Submitted URL: http://www.dreamies.de/
Effective URL: https://www.dreamies.de/
Submission: On July 14 via manual from IN

Summary

This website contacted 62 IPs in 8 countries across 59 domains to perform 254 HTTP transactions. The main IP is 46.4.15.228, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.dreamies.de.
TLS certificate: Issued by Thawte RSA CA 2018 on October 5th 2020. Valid for: a year.
This is the only time www.dreamies.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 46.4.15.228 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
27 168.119.242.35 24940 (HETZNER-AS)
8 104.111.218.85 16625 (AKAMAI-AS)
1 13.224.96.67 16509 (AMAZON-02)
3 142.250.74.194 15169 (GOOGLE)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
37 162.55.171.74 24940 (HETZNER-AS)
1 3.121.91.240 16509 (AMAZON-02)
2 3 37.157.6.245 198622 (ADFORM)
2 185.86.139.59 201081 (SMARTADSE...)
2 3 37.252.173.27 29990 (ASN-APPNEX)
2 18.195.199.191 16509 (AMAZON-02)
4 116.202.98.152 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.113.194 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 217.79.188.11 24961 (MYLOC-AS ...)
2 217.79.188.8 24961 (MYLOC-AS ...)
1 2a04:4e42:3::485 54113 (FASTLY)
2 2600:9000:219... 16509 (AMAZON-02)
12 3.123.78.164 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 1 62.209.227.211 5588 (GTSCE GTS...)
1 94.136.189.31 41391 (CLUSTERS-AS)
10 51.91.68.112 16276 (OVH)
3 3 185.29.132.68 30419 (MEDIAMATH...)
24 2606:4700:303... 13335 (CLOUDFLAR...)
7 176.9.51.136 24940 (HETZNER-AS)
4 51.210.32.121 16276 (OVH)
1 1 37.252.173.113 29990 (ASN-APPNEX)
4 4 84.200.5.215 31400 (ACCELERAT...)
2 2 78.46.85.162 24940 (HETZNER-AS)
2 82.113.101.132 6805 (TDDE-ASN1)
12 46.236.13.147 24931 (DEDIPOWER)
5 151.139.241.23 33438 (HIGHWINDS2)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 13.224.96.50 16509 (AMAZON-02)
4 81.29.72.47 24931 (DEDIPOWER)
1 145.239.193.145 16276 (OVH)
1 1 185.86.137.32 201081 (SMARTADSE...)
5 68.232.35.16 15133 (EDGECAST)
1 54.38.64.100 16276 (OVH)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.113.108 54113 (FASTLY)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 145.239.193.51 16276 (OVH)
7 51.89.9.253 16276 (OVH)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
1 54.246.143.132 16509 (AMAZON-02)
1 13.224.89.3 16509 (AMAZON-02)
2 3 54.36.109.186 16276 (OVH)
4 4 51.75.198.14 16276 (OVH)
7 7 142.250.186.162 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
5 6 13.248.242.197 16509 (AMAZON-02)
2 2 54.154.124.189 16509 (AMAZON-02)
1 1 3.120.52.200 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
8 52.213.6.221 16509 (AMAZON-02)
2 2 72.251.244.141 29791 (VOXEL-DOT...)
5 52.30.185.188 16509 (AMAZON-02)
2 69.173.144.138 26667 (RUBICONPR...)
1 1 185.33.220.241 29990 (ASN-APPNEX)
1 2 185.86.139.89 201081 (SMARTADSE...)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
1 3.121.3.128 16509 (AMAZON-02)
1 94.136.160.63 41391 (CLUSTERS-AS)
1 34.120.133.55 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 37.157.6.247 198622 (ADFORM)
1 18.197.47.23 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
3 3 35.158.179.12 16509 (AMAZON-02)
2 2 3.127.166.11 16509 (AMAZON-02)
1 54.246.103.100 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
254 62
Apex Domain
Subdomains
Transfer
70 dreamies.de
www.dreamies.de
s1.dreamies.de
tn1.dreamies.de
as1.dreamies.de
1001 KB
24 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
641 KB
16 webgains.com
track.webgains.com
diapi.webgains.com
108 KB
15 adscale.de
hb.adscale.de
js.adscale.de
ih.adscale.de
14 KB
10 webgains.io
analytics.webgains.io
api.webgains.io
120 KB
10 webplexmedia.de
view.webplexmedia.de
10 KB
10 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
140 KB
9 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
3 KB
8 yieldlab.net
ad.yieldlab.net
4 KB
7 onetag-sys.com
onetag-sys.com
3 KB
7 qualigo.com
qualigo.com
131 KB
7 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
327 KB
6 adsrvr.org
match.adsrvr.org
3 KB
6 cpx.to
p.cpx.to
s.cpx.to
8 KB
6 adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
acdn.adnxs.com
secure.adnxs.com
25 KB
6 smartadserver.com
prg.smartadserver.com
ww1097.smartadserver.com
csync.smartadserver.com
sync.smartadserver.com
4 KB
5 sascdn.com
ced-ns.sascdn.com
ec-ns.sascdn.com
24 KB
5 themoneytizer.com
ads.themoneytizer.com
202 KB
5 adform.net
adx.adform.net
track.adform.net
dmp.adform.net
2 KB
4 bidswitch.net
pool.grid-data.bidswitch.net
x.bidswitch.net
1 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com
2 KB
4 o2online.de
partner.o2online.de
portal.o2online.de
4 KB
4 beruf.biz
media.beruf.biz
1 KB
4 mathtag.com
sync.mathtag.com
pixel.mathtag.com
2 KB
3 rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
692 B
3 id5-sync.com
id5-sync.com
4 KB
3 casalemedia.com
ssum.casalemedia.com
as-sec.casalemedia.com
2 KB
3 adition.com
imagesrv.adition.com
adfarm1.adition.com
10 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
151 KB
3 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
ajax.googleapis.com
148 KB
2 perf-serving.com
prod.perf-serving.com
1 KB
2 yahoo.com
ups.analytics.yahoo.com
1 KB
2 pubmatic.com
image2.pubmatic.com
628 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 criteo.com
dis.criteo.com
gum.criteo.com
941 B
2 lead-alliance.net
www.lead-alliance.net
1 KB
2 telefonica-partner.de
www.telefonica-partner.de
496 B
2 userreport.com
nugmw.userreport.com
sak.userreport.com
32 KB
2 yieldlove-ad-serving.net
prod-ingestion.tracking.v2.yieldlove-ad-serving.net
115 B
1 adleadevent.com
adtrack.adleadevent.com
526 B
1 advertising.com
pixel.advertising.com
125 B
1 rlcdn.com
api.rlcdn.com
221 B
1 adklick.net
media.adklick.net
95 KB
1 agkn.com
aa.agkn.com
383 B
1 quantcount.com
rules.quantcount.com
1 KB
1 indexww.com
js-sec.indexww.com
13 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr
4 KB
1 tmyzer.com
c.tmyzer.com
271 B
1 themoneytizer.net
g.themoneytizer.net
271 B
1 adklick.de
ssl.adklick.de
767 B
1 ibillboard.com
bbnaut.ibillboard.com
352 B
1 nuggad.net
si.nuggad.net
509 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 googletagservices.com
www.googletagservices.com
24 KB
1 fastly.net
confiant-integrations.global.ssl.fastly.net
5 KB
1 yieldlove.com
cdn-a.yieldlove.com
104 KB
254 59
Domain Requested by
37 tn1.dreamies.de www.dreamies.de
27 s1.dreamies.de www.dreamies.de
12 track.webgains.com as.ad4m.at
analytics.webgains.io
track.webgains.com
12 assets.ad4m.at as.ad4m.at
12 ih.adscale.de js.adscale.de
ih.adscale.de
www.dreamies.de
10 view.webplexmedia.de as1.dreamies.de
view.webplexmedia.de
8 api.webgains.io analytics.webgains.io
8 ad4m.at view.webplexmedia.de
ad4m.at
8 ad.yieldlab.net www.dreamies.de
as1.dreamies.de
adfarm1.adition.com
ad.yieldlab.net
7 cm.g.doubleclick.net 7 redirects
7 onetag-sys.com ads.themoneytizer.com
onetag-sys.com
7 qualigo.com view.webplexmedia.de
qualigo.com
6 match.adsrvr.org 5 redirects js-sec.indexww.com
6 mwzeom.zeotap.com media.beruf.biz
5 s.cpx.to p.cpx.to
media.beruf.biz
5 ads.themoneytizer.com media.beruf.biz
ads.themoneytizer.com
4 ec-ns.sascdn.com csync.smartadserver.com
4 cookie-matching.mediarithmics.com 4 redirects
4 diapi.webgains.com track.webgains.com
4 as.ad4m.at ad4m.at
as.ad4m.at
4 media.beruf.biz view.webplexmedia.de
media.beruf.biz
4 assets.vlitag.com tag.vlitag.com
4 as1.dreamies.de www.dreamies.de
s1.dreamies.de
3 x.bidswitch.net 3 redirects
3 id5-sync.com 2 redirects media.beruf.biz
3 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
3 sync.mathtag.com 3 redirects
3 ib.adnxs.com 2 redirects cdn-a.yieldlove.com
3 securepubads.g.doubleclick.net www.dreamies.de
www.googletagservices.com
2 prod.perf-serving.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 dmp.adform.net 2 redirects
2 image2.pubmatic.com 2 redirects
2 sync.smartadserver.com 1 redirects media.beruf.biz
2 tracking.m6r.eu 2 redirects
2 dpm.demdex.net 2 redirects
2 track.adform.net 2 redirects
2 analytics.webgains.io track.webgains.com
2 ssum.casalemedia.com 2 redirects
2 portal.o2online.de as.ad4m.at
2 partner.o2online.de 2 redirects
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 js.adscale.de cdn-a.yieldlove.com
ih.adscale.de
2 adfarm1.adition.com as1.dreamies.de
adfarm1.adition.com
2 fonts.gstatic.com fonts.googleapis.com
2 prod-ingestion.tracking.v2.yieldlove-ad-serving.net cdn-a.yieldlove.com
2 prg.smartadserver.com cdn-a.yieldlove.com
2 services.vlitag.com www.dreamies.de
services.vlitag.com
2 www.dreamies.de 1 redirects
1 sak.userreport.com si.nuggad.net
1 adtrack.adleadevent.com ajax.googleapis.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 pixel.advertising.com onetag-sys.com
1 pixel.rubiconproject.com onetag-sys.com
1 pixel-eu.rubiconproject.com onetag-sys.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 www.gstatic.com media.adklick.net
1 media.adklick.net ssl.adklick.de
1 pool.grid-data.bidswitch.net media.beruf.biz
1 secure.adnxs.com 1 redirects
1 token.rubiconproject.com media.beruf.biz
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 pixel.quantserve.com media.beruf.biz
1 rules.quantcount.com secure.quantserve.com
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 dis.criteo.com 1 redirects
1 acdn.adnxs.com cdn-a.yieldlove.com
1 csync.smartadserver.com cdn-a.yieldlove.com
1 c.tmyzer.com ads.themoneytizer.com
1 ced-ns.sascdn.com media.beruf.biz
1 ww1097.smartadserver.com 1 redirects
1 g.themoneytizer.net ads.themoneytizer.com
1 adscale-emea.adnxs.com 1 redirects
1 ssl.adklick.de as1.dreamies.de
1 bbnaut.ibillboard.com 1 redirects
1 nugmw.userreport.com www.dreamies.de
1 si.nuggad.net 1 redirects
1 cdn.jsdelivr.net assets.vlitag.com
1 imagesrv.adition.com as1.dreamies.de
ad.yieldlab.net
1 imasdk.googleapis.com tag.vlitag.com
1 www.googletagservices.com tag.vlitag.com
1 tag.vlitag.com services.vlitag.com
1 confiant-integrations.global.ssl.fastly.net cdn-a.yieldlove.com
1 adx.adform.net cdn-a.yieldlove.com
1 hb.adscale.de cdn-a.yieldlove.com
1 cdn-a.yieldlove.com www.dreamies.de
1 fonts.googleapis.com www.dreamies.de
254 95

