urlscan.io logo urlscan.io
SecurityTrails logo

date.deinseitensprung.com Open in urlscan Pro
185.154.225.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.creativeadsnetwork.com/sites/haus/everydayporn1/go.html
Effective URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=...
Submission: On December 27 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 6 domains to perform 24 HTTP transactions. The main IP is 185.154.225.17, located in Netherlands and belongs to CQINT-, NL. The main domain is date.deinseitensprung.com.
TLS certificate: Issued by R3 on December 21st 2022. Valid for: 3 months.
This is the only time date.deinseitensprung.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 89.185.228.66 24971 (MASTER-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 66.254.114.233 29789 (REFLECTED)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 185.154.225.17 25418 (CQINT-)
20 2606:4700::68... 13335 (CLOUDFLAR...)
24 4
1    89.185.228.66 (Brno, Czech Republic)

ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ)
www.creativeadsnetwork.com
2    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    66.254.114.233 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
syndication.traffichaus.com
1    2606:4700::6812:4f6 (United States)

ASN13335 (CLOUDFLARENET, US)
o-2494.prodtraff.com
2    185.154.225.17 (Netherlands)

ASN25418 (CQINT-, NL)
date.deinseitensprung.com
20    2606:4700::6812:a95 (United States)

ASN13335 (CLOUDFLARENET, US)
lpmedia.servefilesonly.com
Apex Domain
Subdomains		 Transfer
20 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 179373
423 KB
2 deinseitensprung.com
date.deinseitensprung.com
7 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 485
170 KB
1 prodtraff.com
o-2494.prodtraff.com
832 B
1 traffichaus.com
syndication.traffichaus.com — Cisco Umbrella Rank: 58309
988 B
1 creativeadsnetwork.com
www.creativeadsnetwork.com
731 B
24 6
Domain Requested by
20 lpmedia.servefilesonly.com date.deinseitensprung.com
2 date.deinseitensprung.com 1 redirects www.creativeadsnetwork.com
2 ajax.googleapis.com www.creativeadsnetwork.com
date.deinseitensprung.com
1 o-2494.prodtraff.com 1 redirects
1 syndication.traffichaus.com 1 redirects
1 www.creativeadsnetwork.com
24 6

This site contains links to these domains. Also see Links.

Domain
www.deinseitensprung.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
date.deinseitensprung.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.servefilesonly.com
E1		 2022-12-21 -
2023-03-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Frame ID: 5462F058E9A14864427836D1E4779317
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

deinseitensprung.com

Page URL History Show full URLs

  1. http://www.creativeadsnetwork.com/sites/haus/everydayporn1/go.html Page URL
  2. https://syndication.traffichaus.com/adserve/index.php?z=206349 HTTP 302
    https://o-2494.prodtraff.com/418d7ddc-578d-4ae6-91c9-88d10d90b1fc?subPublisher=380377&source=206349&click... HTTP 302
    https://date.deinseitensprung.com/landing/gn8001?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423... HTTP 301
    https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

4
IPs

4
Countries

600 kB
Transfer

670 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.creativeadsnetwork.com/sites/haus/everydayporn1/go.html Page URL
  2. https://syndication.traffichaus.com/adserve/index.php?z=206349 HTTP 302
    https://o-2494.prodtraff.com/418d7ddc-578d-4ae6-91c9-88d10d90b1fc?subPublisher=380377&source=206349&clickTag=76af175a8435435c9ac2120d272e862f HTTP 302
    https://date.deinseitensprung.com/landing/gn8001?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142 HTTP 301
    https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
go.html
www.creativeadsnetwork.com/sites/haus/everydayporn1/ 		422 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.creativeadsnetwork.com/sites/haus/everydayporn1/go.html
Protocol
HTTP/1.1
Server
89.185.228.66 Brno, Czech Republic, ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ),
Reverse DNS
Software
Apache/2.4.37 (Unix) OpenSSL/1.0.2o PHP/5.3.29 /
Resource Hash
57164f0603586d908ef9c0eaf9b75fbf710d5fd7a36f6bed0f9313e0377602f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
422
Content-Type
text/html
Date
Tue, 27 Dec 2022 01:24:25 GMT
ETag
"1a6-5d9fd42ccd357"
Keep-Alive
timeout=5, max=100
Last-Modified
Sat, 12 Mar 2022 03:44:14 GMT
Server
Apache/2.4.37 (Unix) OpenSSL/1.0.2o PHP/5.3.29
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.creativeadsnetwork.com
URL: http://www.creativeadsnetwork.com/sites/haus/everydayporn1/go.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.creativeadsnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 00:56:21 GMT
x-content-type-options
nosniff
age
1684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86659
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 00:56:21 GMT
Primary Request gn8001
date.deinseitensprung.com/landing/
Redirect Chain
  • https://syndication.traffichaus.com/adserve/index.php?z=206349
  • https://o-2494.prodtraff.com/418d7ddc-578d-4ae6-91c9-88d10d90b1fc?subPublisher=380377&source=206349&clickTag=76af175a8435435c9ac2120d272e862f
  • https://date.deinseitensprung.com/landing/gn8001?pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455...
  • https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a9...
35 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Requested by
Host: www.creativeadsnetwork.com
URL: http://www.creativeadsnetwork.com/sites/haus/everydayporn1/go.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.154.225.17 , Netherlands, ASN25418 (CQINT-, NL),
Reverse DNS
Software
nginx /
Resource Hash
f776bb88b87a1836e12d52add0cbdc20b481f8adca46e7798186a9d52db13117

