urlscan.io logo urlscan.io
SecurityTrails logo

pre.ficktreffen.de Open in urlscan Pro
176.34.129.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gghf.mobi/de/lp18/get.php
Effective URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZ...
Submission: On September 21 via manual from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 11 domains to perform 17 HTTP transactions. The main IP is 176.34.129.201, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is pre.ficktreffen.de.
This is the only time pre.ficktreffen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 178.79.171.154 63949 (LINODE-AP...)
1 1 2a05:d018:483... 16509 (AMAZON-02)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 1 52.50.109.222 16509 (AMAZON-02)
1 176.34.129.201 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.214.41 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
17 11
2    178.79.171.154 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li308-154.members.linode.com
gghf.mobi
1    2a05:d018:483:6110:9c1b:53c6:cb75:98e8 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
secureconv-dt.com
2    2a05:d018:483:6130:69e4:3fd:34a3:8c4e (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
securessl-dt.com
1    2a05:d018:483:6110:60bd:7884:483f:2b59 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
gdmconvtrck.com
1    52.50.109.222 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
www.cpxtrck.com
1    176.34.129.201 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-129-201.eu-west-1.compute.amazonaws.com
pre.ficktreffen.de
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
3    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
3    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    143.204.214.41 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-41.fra53.r.cloudfront.net
media.ficktreffen.de
3    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
3 fonts.gstatic.com pre.ficktreffen.de
3 fonts.googleapis.com pre.ficktreffen.de
3 maxcdn.bootstrapcdn.com pre.ficktreffen.de
2 securessl-dt.com 1 redirects
2 gghf.mobi 1 redirects
1 media.ficktreffen.de pre.ficktreffen.de
1 cdnjs.cloudflare.com pre.ficktreffen.de
1 code.jquery.com pre.ficktreffen.de
1 ajax.googleapis.com pre.ficktreffen.de
1 pre.ficktreffen.de gdmconvtrck.com
1 www.cpxtrck.com 1 redirects
1 gdmconvtrck.com securessl-dt.com
1 secureconv-dt.com 1 redirects
17 13

This site contains links to these domains. Also see Links.

Domain
www.ficktreffen.de
Subject Issuer Validity Valid
gghf.mobi
Let's Encrypt Authority X3		 2019-07-27 -
2019-10-25		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.ficktreffen.de
Amazon		 2019-02-24 -
2020-03-24		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Frame ID: 87D09C9503AD8DAD254DB0DB4B4EAF58
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gghf.mobi/de/lp18/get.php Page URL
  2. https://gghf.mobi/im/click.php?c=47&key=uuhn6a423nqejyv81ob8co77&c1=lp18 HTTP 302
    http://secureconv-dt.com/?a=11409&c=180607&s2=11491851198 HTTP 302
    http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905... Page URL
  3. http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132944&h=d98fc65cf4... HTTP 302
    http://www.cpxtrck.com/aff_c?offer_id=325&aff_id=1008&aff_sub2=11409&aff_sub1=333de881b6f248bbac95a... HTTP 302
    http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

76 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

11
IPs

5
Countries

236 kB
Transfer

505 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gghf.mobi/de/lp18/get.php Page URL
  2. https://gghf.mobi/im/click.php?c=47&key=uuhn6a423nqejyv81ob8co77&c1=lp18 HTTP 302
    http://secureconv-dt.com/?a=11409&c=180607&s2=11491851198 HTTP 302
    http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198 Page URL
  3. http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132944&h=d98fc65cf4ffce1006fb00c76b086afca757d2b6&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198&us=7aa4aec7b48f46389144041cc77e7120 HTTP 302
    http://www.cpxtrck.com/aff_c?offer_id=325&aff_id=1008&aff_sub2=11409&aff_sub1=333de881b6f248bbac95a092622bf806e852&aff_sub3= HTTP 302
    http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://gghf.mobi/im/click.php?c=47&key=uuhn6a423nqejyv81ob8co77&c1=lp18 HTTP 302
  • http://secureconv-dt.com/?a=11409&c=180607&s2=11491851198 HTTP 302
  • http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
get.php
gghf.mobi/de/lp18/ 		203 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gghf.mobi/de/lp18/get.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.79.171.154 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li308-154.members.linode.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
gghf.mobi
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Sat, 21 Sep 2019 19:50:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Content-Length
203
Connection
close
Content-Type
text/html; charset=UTF-8
/
securessl-dt.com/
Redirect Chain
  • https://gghf.mobi/im/click.php?c=47&key=uuhn6a423nqejyv81ob8co77&c1=lp18
  • http://secureconv-dt.com/?a=11409&c=180607&s2=11491851198
  • http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s...
2 KB
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198
Protocol
HTTP/1.1
Server
2a05:d018:483:6130:69e4:3fd:34a3:8c4e Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c38a76e10067a1a2a8589346cafba71110563ebf5460246ec12e7d82d65b591b