This site contains no links.

Subject Issuer Validity Valid
*.dreamies.de
Thawte RSA CA 2018
2020-10-05 -
2021-10-06
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-06-22 -
2021-09-14
3 months crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA
2021-03-09 -
2022-03-14
a year crt.sh
cdn-a.yieldlove.com
Amazon
2020-09-18 -
2021-10-20
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-13 -
2022-06-12
a year crt.sh
*.adscale.de
Amazon
2021-05-09 -
2022-06-07
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
prod-ingestion.tracking.v2.yieldlove-ad-serving.net
R3
2021-05-26 -
2021-08-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-27 -
2022-05-29
a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2
2021-04-15 -
2022-05-17
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
*.userreport.com
Amazon
2021-02-19 -
2022-03-20
a year crt.sh
ssl.adklick.de
GlobeSSL DV CA
2021-05-13 -
2022-05-15
a year crt.sh
view.webplexmedia.de
R3
2021-07-02 -
2021-09-30
3 months crt.sh
qualigo.com
R3
2021-06-08 -
2021-09-06
3 months crt.sh
media.beruf.biz
R3
2021-06-19 -
2021-09-17
3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1
2021-01-19 -
2022-02-19
a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
*.themoneytizer.com
GoGetSSL RSA DV CA
2021-02-14 -
2022-03-17
a year crt.sh
*.webgains.io
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA
2019-10-16 -
2022-01-17
2 years crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-08 -
2022-04-13
a year crt.sh
c.tmyzer.com
R3
2021-06-04 -
2021-09-02
3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4
2021-05-10 -
2022-06-11
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-06-27 -
2021-09-24
3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2020-09-11 -
2021-09-12
a year crt.sh
onetag-sys.com
R3
2021-05-02 -
2021-07-31
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2021-02-02 -
2022-02-02
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.id5-sync.com
R3
2021-06-01 -
2021-08-30
3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2021-02-03 -
2022-02-09
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-03-06 -
2022-03-06
2 years crt.sh
media.adklick.net
GlobeSSL DV CA
2021-03-12 -
2022-03-14
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
adtrack.adleadevent.com
Amazon
2021-05-17 -
2022-06-15
a year crt.sh

This page contains 23 frames:

Primary Page: https://www.dreamies.de/
Frame ID: 2561552AB7345EE643ADA2C11EA92BB2
Requests: 96 HTTP requests in this frame

