group":"cf-nel","max_age":604800}
cf-ray
8d314f0adf2fdc59-FRA
access-control-allow-origin
https://fickmir.de
alt-svc
h3=":443"; ma=86400
content-length
128
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
animate.css
fickmir.de/lps/jumps/05/
57 KB
5 KB
Stylesheet
General
Full URL
https://fickmir.de/lps/jumps/05/animate.css
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"64301952-1252c"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKNjpiuaB6%2F5pg5ge8yaZGoz5RHh%2FcEcWx41bZ5hAVcpeVcSz8GRoasmlief0WqJeK1QRc%2FPQKzSfjBIwNSQ0fc1Do8y62lp8fdysquoKgIS5rpo3RFH5dwqawGpnJoWVmR5BBRkB3wQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=75052
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
text/css
last-modified
Fri, 07 Apr 2023 13:23:30 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0adf46dc59-FRA
x-xss-protection
1; mode=block
server
cloudflare
bootstrap.css
fickmir.de/lps/jumps/05/
142 KB
23 KB
Stylesheet
General
Full URL
https://fickmir.de/lps/jumps/05/bootstrap.css
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362a49597f8c90c5b3e517b68a36ca9829a50c0e2e6126b19c70c6bf2bf7ae79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"64301951-235ee"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Km8bcwc9uXB%2FKtu4Nfdt%2FjoSZwAc8L6mt2vuXuYFNQW0Ta09xmlE8NOdRWqwFASwHfqTzvI%2B68QDniEzmMka2R2NCq0OtslBUZs9miDuhiscRtlUsfyxYg8JD8MbBxTKvI5Ptp6Uzzfg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
text/css
last-modified
Fri, 07 Apr 2023 13:23:29 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0adf4adc59-FRA
x-xss-protection
1; mode=block
server
cloudflare
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
134141
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
09/30/2024 13:20:01
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
454c68c171c48ee11394d1ad3cad2b4b
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d314f0aeaec915f-FRA
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
style.css
fickmir.de/lps/jumps/05/
9 KB
3 KB
Stylesheet
General
Full URL
https://fickmir.de/lps/jumps/05/style.css
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7298f78c8bccca1b1f5d2be58bd3f66d949de68d53408a48db4320cae96ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"64301951-2dd6"
age
6851
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Psox%2B5F6VoSPkDI8d0mhHYpi4pf%2BcYFWYEDmopebLM1LzBKytlA1RQUkxQtYr54JVr2In8JQs3YPjKCj1gnbj1BXsJ7%2FOBneSpsOhOH%2FhEqDCooUPfFH2Fi%2Fp0SJd0Y%2BQQUHmwdT8hcI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=11734
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
text/css
last-modified
Fri, 07 Apr 2023 13:23:29 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0adf4ddc59-FRA
x-xss-protection
1; mode=block
server
cloudflare
script_jumps_fosobo_psp-395.js
assets.topsrcs.com/js/
3 KB
1 KB
Script
General
Full URL
https://assets.topsrcs.com/js/script_jumps_fosobo_psp-395.js
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc71990d3a446c0644366c47fde02e5fa125563a115eadb21ee5b747e114a4b2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"66ab5dd2-e5c"
age
82345
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFx9NWYlhjhT3yYXxs9ouIrLVhj3YR1N8d3EtjALAFm2kHmjz8dXPEDNZUqeT%2B3FjFST9MMMofreTqS5oob6w28OuYA%2BvrKVsfz8pJgFEqR%2BNg0MZ9V1Xqc%2FHpmcRc1SLfR5jeij2HEbajwhJYAnsA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
origSize=3676
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 01 Aug 2024 10:05:06 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0b2eaedcae-FRA
access-control-allow-origin
*
server
cloudflare
step1.jpg
fickmir.de/lps/jumps/05/
20 KB
21 KB
Image
General
Full URL
https://fickmir.de/lps/jumps/05/step1.jpg
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4e7596c354127bd497fbeea4423f0ca24a423f9f603cfeb17abab13ddaf902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

cf-cache-status
HIT
etag
"64301951-51b0"
age
6851
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2Fjiy8VsE6KQAhcSuzDRF4r%2Bj5p3fEYrXiySWwxurnyn7SF1dnZFHZ5tsugtTP6S4KK1SR88Fek06NhVs3%2Bi3tCfpfe8VFFQ3B9XhKvqhrb7mD%2BshrCOVcd9hqxd9TskN1hI7KjBpzko"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
image/jpeg
last-modified
Fri, 07 Apr 2023 13:23:29 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0adf50dc59-FRA
accept-ranges
bytes
content-length
20912
x-xss-protection
1; mode=block
server
cloudflare
step2.jpg
fickmir.de/lps/jumps/05/
16 KB
16 KB
Image
General
Full URL
https://fickmir.de/lps/jumps/05/step2.jpg
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045270d9a9822b37fef92e09212d0f4581cca43864d21d70572dfb1769e03001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