Request headers

Referer
http://www.creativeadsnetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:24:26 GMT
pragma
no-cache
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:24:26 GMT
location
https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
pragma
no-cache
server
nginx
grid_layout.css
lpmedia.servefilesonly.com/style/layout/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/layout/grid_layout.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc750220221997c4f0f6f4046a3727be5d210ce4f4d7cbd3e167b6715bb3864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309886
cf-polished
origSize=17753
etag
W/"63a5868d-4559"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b442bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
panel.css
lpmedia.servefilesonly.com/style/layout/ 		275 B
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/layout/panel.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e4a7776c09698b9a246655fe982aa6e480907b3da765f85595c26e9f2a5e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309263
cf-polished
origSize=366
etag
W/"63a5868d-16e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b462bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
button.css
lpmedia.servefilesonly.com/style/layout/ 		2 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/layout/button.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d506d37cc742a12f91c0fdaf5b8cc99d6a824a0d61c0f74408364099f81227ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309886
cf-polished
origSize=2809
etag
W/"63a5868d-af9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b482bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
animation.css
lpmedia.servefilesonly.com/style/layout/ 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/layout/animation.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3754a93462764a757e8179d9c4ba63f7ed6361c8b1d65d3f32d18dea4aef49fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309901
cf-polished
origSize=2842
etag
W/"63a5868d-b1a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b4b2bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
login_form.css
lpmedia.servefilesonly.com/widgets/loginFormBuilder/ 		1 KB
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb1111dc6eff14757577d1fff2c680537d64775c9822a5ac75acee83fc0f1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309887
cf-polished
origSize=1425
etag
W/"63a5868d-591"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b4c2bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
registration.css
lpmedia.servefilesonly.com/widgets/mb_registration/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/mb_registration/registration.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b7749b4cfe0f59549b069d3e3846fe41f95f792d5affc0e4b0175f3c5f8027d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309886
cf-polished
origSize=5875
etag
W/"63a5868d-16f3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b4d2bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
progress-bar.css
lpmedia.servefilesonly.com/widgets/mb_registration/ 		825 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/mb_registration/progress-bar.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b91258d586686008f871a95029c1c12a3c0036e97a310f025bc1eb0d89c592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309886
cf-polished
origSize=1089
etag
W/"63a5868d-441"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b3db832bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
corner.css
lpmedia.servefilesonly.com/widgets/corner/ 		170 B
443 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/corner/corner.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309903
cf-polished
origSize=246
etag
W/"63a5868d-f6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b3db822bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
style.css
lpmedia.servefilesonly.com/style/templates/GetNaughty/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/templates/GetNaughty/style.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad80e2b2a32ec9c365a220632ff0493fb3248e6c1a1b296340098b9ca3a652c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309262
cf-polished
origSize=18710
etag
W/"63a5868d-4916"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b4e2bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
GetNaughty--default.css
lpmedia.servefilesonly.com/style/templates/GetNaughty/ 		2 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/templates/GetNaughty/GetNaughty--default.css?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71d883e0fe14159d539b992906654e028588c51c90c454c1af29dedf3f380d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
503
cf-polished
origSize=2248
etag
W/"63a5868d-8c8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b39b4f2bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
deinseitensprung_w.png
lpmedia.servefilesonly.com/img/_logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_logos/deinseitensprung_w.png?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b524e0572fa538c0bd4ba0f6f1c2524fd58cd42b04fa2ce33c545f13203234d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Dec 2022 10:42:38 GMT