Frame: https://as1.dreamies.de/rs_300250.php
Frame ID: 09E6C6A08BD9F529926E4295AD15420B
Requests: 10 HTTP requests in this frame

Frame: https://as1.dreamies.de/rs_300250.php
Frame ID: 8EB8B7CFEB68729F2DD979E45FA0C394
Requests: 3 HTTP requests in this frame

Frame: https://as1.dreamies.de/rs_72890.php
Frame ID: 49F30C2DEFC8D2870C9923F9096A5F20
Requests: 3 HTTP requests in this frame

Frame: https://as1.dreamies.de/rs_160600.php
Frame ID: 79DE86B86A40D0DF2F6C315700AA0B5D
Requests: 3 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1
Frame ID: 145068F16B2001F8DAD484F1E0385383
Requests: 11 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
Frame ID: 365471FEBD1C967EF7F444444B836288
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=160&h=600&sid=867&size=3
Frame ID: C6EB2109030480D913DBF69C22110C2A
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Frame ID: 6198F18AAAC482467380F323FA405566
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=3&referrer=
Frame ID: ADBFB187684AE797559BA3DDFC9E8E6F
Requests: 4 HTTP requests in this frame

Frame: https://media.beruf.biz/?sess=2qV0%2F7TSeA2uYkmSCTz3Ib10HcZO7%2F4VbB30feFGXnE%3D
Frame ID: D11F6A6E44FC5CC440A14AC0D6B131D8
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0A5C61649023B7B5DDFC6231C2032F5B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 87E1F7733CFDE046A8AB272D603B2548
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Frame ID: 313EEBB522E87C1AAB128F9E17D18591
Requests: 20 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Frame ID: 49F5E4CC64D78B167578E56F79C3DF08
Requests: 20 HTTP requests in this frame

Frame: https://qualigo.com/doks/iframe_banner.php?ds=33651&subds=qualigo_com&cat=&search=qualigo&wo=de&m=de&erotic=0&bc_lid=&dc_wi=&af_site=&af_ref=&af_subid=&af_tnb=&aw_id=&aw_gid=&aw_linkid=&aw_mid=&format=ad_160x600&target=0&sponsoredby=1&images=&track=&trackingurl=&col_headline=0000a0&col_text=404040&col_url=808080&col_bg=f2f2f2&col_border=858585&deep_ref=&prnt_ref=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D333004898%26e%3D0%26s%3D0%26p%3D0%26sid%3D867%26size%3D3%26referrer%3D
Frame ID: 26FC188C91DFF72607D7EDADAE930346
Requests: 1 HTTP requests in this frame

Frame: https://media.beruf.biz/tags/3001/index.html
Frame ID: 95BA317E553A290F753DCBF639CC0732
Requests: 31 HTTP requests in this frame

Frame: https://qualigo.com/de/question
Frame ID: F473D670F0688A5DB23096A9096D9C7F
Requests: 5 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Frame ID: 45C99886EB83EA0B9B6D7697B6D57979
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9449F78877B814649AB5B470CE8BBB88
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Frame ID: F6ADC45133B616D4E9981B905582EED1
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258&cmp=0
Frame ID: CD0A954872764B214753767E381BCEA2
Requests: 9 HTTP requests in this frame

Frame: https://media.adklick.net/banner/en728x90.html?clickTAG=http%3A%2F%2Fpartners.adklick.de%2Ftracking.php%3Fid%3D2%26action%3Dlink%26banner%3D1857%26site%3D25684%26akref%3D68747470733a2f2f6173312e647265616d6965732e64652f%26user%3D24046%26subid%3D0%26aktrg%3D
Frame ID: 71AE607CDA3397645C94EE257BB455CA
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.dreamies.de/ HTTP 301
    https://www.dreamies.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/(?:[^/]+\.)?yieldlab\.net\//i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

254
Requests

99 %
HTTPS

20 %
IPv6

59
Domains

95
Subdomains

62
IPs

8
Countries

3392 kB
Transfer

7288 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dreamies.de/ HTTP 301
    https://www.dreamies.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
  • https://nugmw.userreport.com/rc-ap/5aeebb19-a87c-482e-b050-3d0d4422afa8/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Request Chain 102
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=d61dd404920146b285df4083a20fc93d&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=101&tpuid=BBID-01-03009774724896941-16339896
Request Chain 124
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=73d85ad267bcd64fbfd84bfe70706324a0d85fcf96e14d83cf866fe8fa0f72dd&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
Request Chain 137
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID HTTP 302
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=75&tpuid=9167451645549144546
Request Chain 146
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021071413511652810657371X117679V1226132702MSoneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&spid=2021071413511652810657371X117679V1226132702MSoneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021071413511652810657371X117679V1226132702MSoneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&wfid=117679
Request Chain 154
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021071413511652810657375X117679V1226132702MSoneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&spid=2021071413511652810657375X117679V1226132702MSoneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021071413511652810657375X117679V1226132702MSoneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&wfid=117679
Request Chain 165
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=d5cb5e9e1f46bc6662a1db610c61bfdba6e311b8ee614f58bebc1142d70d0641&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg&s=183592&tpid=63&uid=d5cb5e9e1f46bc6662a1db610c61bfdba6e311b8ee614f58bebc1142d70d0641&C=1 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YO7PuB6OJc01OPJIEsHDXwAA%26711
Request Chain 177
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eb093f5491332bfea41cff2c5d492a326966ed2f3cb922b3b81b2f7a7bd0f0f3&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=eb093f5491332bfea41cff2c5d492a326966ed2f3cb922b3b81b2f7a7bd0f0f3&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=42&tpuid=7712266775908450177
Request Chain 180
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 185
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=de6be3caeff0722108fcc101ef8f0ddc8b5319ad3fae32c63e54b4ad7b366fc1&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a9def535-6413-4e3f-92b2-ce8904b78fe2
Request Chain 195
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEKpDnA2pyLBLvVRHWcOkHkY&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEKpDnA2pyLBLvVRHWcOkHkY&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=9167451645549144546&opid=apx&ops=&utidl=tech:goo:CAESEKpDnA2pyLBLvVRHWcOkHkY&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18952831570&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
Request Chain 202
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=9167451645549144546&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHL0PLSWpyY31axukk46gYk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Request Chain 204
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d18-407b-4d08-42e9-0cf797b2af5d%26reqId%3D0c433caa-01b0-4105-60ee-f3fa1688dec5%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d18-407b-4d08-42e9-0cf797b2af5d%26reqId%3D0c433caa-01b0-4105-60ee-f3fa1688dec5%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=28b00880-6be4-42a6-8094-33422f7225e9&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Request Chain 205
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=fded0d18-407b-4d08-42e9-0cf797b2af5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d18-407b-4d08-42e9-0cf797b2af5d%26reqId%3D0c433caa-01b0-4105-60ee-f3fa1688dec5%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=fded0d18-407b-4d08-42e9-0cf797b2af5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d18-407b-4d08-42e9-0cf797b2af5d%26reqId%3D0c433caa-01b0-4105-60ee-f3fa1688dec5%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=02735386396556860551863906112782838644&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Request Chain 206
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lVpII2ASj4k7V7MIHxDLrOgOhh%2FxPfpp%2BS41iYitP1U%3D
Request Chain 207
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d18-407b-4d08-42e9-0cf797b2af5d%26reqId%3D0c433caa-01b0-4105-60ee-f3fa1688dec5%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=594960ee-cfb0-4200-a855-7682fcfa3bde&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Request Chain 212
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=251f2136211bd13cc057219578090379f8b2e1e1fea6015f4f2ee22ff7d245d7&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
Request Chain 219
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=edef41e1ee0d27178aeb2ae75806efd54e333b01d826ae423ba59e97f2d824cf&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fjs HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=edef41e1ee0d27178aeb2ae75806efd54e333b01d826ae423ba59e97f2d824cf&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fjs&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/js?tpid=48&tpuid=f3aaee3e460d392f97db88241d7426de
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&google_gid=CAESEGv9NWtIK6agasAqPQ9rOUc&google_cver=1
Request Chain 226
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12770%26ref%3Dhttps%253A%252F%252Fmedia.beruf.biz%252F%253Fsess%253D2qV0%25252F7TSeA2uYkmSCTz3Ib10HcZO7%25252F4VbB30feFGXnE%25253D%26hn_ver%3D16%26fid%3Dceaf0238-c2cd-4605-99df-4da3ac60e56c HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=9167451645549144546&pid=12770&ref=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCTz3Ib10HcZO7%252F4VbB30feFGXnE%253D&hn_ver=16&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
Request Chain 227
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=28b00880-6be4-42a6-8094-33422f7225e9&dsp=TTD
Request Chain 228
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dceaf0238-c2cd-4605-99df-4da3ac60e56c&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&gdpr=0&cklb=1
Request Chain 229
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dceaf0238-c2cd-4605-99df-4da3ac60e56c HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dceaf0238-c2cd-4605-99df-4da3ac60e56c HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7B37C808-E444-4C0E-9F34-6D9490FF8310&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
Request Chain 239
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
  • https://onetag-sys.com/sync/i,1/e32360ee-cfb5-4200-9ad1-c6c4de57f433
Request Chain 241
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=JxvT3PICrod2U5y4jG42is1usP3f1eb81iPdwLsVJMY HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=JxvT3PICrod2U5y4jG42is1usP3f1eb81iPdwLsVJMY HTTP 302
  • https://onetag-sys.com/sync/i,34/6220581521831243673
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= HTTP 302
  • https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPuhR05u7FUae3Y7aF9CYyk&google_cver=1
Request Chain 245
  • https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-._k0XttE2uGLLYOqmf_jQ7h.T8xUxMmLbXgOonM-~A
Request Chain 246
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/sync/i,29/?tdid=28b00880-6be4-42a6-8094-33422f7225e9&ttl=1628855477
Request Chain 247
  • https://x.bidswitch.net/sync?ssp=onetag HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=b029c943-5c92-4289-84d9-911e4d3f0ba7&ssp=onetag&user_group=1 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=0160da23-12e0-4b76-a69d-e227c692f3a6&gdpr=&gdpr_consent=&us_privacy=