Request headers

Host
securessl-dt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Date
Sat, 21 Sep 2019 19:45:32 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 1 May 2020 12:00:00 GMT
Content-Encoding
gzip

Redirect headers

Date
Sat, 21 Sep 2019 19:45:32 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Location
http://securessl-dt.com?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198
Content-Language
en-US
trck
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gdmconvtrck.com/trck
Requested by
Host: securessl-dt.com
URL: http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198
Protocol
HTTP/1.1
Server
2a05:d018:483:6110:60bd:7884:483f:2b59 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
cc42d1c9105dcadaeed7b779d009b22649b63d1e1a37ac97435a6e8bc706e6c4

Request headers

Referer
http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Sep 2019 19:45:33 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 1 May 2020 12:00:00 GMT
Primary Request Cookie set campaign
pre.ficktreffen.de/
Redirect Chain
  • http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132944&h=d98fc65cf4ffce1006fb00c76b086afca757d2b6&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s...
  • http://www.cpxtrck.com/aff_c?offer_id=325&aff_id=1008&aff_sub2=11409&aff_sub1=333de881b6f248bbac95a092622bf806e852&aff_sub3=
  • http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&ln...
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Requested by
Host: gdmconvtrck.com
URL: http://gdmconvtrck.com/trck
Protocol
HTTP/1.1
Server
176.34.129.201 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-129-201.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
62f957bc74370cb2e50781ecf66b1bb9bee8013bc1baadbf17f27333c7f5a568

Request headers

Host
pre.ficktreffen.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://securessl-dt.com/?a=11409&c=180607&oc=96151&sr=t&s2=11491851198&vt=1569095132862&h=f4f9a97905952810464a00fa6fb8ad15d3d31f38&req=http%3A%2F%2Fsecureconv-dt.com%2F%3Fa%3D11409%26c%3D180607%26s2%3D11491851198

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Sep 2019 19:45:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Set-Cookie
PHPSESSID=6j0i8m4mc9o46ertd3r73aosd5; path=/ PHPSESSID=n7n16krrk3slmql6oha5gk1r7t; path=/
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 21 Sep 2019 19:45:33 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx/1.13.12
Set-Cookie
enc_aff_session_325=ENC03caefd0059fca35e8d680430fc6a9df9eab9710983db741daec0f62826cf6eb1759a5fe55006cae8079eb541f9f7c0447f702fc58d5c1d41ac1435daa1284d70be7caf223aac281f724f37abbe4898b0042d718f5ede38bade347b2b3489502ab0c5d6a99d6626eea0ff0cc67656d8793c05d6b1fa8b010db153ec2683862a640a578bc05d556ef704e477c820722c6144275751ab63fdade7f20b807cba1f81b574e8b3ee3a1ef09aa6b88ff9b98ae2dd1d965244cfd6eabd76b55a7300cab80b3bc27cff51b6459dc4c25a0bf3b99a6749876f0556d1e8ffce971df664e409fc91e6b79775230b261b8721635c94d1695c89d599d3a6ed5f7c41595c31d06961f53f3e9b89e9e57362e61268d45b9b56c34bb92bdbd58796e17b9de41b8ec1052e7bf5af7747fc693a5e7d29980115b318711108e7e292ef279e456d91d2da600d00f22; expires=Sun, 22 Sep 2019 19:45:33 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Tue, 16 Aug 2022 06:25:33 GMT; path=/;
tracking_id
102fdb4d127dc7d98f00dc2f8c15c9
X-Robots-Tag
noindex, nofollow
Content-Length
570
Connection
keep-alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 19:20:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
2507122
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
32954
X-XSS-Protection
0
Expires
Sat, 22 Aug 2020 19:20:11 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Sec-Fetch-Mode
cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Origin
http://pre.ficktreffen.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 19:45:33 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19747
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df