cf-cache-status
HIT
etag
"64301951-3f49"
age
6851
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mIETE%2BAQratvjSS%2BoEnewMI2oPkFlrZPP05SkbJ61i542Ayu%2B4yAcXW0yfRugNulTteaZUcE1xNp3Jl747BSceBjKHjWkShnwsrqsM%2FvErHEyEPmAGzsv9GRiatraiyMIKRoUtUS%2FiID"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
image/jpeg
last-modified
Fri, 07 Apr 2023 13:23:29 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0adf60dc59-FRA
accept-ranges
bytes
content-length
16201
x-xss-protection
1; mode=block
server
cloudflare
step3.jpg
fickmir.de/lps/jumps/05/
34 KB
35 KB
Image
General
Full URL
https://fickmir.de/lps/jumps/05/step3.jpg
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6c0ae94d0eb4e36f1fcce8b58512d48640b1972a2a3b24ea7710288a73a8c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

cf-cache-status
HIT
etag
"64301952-884a"
age
6851
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMbQUaT8C4J0Sl8wQJ%2FEKUUooR1WgXeIJ%2BCa7sqbRbgoZBeZoDfTUSEemW%2Fv%2BNZUeYiE%2Bcm01006RrM3%2BsOmTwr4ztf38G%2Bzhj5z8lLENGGpDntK%2Fh3mnCVWpdukj%2FXnxE3sLBlQS3v7"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
image/jpeg
last-modified
Fri, 07 Apr 2023 13:23:30 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0affacdc59-FRA
accept-ranges
bytes
content-length
34890
x-xss-protection
1; mode=block
server
cloudflare
jquery-3.6.1.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin
https://fickmir.de
Referer
https://fickmir.de/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15e40"
age
2975072
x-cache
HIT, HIT
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
2, 115631
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga13629-LGA, cache-fra-eddf8230103-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729011033.814647,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30957
server
nginx
script.js
fickmir.de/lps/jumps/05/
73 B
635 B
Script
General
Full URL
https://fickmir.de/lps/jumps/05/script.js
Requested by
Host: fickmir.de
URL: https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bced4adf5cebbb1462131adc48e93d29b7a04949a6aefd58adb44ddf3881edda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"64301951-4f"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8D%2F1VoQgqaGmAgbR3dFRYBt9wSfM2IwM6EbxpQHIIibOsaVdI3aqAKEKYozKkkXmTP89FPm8l1Ujm7vSORSJkVTv2Hztghm013GQwDubUsiouSOnxQwIzyjY4fGDwhojN9O%2FsDfYY71O"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=79
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 07 Apr 2023 13:23:29 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0affb0dc59-FRA
x-xss-protection
1; mode=block
server
cloudflare
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin
https://fickmir.de
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
381079
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
10/08/2024 00:08:47
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
84463b76cb6ad3238756570874e93c00
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d314f0baf262c26-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
1029
server
cloudflare
cdn-requestcountrycode
US
favicon.ico
fickmir.de/
0
488 B
Other
General
Full URL
https://fickmir.de/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:84a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer
https://fickmir.de/lps/jumps/05/?psp221=1&tid=uzwmy670e9d5800053bd4&token1=26667175229&token4=affise&token5=Evadavinpage%20-%20Clone{SOURCE_ID}&token6={CPC}&token8=34651&token3=purple_rule23

Response headers

cf-cache-status
HIT
etag
"642ff98f-0"
age
7036
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taG7OObcUsGk9IOzb2r8pR0999HKOGzLn%2B3xyPiZpGffCRrIKDGT1PYLIO7It11LcMTlKPWglCTgCzaotoY3CpQq00Ap0x%2Ffwr6nj2VrpyUFO%2FRFiyZx7Nv1hhKubWdB8hV0mJ2RxtO1"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 16:50:32 GMT
content-type
image/x-icon
last-modified
Fri, 07 Apr 2023 11:07:59 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d314f0bfb5ddc59-FRA
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| checkParam

10 Cookies

Domain/Path Name / Value
smart-link.cc/ Name: ci_session
Value: dmvchqje461p6fgc0is83gkbdrbjjbrm
.redirect.bestbsdatingservices.com/ Name: 15H0nfo
Value: 1
.redirect.bestbsdatingservices.com/ Name: pc-cid
Value: fbe4814ebb86aa52c7f7aa6d8cafb301-5602-1015
.redirect.bestbsdatingservices.com/ Name: pc-campaign
Value: 15H0nf
.redirect.bestbsdatingservices.com/ Name: pc-linf
Value:
approachx.g2afse.com/ Name: afclick
Value: 670e9d5816541c00016e111f
approachx.g2afse.com/ Name: afoffers
Value: {"229":1729011032}
www.apply-for-sex.com/ Name: unique_id
Value: 670e9d58000a5819
www.apply-for-sex.com/ Name: unique_id2
Value: 670e9d58000a62cd
www.apply-for-sex.com/ Name: tid
Value: uzwmy670e9d5800053bd4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block