254 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.dreamies.de/
Redirect Chain
  • http://www.dreamies.de/
  • https://www.dreamies.de/
17 KB
5 KB
Document
General
Full URL
https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.15.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dreamies.de
Software
Apache /
Resource Hash
0c8be380ea30eec9b09d65eb3628ad621af28cc62a325c7a9351f0c5593923aa

Request headers

Host
www.dreamies.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Server
Apache
Set-Cookie
dreamies_ab=1; expires=Thu, 15-Jul-2021 11:51:10 GMT; Max-Age=86400; path=/; domain=dreamies.de
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Content-Length
4195
Connection
close
Content-Type
text/html; charset=iso-8859-1

Redirect headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Server
Apache
Location
https://www.dreamies.de/
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Content-Length
0
Connection
close
Content-Type
text/html; charset=iso-8859-1
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 11:24:38 GMT
server
ESF
date
Wed, 14 Jul 2021 11:51:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Jul 2021 11:51:10 GMT
dreamies.css
s1.dreamies.de/rs/css/
36 KB
8 KB
Stylesheet
General
Full URL
https://s1.dreamies.de/rs/css/dreamies.css?v=96
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
1254ef935264b35c3f7a70229bee326724c8857bbf2480fd7b11e3db626fc24d

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 22:23:14 GMT
Server
Apache
ETag
"8e94-5b842c4e4cd75-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
7365
Expires
Mon, 10 Jan 2022 11:51:10 GMT
jquery-3.4.1.min.js
s1.dreamies.de/rs/js/
86 KB
30 KB
Script
General
Full URL
https://s1.dreamies.de/rs/js/jquery-3.4.1.min.js
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jul 2019 13:23:11 GMT
Server
Apache
ETag
"15851-58ea98f825ff1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
30677
Expires
Mon, 10 Jan 2022 11:51:10 GMT
56669,56667,56651
ad.yieldlab.net/yp/
154 B
574 B
Script
General
Full URL
https://ad.yieldlab.net/yp/56669,56667,56651
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:10 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
129
Expires
Tue, 13 Jul 2021 11:51:10 GMT
yieldlove-bidder.js
cdn-a.yieldlove.com/
351 KB
104 KB
Script
General
Full URL
https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-67.zrh50.r.cloudfront.net
Software
/ Express
Resource Hash
2b85c8eafb9f40a2cb70b7c764dcd7a31a26b6982895b9f22d293a20b3e757a5

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:10 GMT
content-encoding
gzip
etag
"57d4d-AWg+AIR9aEhgxSme51lx1I1Gpxs"
x-amz-cf-pop
ZRH50-C1
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-id
tI-f5XsbG_OQHgNEUdMbKN6TtZWTNaMKaHcV4BIz6K4nZMj6i0sT0g==
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/
68 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
374f1fb8f270b70147973c371c56504a77b6040bad90f698d21348f2bfcb8011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"929 / 438 of 1000 / last-modified: 1626261008"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24152
x-xss-protection
0
expires
Wed, 14 Jul 2021 11:51:11 GMT
/
services.vlitag.com/adv1/
933 B
1 KB
Script
General
Full URL
https://services.vlitag.com/adv1/?q=9606a3996ea764c9859669b987170dc2
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c63929f6a8092c7f03326d1ceb9800bf7543e51a36d5bc411bed6db4a7519a8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Jul 2021 11:51:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A1OlL6dyUHp2qhnatv0xc68ezxR0WTcDTw52Gp0uhsbRgiHPr7jClOEWge8Kx%2F87CXKe725WaF5KYElgMPyI8gEjfkH2GioHOVF0kQA1On%2FkQVZLJrgmnAlhe6WwFTWPFJKfczo%2FpphNn8Hq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
66ea89a5dd5d4e31-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
DE.js
s1.dreamies.de/rs/js/language/
2 KB
1 KB
Script
General
Full URL
https://s1.dreamies.de/rs/js/language/DE.js?v=6
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
0e668f902def91b9fec73061a6ce00149a0fdbda93e864de5c2629059756bc20

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Aug 2020 12:58:22 GMT
Server
Apache
ETag
"6e3-5ad4eacdb57aa-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
680
Expires
Mon, 10 Jan 2022 11:51:10 GMT
dfp_delivery.js
s1.dreamies.de/rs/js/
27 B
380 B
Script
General
Full URL
https://s1.dreamies.de/rs/js/dfp_delivery.js
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
5ca966afb2ba08a656665f88e37c98a41e6b268a4a09bcd985af5c4ef5b607a3