Request headers

Sec-Fetch-Mode
cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Origin
http://pre.ficktreffen.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 19:45:33 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
2776
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Sec-Fetch-Mode
cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Origin
http://pre.ficktreffen.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 19:45:33 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9764
jquery-1.8.3.min.js
code.jquery.com/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.8.3.min.js
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 19:45:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-16dc4"
Vary
Accept-Encoding
X-HW
1569095133.dop035.fr8.t,1569095133.cds141.fr8.shn,1569095133.cds141.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33419
css
fonts.googleapis.com/ 		414 B
373 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Monoton
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
978965dd266426604edb7acd1a5ce93d3e9f25a2f370e4933b0df2c40d234f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 21 Sep 2019 19:45:33 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sat, 21 Sep 2019 19:45:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Sat, 21 Sep 2019 19:45:33 GMT
css
fonts.googleapis.com/ 		2 KB
443 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
84ef1175854e5116158d8db078706e87896136f97aed314d8ad2a2e6f1f36e58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 21 Sep 2019 19:45:33 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sat, 21 Sep 2019 19:45:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Sat, 21 Sep 2019 19:45:33 GMT
css
fonts.googleapis.com/ 		5 KB
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,700
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c66ef7c8ebde9588105e5d6dd906ec9973bb523c48b0baab187ac3519e267359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 21 Sep 2019 19:45:33 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sat, 21 Sep 2019 19:45:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Sat, 21 Sep 2019 19:45:33 GMT
jquery.countdown.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 19:45:33 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12509598
status
200
served-in-seconds
0.015
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:13 GMT
server
cloudflare
etag
W/"5afd494d-14db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
519e8a479c208caa-VIE
expires
Thu, 10 Sep 2020 19:45:33 GMT
prelanding1_adult_bg.jpg
media.ficktreffen.de/media/images/prelandingpage/prelander8/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.ficktreffen.de/media/images/prelandingpage/prelander8/prelanding1_adult_bg.jpg
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-41.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9c7ab9e2c544f4333b7775c4f480ac57c7246e37b52b38b915814a86d52563c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 13:46:35 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
last-modified
Thu, 26 Apr 2018 12:45:08 GMT
server
AmazonS3
age
1230550
etag
"c9e22ed71665a1326bc95e2c7eff3edc"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=3153600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
89232
x-amz-cf-id
HGKlAlLgZqTB7b4SVUyNpepryyUnkE836R7HDinJn7UepUuhQtmGeQ==
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700
Origin
http://pre.ficktreffen.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 12:26:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:42 GMT
server
sffe
age
1927165
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13228
x-xss-protection
0
expires
Sat, 29 Aug 2020 12:26:08 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,700
Origin
http://pre.ficktreffen.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 05:39:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
2383585
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11180
x-xss-protection
0
expires
Mon, 24 Aug 2020 05:39:08 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: pre.ficktreffen.de
URL: http://pre.ficktreffen.de/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuZmlja3RyZWZmZW4uZGUvY2FtcGFpZ24%2FdXRtX2NhbXBhaWduPTU2MTg%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=1&fllbck=2&vrnt=OA%3D%3D&utm_term=102fdb4d127dc7d98f00dc2f8c15c9&utm_source=&utm_content=333de881b6f248bbac95a092622bf806e852&utm_medium=11409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,700
Origin
http://pre.ficktreffen.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:36:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2272151
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11020
x-xss-protection
0
expires
Tue, 25 Aug 2020 12:36:22 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery110207167713673992568 function| startTimer function| step

1 Cookies

Domain/Path Name / Value
pre.ficktreffen.de/ Name: PHPSESSID
Value: n7n16krrk3slmql6oha5gk1r7t

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
gdmconvtrck.com
gghf.mobi
maxcdn.bootstrapcdn.com
media.ficktreffen.de
pre.ficktreffen.de
secureconv-dt.com
securessl-dt.com
www.cpxtrck.com
143.204.214.41
176.34.129.201
178.79.171.154
2001:4de0:ac18::1:a:3b
2001:4de0:ac19::1:b:1a
2606:4700::6813:c597
2a00:1450:4001:81a::200a
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a05:d018:483:6110:60bd:7884:483f:2b59
2a05:d018:483:6110:9c1b:53c6:cb75:98e8
2a05:d018:483:6130:69e4:3fd:34a3:8c4e
52.50.109.222
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62f957bc74370cb2e50781ecf66b1bb9bee8013bc1baadbf17f27333c7f5a568
84ef1175854e5116158d8db078706e87896136f97aed314d8ad2a2e6f1f36e58
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
978965dd266426604edb7acd1a5ce93d3e9f25a2f370e4933b0df2c40d234f51
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
c38a76e10067a1a2a8589346cafba71110563ebf5460246ec12e7d82d65b591b
c66ef7c8ebde9588105e5d6dd906ec9973bb523c48b0baab187ac3519e267359
cc42d1c9105dcadaeed7b779d009b22649b63d1e1a37ac97435a6e8bc706e6c4
d9c7ab9e2c544f4333b7775c4f480ac57c7246e37b52b38b915814a86d52563c
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c