server
cloudflare
age
308448
etag
"63a5861e-cae"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
77fe41b3db882bf5-FRA
content-length
3246
expires
Wed, 04 Jan 2023 01:24:26 GMT
gn1.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk18/m/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk18/m/gn1.jpg?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b19d26e2eb43d9ef45ab0f15894e00126f922b44daef05132b56f067fb7c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 23 Dec 2022 10:43:46 GMT
server
cloudflare
age
309793
etag
"63a58662-b5b9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
77fe41b3db892bf5-FRA
content-length
46521
expires
Wed, 04 Jan 2023 01:24:26 GMT
gn2.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk18/m/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk18/m/gn2.jpg?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000e005b92d5eac2636b713b37b44f06af81f0ce6f77c61a01c2e644eacff80a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 23 Dec 2022 10:43:46 GMT
server
cloudflare
age
309793
etag
"63a58662-adcd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
77fe41b3db8a2bf5-FRA
content-length
44493
expires
Wed, 04 Jan 2023 01:24:26 GMT
gn3.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk18/m/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk18/m/gn3.jpg?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe51d3ef1a05646185f0502528011a2cefa201b468c962cfc2828db9c2352eea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 23 Dec 2022 10:43:46 GMT
server
cloudflare
age
309793
etag
"63a58662-fb06"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
77fe41b3db8b2bf5-FRA
content-length
64262
expires
Wed, 04 Jan 2023 01:24:26 GMT
gn4.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk18/m/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk18/m/gn4.jpg?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f36c13dbd19297c8b815c10925d0b8fdf43a9e059cf59647ffbb9806b916e47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 23 Dec 2022 10:43:46 GMT
server
cloudflare
age
309793
etag
"63a58662-a309"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
77fe41b3db8c2bf5-FRA
content-length
41737
expires
Wed, 04 Jan 2023 01:24:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 00:56:21 GMT
x-content-type-options
nosniff
age
1685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86659
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 00:56:21 GMT
login_form_v2.js
lpmedia.servefilesonly.com/widgets/loginFormBuilder/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form_v2.js?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
665f21d33c97cad62009e2844b51a49d69a29cce336937876c3cfe83be8cd2b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:29 GMT
server
cloudflare
age
309861
cf-polished
origSize=6739
etag
W/"63a5868d-1a53"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b3db842bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
validation.js
lpmedia.servefilesonly.com/js/helpers/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/helpers/validation.js?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56914c53473fc49765ab22a85fed52ae193fe32e7c469f1fdc0aad51186d5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:24 GMT
server
cloudflare
age
309899
cf-polished
origSize=11311
etag
W/"63a58688-2c2f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b3db852bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
registration.js
lpmedia.servefilesonly.com/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/registration.js?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbdff3d0a167783a210fcec6a300a4d925fe2e33c7e23e68fe69f1dd99084f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:24 GMT
server
cloudflare
age
309886
cf-polished
origSize=18832
etag
W/"63a58688-4990"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b3db862bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
popwin.js
lpmedia.servefilesonly.com/js/ 		854 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/popwin.js?978547
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 10:44:24 GMT
server
cloudflare
age
309903
cf-polished
origSize=1177
etag
W/"63a58688-499"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
77fe41b3db872bf5-FRA
expires
Wed, 04 Jan 2023 01:24:26 GMT
orange-tiles-mix.jpg
lpmedia.servefilesonly.com/img/_patterns/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_patterns/orange-tiles-mix.jpg
Requested by
Host: date.deinseitensprung.com
URL: https://date.deinseitensprung.com/landing/gn8001?grp_n=base&pid=6034-02CA4&zz=true&isAffiliate=true&sub=1433&poc=CRET-423&spub_id=380377&tag=f8167b56-6a90-4c23-9455-74a77a7ed142&hit_id=f8167b56-6a90-4c23-9455-74a77a7ed142&tp_redirect_id=f8167b56-6a90-4c23-9455-74a77a7ed142
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93356c79cfc61cdd0175df09fdbb58d196cea8ebed449d9bb236d66eab081cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.deinseitensprung.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/479B76