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Last-Modified
Thu, 10 Dec 2020 11:49:27 GMT
Server
Apache
ETag
"1b-5b61ac4a14521"
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
27
Expires
Mon, 10 Jan 2022 11:51:10 GMT
js.cookie.js
s1.dreamies.de/rs/js/
2 KB
1 KB
Script
General
Full URL
https://s1.dreamies.de/rs/js/js.cookie.js
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
67fd03d12cd9941745e017cac44870121daf52d7ab971fcc49450e2eebbecc24

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jul 2019 19:13:55 GMT
Server
Apache
ETag
"740-58cf3e55438dc-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
983
Expires
Mon, 10 Jan 2022 11:51:10 GMT
dreamies.js
s1.dreamies.de/rs/js/
50 KB
16 KB
Script
General
Full URL
https://s1.dreamies.de/rs/js/dreamies.js?v=51
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b9aa159b9e0098c3098031be8b36782bf32f46e39dec38d08ad88018994f8594

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Jul 2021 19:46:46 GMT
Server
Apache
ETag
"c88f-5c65172eda724-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
15571
Expires
Mon, 10 Jan 2022 11:51:10 GMT
logo-full.png
s1.dreamies.de/rs/images/header/
9 KB
9 KB
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/logo-full.png
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
62ae283726b60dca9ab289f0b62ac6bbed46a3c66d8e40d312e94833877f06c6

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Tue, 12 Feb 2019 00:38:50 GMT
Server
Apache
ETag
"22e0-581a7a61d1a80"
Content-Type
image/png
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=249
Content-Length
8928
Expires
Mon, 10 Jan 2022 11:51:11 GMT
logo-icon.png
s1.dreamies.de/rs/images/header/
3 KB
3 KB
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/logo-icon.png
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
8ff40f3f42b5316d5f21c0b35f7b5670ec56136578a4b97a1efd97638c4cf00f

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Thu, 14 Feb 2019 01:20:44 GMT
Server
Apache
ETag
"a39-581d077a47300"
Content-Type
image/png
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=249
Content-Length
2617
Expires
Mon, 10 Jan 2022 11:51:11 GMT
menu.svg
s1.dreamies.de/rs/images/header/
310 B
656 B
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/menu.svg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
14d281ee630e468e6fbe88cf29bc8ef978abfd19747d9b6c7b19b6a65f13fb44

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Tue, 12 Feb 2019 00:38:50 GMT
Server
Apache
ETag
"136-581a7a61d1a80"
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=249
Content-Length
310
Expires
Mon, 10 Jan 2022 11:51:11 GMT
upload-white.svg
s1.dreamies.de/rs/images/header/
549 B
895 B
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/upload-white.svg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
79e92f64cc840a06b3c100393a4ce1556963142cc20ec80437e022c4c9ec012b

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Wed, 11 Sep 2019 15:17:21 GMT
Server
Apache
ETag
"225-5924884764adb"
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=249
Content-Length
549
Expires
Mon, 10 Jan 2022 11:51:11 GMT
search_white.svg
s1.dreamies.de/rs/images/header/
3 KB
3 KB
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/search_white.svg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
eb22a5c54d3f3e62db846c44fc9286fdd63b45b93175e0a93a391ac4f69049a8

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Tue, 12 Feb 2019 00:38:50 GMT
Server
Apache
ETag
"b15-581a7a61d1a80"
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=249
Content-Length
2837
Expires
Mon, 10 Jan 2022 11:51:11 GMT
upload.svg
s1.dreamies.de/rs/images/header/
549 B
895 B
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/upload.svg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ad6dccea9accf018923fa6e7d0dce6c9272bfbe9bdd664fbbc7f6339b7bc8f2c

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Wed, 11 Sep 2019 14:59:13 GMT
Server
Apache
ETag
"225-59248439b7e2b"
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=249
Content-Length
549
Expires
Mon, 10 Jan 2022 11:51:11 GMT
lock.svg
s1.dreamies.de/rs/images/header/
668 B
1014 B
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/lock.svg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
2bc1f13e1ca9dbdc0a65d2913aea0cf4d500be30d9be2a5821953ef1ab1567ca

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Tue, 12 Feb 2019 00:38:49 GMT
Server
Apache
ETag
"29c-581a7a60dd840"
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=241
Content-Length
668
Expires
Mon, 10 Jan 2022 11:51:12 GMT
search.svg
s1.dreamies.de/rs/images/header/
705 B
1 KB
Image
General
Full URL
https://s1.dreamies.de/rs/images/header/search.svg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
2f61f4a874b67d088a502359fb874fb9b7fc6ba6dadbdfa905b131fc8f12464e

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Tue, 12 Feb 2019 00:38:50 GMT
Server
Apache
ETag
"2c1-581a7a61d1a80"
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=247
Content-Length
705
Expires
Mon, 10 Jan 2022 11:51:12 GMT
fp_bg.jpg
s1.dreamies.de/rs/images/
208 KB
208 KB
Image
General
Full URL
https://s1.dreamies.de/rs/images/fp_bg.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
792e885389ac9957f7c28e8d8521a6107e9a3b4e9eb320efc701ca1aa52b337d

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Sat, 14 Dec 2019 09:42:32 GMT
Server
Apache
ETag
"33e1f-599a6cc2b926d"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=247
Content-Length
212511
Expires
Mon, 10 Jan 2022 11:51:11 GMT
obod79dxdw6.jpg
tn1.dreamies.de/img/180/p/
12 KB
13 KB
Image
General
Full URL
https://tn1.dreamies.de/img/180/p/obod79dxdw6.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
4b723e3dc2d2b1607431f3609139e8138594f329fd312f909156efbbd0c99233

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:31:31 GMT
Server
Apache
ETag
"31ed-5ac8cad99bbf9"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=91
Content-Length
12781
Expires
Mon, 10 Jan 2022 11:51:13 GMT
vd994w6d215.jpg
tn1.dreamies.de/img/704/p/
6 KB
6 KB
Image
General
Full URL
https://tn1.dreamies.de/img/704/p/vd994w6d215.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
dda45ef804639403b7965631c259fc12a52fc81aae8497c05fdd0c99f3dee4f7

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 22:07:38 GMT
Server
Apache
ETag
"1897-5ac8d2ec3b104"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=94
Content-Length
6295
Expires
Mon, 10 Jan 2022 11:51:13 GMT
krpqv2u8klt.jpg
tn1.dreamies.de/img/517/p/
10 KB
10 KB
Image
General
Full URL
https://tn1.dreamies.de/img/517/p/krpqv2u8klt.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
759cf6b4e9333dbc23a196cc66cb9dea1249ce70dd8deddcb9c7eceb41f6720d

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:42:59 GMT
Server
Apache
ETag
"282e-5ac8cd6976c94"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=94
Content-Length
10286
Expires
Mon, 10 Jan 2022 11:51:12 GMT
lp58kj3ngpn.jpg
tn1.dreamies.de/img/919/p/
4 KB
5 KB
Image
General
Full URL
https://tn1.dreamies.de/img/919/p/lp58kj3ngpn.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c1a2a1c98ea5fa813d305e756de5cb9d51fc59d83ff188b4abc5b5addb57fd1a

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 22:04:05 GMT
Server
Apache
ETag
"1144-5ac8d2214aad2"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=92
Content-Length
4420
Expires
Mon, 10 Jan 2022 11:51:12 GMT
z3pojits1dg.jpg
tn1.dreamies.de/img/262/p/
13 KB
13 KB
Image
General
Full URL
https://tn1.dreamies.de/img/262/p/z3pojits1dg.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
eca199fa7954e61e8c81d5ba8f268bcd2843be4437b9d856ee057273fd7b6520

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 22:09:27 GMT
Server
Apache
ETag
"32c5-5ac8d3544e3b2"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
12997
Expires
Mon, 10 Jan 2022 11:51:12 GMT
wyry10udexm.jpg
tn1.dreamies.de/img/84/p/
11 KB
12 KB
Image
General
Full URL
https://tn1.dreamies.de/img/84/p/wyry10udexm.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b2d0f0401b89ac8313607a3ccee129bd53f41cfae691144e140f074f31ddfbb1

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Tue, 04 Aug 2020 00:59:40 GMT
Server
Apache
ETag
"2d30-5ac02c517454c"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
11568
Expires
Mon, 10 Jan 2022 11:51:12 GMT
yga0o2f588x.jpg
tn1.dreamies.de/img/462/p/
15 KB
15 KB
Image
General
Full URL
https://tn1.dreamies.de/img/462/p/yga0o2f588x.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
9416bba6b9429794168aadb14f8ccd4e897426f775efe88d87315f2b94a08608

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:48:08 GMT
Server
Apache
ETag
"3c0a-5ac8ce9022180"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=90
Content-Length
15370
Expires
Mon, 10 Jan 2022 11:51:13 GMT
srl81bbyyhj.jpg
tn1.dreamies.de/img/46/p/
18 KB
19 KB
Image
General
Full URL
https://tn1.dreamies.de/img/46/p/srl81bbyyhj.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
0238ac150de3bb53511e646915cb6437c97c2f66e8ca8c63014087dea5818414

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Tue, 04 Aug 2020 06:49:41 GMT
Server
Apache
ETag
"49df-5ac07a8d9d47c"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
18911
Expires
Mon, 10 Jan 2022 11:51:12 GMT
g80mcywsck2.jpg
tn1.dreamies.de/img/126/p/
12 KB
12 KB
Image
General
Full URL
https://tn1.dreamies.de/img/126/p/g80mcywsck2.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
39e0a4c2e56c5f4da2d455f1d613673c7d7a51f7f49ec2ae85193f39a75f02e1

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:54:03 GMT
Server
Apache
ETag
"2fac-5ac8cfe290c08"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
12204
Expires
Mon, 10 Jan 2022 11:51:12 GMT
msc7ayzsrkw.jpg
tn1.dreamies.de/img/993/p/
13 KB
13 KB
Image
General
Full URL
https://tn1.dreamies.de/img/993/p/msc7ayzsrkw.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b844d80868577b54b66e1e848e71a58fa3b55f4c4b6ccbaeb537f1ad564f7ea2

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:52:22 GMT
Server
Apache
ETag
"331e-5ac8cf82c6b2b"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
13086
Expires
Mon, 10 Jan 2022 11:51:12 GMT
w5xqwvutzkw.jpg
tn1.dreamies.de/img/946/p/
19 KB
20 KB
Image
General
Full URL
https://tn1.dreamies.de/img/946/p/w5xqwvutzkw.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ab3d6fab81c5d118a00403ed1b87da111307e761c3c9c0742911380d2ab63068

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 22:07:51 GMT
Server
Apache
ETag
"4d78-5ac8d2f8a678c"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
19832
Expires
Mon, 10 Jan 2022 11:51:12 GMT
4gdeh7y28pw.jpg
tn1.dreamies.de/img/309/p/
28 KB
28 KB
Image
General
Full URL
https://tn1.dreamies.de/img/309/p/4gdeh7y28pw.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
3f7ce6be02f836eaa3a1040631360f8d129fb4b4f926ed0daf67ece34e8698e5

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:54:46 GMT
Server
Apache
ETag
"6f11-5ac8d00c73a50"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
28433
Expires
Mon, 10 Jan 2022 11:51:12 GMT
aiiov0oifvp.jpg
tn1.dreamies.de/img/251/p/
23 KB
23 KB
Image
General
Full URL
https://tn1.dreamies.de/img/251/p/aiiov0oifvp.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
675b94953fcba9ab8e04efdbd12a9f97f0a1051da5e9e3e6529c45604a100a9e

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:52:49 GMT
Server
Apache
ETag
"5b56-5ac8cf9c50357"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=95
Content-Length
23382
Expires
Mon, 10 Jan 2022 11:51:12 GMT
fl2s97u0pqk.jpg
tn1.dreamies.de/img/307/p/
10 KB
11 KB
Image
General
Full URL
https://tn1.dreamies.de/img/307/p/fl2s97u0pqk.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
29cf209b49d933654fcedb1a27dee5bfd728c53ca6e0c20bf3318738a684b81b

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:36:13 GMT
Server
Apache
ETag
"28bb-5ac8cbe631ab3"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=94
Content-Length
10427
Expires
Mon, 10 Jan 2022 11:51:13 GMT
czk8mxgnbs2.jpg
tn1.dreamies.de/img/298/p/
15 KB
15 KB
Image
General
Full URL
https://tn1.dreamies.de/img/298/p/czk8mxgnbs2.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
21129ab041a1c5934a7aa3ccfcd8c1afe1bddf59564ed135a79e62d39ec55b21

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:41:12 GMT
Server
Apache
ETag
"3a99-5ac8cd03d1350"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=92
Content-Length
15001
Expires
Mon, 10 Jan 2022 11:51:13 GMT
knxlhr8nofu.jpg
tn1.dreamies.de/img/644/p/
17 KB
18 KB
Image
General
Full URL
https://tn1.dreamies.de/img/644/p/knxlhr8nofu.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
10f60515e40e0a7c8211fb49b0245567ca8ec840de81e3f76f38559bd7be8cf2

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 22:03:44 GMT
Server
Apache
ETag
"4552-5ac8d20d46c0e"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
17746
Expires
Mon, 10 Jan 2022 11:51:12 GMT
60ox1tdwvk0.jpg
tn1.dreamies.de/img/578/p/
21 KB
21 KB
Image
General
Full URL
https://tn1.dreamies.de/img/578/p/60ox1tdwvk0.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
24cf882fe751a2910640494d39db788c0667561389d9b05dab1c792b0daf9dde

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:39:15 GMT
Server
Apache
ETag
"52a8-5ac8cc93f3b47"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=95
Content-Length
21160
Expires
Mon, 10 Jan 2022 11:51:13 GMT
4mlzckwq5pi.jpg
tn1.dreamies.de/img/315/p/
10 KB
10 KB
Image
General
Full URL
https://tn1.dreamies.de/img/315/p/4mlzckwq5pi.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e77d042ff7d8d72536ff5c408f56f137a47c8c4ffba9fdd4221d98966ed7d805

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 22:08:15 GMT
Server
Apache
ETag
"26f1-5ac8d30f4c24f"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=95
Content-Length
9969
Expires
Mon, 10 Jan 2022 11:51:12 GMT
dlibsw2khap.jpg
tn1.dreamies.de/img/45/p/
14 KB
14 KB
Image
General
Full URL
https://tn1.dreamies.de/img/45/p/dlibsw2khap.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ef87fa59546bb5ad91a463570a612f9a9655df735ff07b8e403f2e5bd0fde665