Response headers

date
Tue, 27 Dec 2022 01:24:26 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 21 Dec 2022 12:01:25 GMT
server
cloudflare
age
319170
etag
"63a2f595-3307b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
77fe41b46bf02bf5-FRA
content-length
209019
expires
Wed, 04 Jan 2023 01:24:26 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| gsmCookieName function| getCookie function| removeGsmPseudoLinks function| $ function| jQuery object| $btnOpenLogin object| $btnCloseLogin object| $loginFormHolder object| $errors object| $formLogin object| $username object| $password object| $tracking function| loginFormAddRequiredError function| sendFromByGetMethod function| submitHttpRequest function| serialize function| Validator object| Popwin function| clearDeepLink function| removeParamsToURL function| insertParamsToURL function| changeBackgroundImage function| prefillInputs

9 Cookies

Domain/Path Name / Value
syndication.traffichaus.com/adserve Name: impnum_206349
Value: 1
syndication.traffichaus.com/adserve Name: ad_380377_site_24256
Value: %5B1%2C1672190666%5D
syndication.traffichaus.com/adserve Name: zone_206349
Value: unique
syndication.traffichaus.com/adserve Name: th_trans_19
Value: 76af175a8435435c9ac2120d272e862f
syndication.traffichaus.com/ Name: RNLBSERVERID
Value: ded5931
o-2494.prodtraff.com/ Name: attrk
Value: yes
.prodtraff.com/ Name: vcid
Value: %7B%22id%22%3A%22bbd79db9-476a-4ba3-b2fa-002a2c0996a8%22%2C%22firstTime%22%3A%22Dec+27%2C+2022+1%3A24%3A26+AM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Dec+27%2C+2022+1%3A24%3A26+AM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D
.prodtraff.com/ Name: __cf_bm
Value: 9LFD4W_MzsdaLaNFm6NnJqoUaMZTEafjUhbXUR619QY-1672104266-0-ASZRBJWkC0AT/1gCb4dHQQTfBUBKfpEyJFuf4RpAK5gP+FQp/tWu2cFssxHzuQrrE6ZhdOxL98Usb5BVJRK1StI=
date.deinseitensprung.com/ Name: PHPSESSID
Value: t4rjvgm1v8r5otf5okcih1mhee

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
date.deinseitensprung.com
lpmedia.servefilesonly.com
o-2494.prodtraff.com
syndication.traffichaus.com
www.creativeadsnetwork.com
185.154.225.17
2606:4700::6812:4f6
2606:4700::6812:a95
2a00:1450:400d:80a::200a
66.254.114.233
89.185.228.66
000e005b92d5eac2636b713b37b44f06af81f0ce6f77c61a01c2e644eacff80a
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299
1f36c13dbd19297c8b815c10925d0b8fdf43a9e059cf59647ffbb9806b916e47
25b91258d586686008f871a95029c1c12a3c0036e97a310f025bc1eb0d89c592
2b524e0572fa538c0bd4ba0f6f1c2524fd58cd42b04fa2ce33c545f13203234d
34e4a7776c09698b9a246655fe982aa6e480907b3da765f85595c26e9f2a5e5a
3754a93462764a757e8179d9c4ba63f7ed6361c8b1d65d3f32d18dea4aef49fd
57164f0603586d908ef9c0eaf9b75fbf710d5fd7a36f6bed0f9313e0377602f0
665f21d33c97cad62009e2844b51a49d69a29cce336937876c3cfe83be8cd2b7
71d883e0fe14159d539b992906654e028588c51c90c454c1af29dedf3f380d21
7b7749b4cfe0f59549b069d3e3846fe41f95f792d5affc0e4b0175f3c5f8027d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
93356c79cfc61cdd0175df09fdbb58d196cea8ebed449d9bb236d66eab081cf1
ad80e2b2a32ec9c365a220632ff0493fb3248e6c1a1b296340098b9ca3a652c4
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181
b56914c53473fc49765ab22a85fed52ae193fe32e7c469f1fdc0aad51186d5ce
c0b19d26e2eb43d9ef45ab0f15894e00126f922b44daef05132b56f067fb7c0e
cfb1111dc6eff14757577d1fff2c680537d64775c9822a5ac75acee83fc0f1f8
d506d37cc742a12f91c0fdaf5b8cc99d6a824a0d61c0f74408364099f81227ca
edc750220221997c4f0f6f4046a3727be5d210ce4f4d7cbd3e167b6715bb3864
f776bb88b87a1836e12d52add0cbdc20b481f8adca46e7798186a9d52db13117
fbdff3d0a167783a210fcec6a300a4d925fe2e33c7e23e68fe69f1dd99084f52
fe51d3ef1a05646185f0502528011a2cefa201b468c962cfc2828db9c2352eea