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:53:45 GMT
Server
Apache
ETag
"3639-5ac8cfd1839a7"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=93
Content-Length
13881
Expires
Mon, 10 Jan 2022 11:51:13 GMT
rz31kjydah0.jpg
tn1.dreamies.de/img/61/p/
17 KB
18 KB
Image
General
Full URL
https://tn1.dreamies.de/img/61/p/rz31kjydah0.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
4ef73d7aa2c3d54cff7a92b1281575780a16cd683174f2306adf060a8c0284d2

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:44:59 GMT
Server
Apache
ETag
"44f7-5ac8cddbc94e8"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=96
Content-Length
17655
Expires
Mon, 10 Jan 2022 11:51:12 GMT
ddhrup1r8ck.jpg
tn1.dreamies.de/img/820/p/
25 KB
25 KB
Image
General
Full URL
https://tn1.dreamies.de/img/820/p/ddhrup1r8ck.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
d7d1019f33ac8696d8f112a532c79ad5f67390563a0a39ec938fc0181d60e81a

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 22:07:30 GMT
Server
Apache
ETag
"6409-5ac8d2e45a382"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=94
Content-Length
25609
Expires
Mon, 10 Jan 2022 11:51:13 GMT
r3ubqudvpyr.jpg
tn1.dreamies.de/img/780/p/
10 KB
11 KB
Image
General
Full URL
https://tn1.dreamies.de/img/780/p/r3ubqudvpyr.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
0566408058824d7e2914d8dd919d022d672a332e0d9a0065477dd194f80ffd2e

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:45:17 GMT
Server
Apache
ETag
"291a-5ac8cded39c1e"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=96
Content-Length
10522
Expires
Mon, 10 Jan 2022 11:51:12 GMT
nv90xdv3a2y.jpg
tn1.dreamies.de/img/392/p/
15 KB
15 KB
Image
General
Full URL
https://tn1.dreamies.de/img/392/p/nv90xdv3a2y.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
aaab3d1f3cef83d7c4521b34f7ff26b0160cee8f0fe7435090e6333e23042876

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:48:22 GMT
Server
Apache
ETag
"3ad8-5ac8ce9e1ed55"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
15064
Expires
Mon, 10 Jan 2022 11:51:12 GMT
yd6uzql9m8q.jpg
tn1.dreamies.de/img/816/p/
16 KB
17 KB
Image
General
Full URL
https://tn1.dreamies.de/img/816/p/yd6uzql9m8q.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
003f0ae4a3783248b9c5815c1c38b4ecaf06ad0fa2308b6b317023771a806dda

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:50:38 GMT
Server
Apache
ETag
"40b7-5ac8cf1f4b365"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=96
Content-Length
16567
Expires
Mon, 10 Jan 2022 11:51:12 GMT
eseu0rn75pe.jpg
tn1.dreamies.de/img/232/p/
6 KB
6 KB
Image
General
Full URL
https://tn1.dreamies.de/img/232/p/eseu0rn75pe.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
65a07316415cbc4b4cfa137f5e2c4669a819498b641d19148538d0730464b178

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:51:49 GMT
Server
Apache
ETag
"1850-5ac8cf638766e"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
6224
Expires
Mon, 10 Jan 2022 11:51:12 GMT
y7g1in2lki6.jpg
tn1.dreamies.de/img/386/p/
23 KB
24 KB
Image
General
Full URL
https://tn1.dreamies.de/img/386/p/y7g1in2lki6.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b1e0c7eb86bd62284358ebf442058afe7c06afe7d3abb886a149e5517a561732

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Wed, 05 Aug 2020 22:05:28 GMT
Server
Apache
ETag
"5cb1-5ac2891cad1f6"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
23729
Expires
Mon, 10 Jan 2022 11:51:12 GMT
axnma0o1p2l.jpg
tn1.dreamies.de/img/365/p/
18 KB
19 KB
Image
General
Full URL
https://tn1.dreamies.de/img/365/p/axnma0o1p2l.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
cdbb2411dbcae7780fbfa08aa92faaa70aa14026947fe814262772a59419e25f

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:31:07 GMT
Server
Apache
ETag
"4977-5ac8cac282c77"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
18807
Expires
Mon, 10 Jan 2022 11:51:12 GMT
t675duu6st9.jpg
tn1.dreamies.de/img/286/p/
11 KB
12 KB
Image
General
Full URL
https://tn1.dreamies.de/img/286/p/t675duu6st9.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ecce7a752e990fc32d7f6b1aaaf32c82ec5adb3a796ec5c815008369a3f7458d

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:47:27 GMT
Server
Apache
ETag
"2d9e-5ac8ce698056e"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
11678
Expires
Mon, 10 Jan 2022 11:51:12 GMT
skr2sbgrkpu.jpg
tn1.dreamies.de/img/8/p/
15 KB
15 KB
Image
General
Full URL
https://tn1.dreamies.de/img/8/p/skr2sbgrkpu.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
246f738abf230439982eeaea35d65637c167cb5cbec1378e7918b8816e9881d7

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:43:13 GMT
Server
Apache
ETag
"3c3b-5ac8cd776089f"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=88
Content-Length
15419
Expires
Mon, 10 Jan 2022 11:51:13 GMT
zt8i17m8qog.jpg
tn1.dreamies.de/img/616/p/
20 KB
20 KB
Image
General
Full URL
https://tn1.dreamies.de/img/616/p/zt8i17m8qog.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
65062a02887252a9163fe45a5975906e2277cfda1bb182da7693671998bd818f

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:58:50 GMT
Server
Apache
ETag
"4fb0-5ac8d0f453a8b"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=95
Content-Length
20400
Expires
Mon, 10 Jan 2022 11:51:13 GMT
0emjbrxbd7j.jpg
tn1.dreamies.de/img/774/p/
23 KB
24 KB
Image
General
Full URL
https://tn1.dreamies.de/img/774/p/0emjbrxbd7j.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
bd596ec34b766ed4f098bb5f20a1f1613afb5730abdccea442b6e1252fac0b4c

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Mon, 10 Aug 2020 21:51:23 GMT
Server
Apache
ETag
"5dff-5ac8cf4a6a584"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=89
Content-Length
24063
Expires
Mon, 10 Jan 2022 11:51:13 GMT
8dv4p2m4fix.jpg
tn1.dreamies.de/img/916/p/
22 KB
22 KB
Image
General
Full URL
https://tn1.dreamies.de/img/916/p/8dv4p2m4fix.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
1e00b109caa528d0b5939891e8cb7bc4408361cf44bb3a0ec2938577b95dc50f

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 22:00:56 GMT
Server
Apache
ETag
"584b-5ac8d16d11e2f"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
22603
Expires
Mon, 10 Jan 2022 11:51:12 GMT
05cun3b97cj.jpg
tn1.dreamies.de/img/322/p/
9 KB
9 KB
Image
General
Full URL
https://tn1.dreamies.de/img/322/p/05cun3b97cj.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
9a49379e765da018c449ca3dfa9d2888da79117c2a8c7d68b73494825153baa7

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:40:10 GMT
Server
Apache
ETag
"243b-5ac8ccc890309"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
9275
Expires
Mon, 10 Jan 2022 11:51:12 GMT
namk9ydk35h.jpg
tn1.dreamies.de/img/112/p/
26 KB
26 KB
Image
General
Full URL
https://tn1.dreamies.de/img/112/p/namk9ydk35h.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
148e9e627f2f052d2859afe0fb7b8948243feb284b82a9f9533dafa8029d3085

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:41:34 GMT
Server
Apache
ETag
"688a-5ac8cd191aec1"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=93
Content-Length
26762
Expires
Mon, 10 Jan 2022 11:51:12 GMT
hkebh778cpf.jpg
tn1.dreamies.de/img/843/p/
5 KB
6 KB
Image
General
Full URL
https://tn1.dreamies.de/img/843/p/hkebh778cpf.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
063e81c05785c3cb672fbfb15caaca86187afbb22f044d77aec070f366135c7e

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 22:06:27 GMT
Server
Apache
ETag
"15bc-5ac8d2a89639c"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=96
Content-Length
5564
Expires
Mon, 10 Jan 2022 11:51:12 GMT
vxgu22kj3ka.jpg
tn1.dreamies.de/img/216/p/
22 KB
23 KB
Image
General
Full URL
https://tn1.dreamies.de/img/216/p/vxgu22kj3ka.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ee08dac2e9f5e2f0548bb8471d57c07b796dbdcb251c4290da12e2405d2d3801

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:34:56 GMT
Server
Apache
ETag
"58bf-5ac8cb9ce1c86"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
22719
Expires
Mon, 10 Jan 2022 11:51:12 GMT
fme7eicfbrt.jpg
tn1.dreamies.de/img/362/p/
14 KB
14 KB
Image
General
Full URL
https://tn1.dreamies.de/img/362/p/fme7eicfbrt.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.171.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
8352f20ee9fa8c887cb8e6aa6d7cf012bd1b87568736e18c52b5812b5cb27659

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 10 Aug 2020 21:37:43 GMT
Server
Apache
ETag
"3690-5ac8cc3cc8b6d"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=91
Content-Length
13968
Expires
Mon, 10 Jan 2022 11:51:12 GMT
djnpulcocymq.jpg
s1.dreamies.de/galerien/348/
7 KB
8 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/348/djnpulcocymq.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
90de4a7f225ae7727c447e811c19d249dbfa4bc9a62513329d635c25a9ccd9d2

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Sat, 06 Jan 2018 19:07:05 GMT
Server
Apache
ETag
"1daa-5622045518840"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=246
Content-Length
7594
Expires
Mon, 10 Jan 2022 11:51:11 GMT
kwyatduuhl4t.jpg
s1.dreamies.de/galerien/789/
10 KB
10 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/789/kwyatduuhl4t.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
07eb0651901da3f172322c6a8c9bf673cc7a11d18b8c6613cc19c4e23d5fcd17

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Sat, 22 Dec 2012 03:02:10 GMT
Server
Apache
ETag
"2874-4d16830a89080"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=248
Content-Length
10356
Expires
Mon, 10 Jan 2022 11:51:11 GMT
accfgoqda7zo.jpg
s1.dreamies.de/galerien/321/
8 KB
8 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/321/accfgoqda7zo.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
19db38ba3d79cf4b63ed4f34bd753d36f4c4a8a155610b7d7e5dcb6c377175f6

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Sat, 22 Dec 2012 03:11:51 GMT
Server
Apache
ETag
"1feb-4d1685349ebc0"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=244
Content-Length
8171
Expires
Mon, 10 Jan 2022 11:51:11 GMT
ahevtlkoefe4.jpg
s1.dreamies.de/galerien/742/
17 KB
18 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/742/ahevtlkoefe4.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
996e88028ba25113a025f983fd09325c32b2dc980863a8dc68b1c86bfde7ef6b

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Sat, 22 Dec 2012 04:11:42 GMT
Server
Apache
ETag
"44cf-4d16929543b80"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=248
Content-Length
17615
Expires
Mon, 10 Jan 2022 11:51:11 GMT
emrggnqu5u0g.jpg
s1.dreamies.de/galerien/350/
8 KB
8 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/350/emrggnqu5u0g.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
01d845b458775a7b8fdc5a8f35ba8b0e8e6152f820bd3ae118f5cb04f17f62db

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Wed, 22 Oct 2014 14:07:06 GMT
Server
Apache
ETag
"1f51-50603767b1680"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=248
Content-Length
8017
Expires
Mon, 10 Jan 2022 11:51:12 GMT
zsbishdkq8jg.jpg
s1.dreamies.de/galerien/546/
12 KB
12 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/546/zsbishdkq8jg.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
d4231edb6487ba242da33fb1ae515e822ace7d414b60d90dedd84825e29cb174

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Wed, 15 Apr 2015 19:07:03 GMT
Server
Apache
ETag
"2ed6-513c80d6a23c0"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=248
Content-Length
11990
Expires
Mon, 10 Jan 2022 11:51:12 GMT
vhlmtrvm7ua5.jpg
s1.dreamies.de/galerien/188/
8 KB
8 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/188/vhlmtrvm7ua5.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
83bac6f5c298a4cbe018756b0d038e329775f9707df2ea2fe97e3c26b6cb2daa

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Sat, 22 Dec 2012 03:13:45 GMT
Server
Apache
ETag
"1e82-4d1685a156c40"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=242
Content-Length
7810
Expires
Mon, 10 Jan 2022 11:51:12 GMT
mvodakobivpb.jpg
s1.dreamies.de/galerien/652/
8 KB
8 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/652/mvodakobivpb.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
0271a1ae9f75d45cd855de8dc31b9f5c031584b30b541eacf78953c293dd1f06

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Mon, 01 Jul 2013 06:07:03 GMT
Server
Apache
ETag
"1f98-4e06d098aefc0"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=247
Content-Length
8088
Expires
Mon, 10 Jan 2022 11:51:11 GMT
qxugbjao0grz.jpg
s1.dreamies.de/galerien/62/
10 KB
11 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/62/qxugbjao0grz.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
9a367c875e6b44fd8b5f4011049caffa067c0bab55126a6b6cbb8c26be697677

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Sat, 22 Dec 2012 05:44:28 GMT
Server
Apache
ETag
"2932-4d16a7516a700"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=243
Content-Length
10546
Expires
Mon, 10 Jan 2022 11:51:11 GMT
keghhcwqrg8r.jpg
s1.dreamies.de/galerien/786/
14 KB
14 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/786/keghhcwqrg8r.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
534f53b8851d9dbd2859c3c07a88a2f9227fe14ebda8bc57e1d06593522b0462

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Last-Modified
Sat, 22 Dec 2012 03:09:04 GMT
Server
Apache
ETag
"369e-4d1684955b400"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=245
Content-Length
13982
Expires
Mon, 10 Jan 2022 11:51:11 GMT
xidyssgy4p46.jpg
s1.dreamies.de/galerien/124/
11 KB
11 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/124/xidyssgy4p46.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
18b151eab3f42175d6f9992cdb762645ad661ab753c213cdb64b8a9091d25480

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Mon, 21 Jan 2013 14:07:12 GMT
Server
Apache
ETag
"2c31-4d3ccfa3e0400"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=248
Content-Length
11313
Expires
Mon, 10 Jan 2022 11:51:12 GMT
uaaofpwzdp63.jpg
s1.dreamies.de/galerien/471/
9 KB
10 KB
Image
General
Full URL
https://s1.dreamies.de/galerien/471/uaaofpwzdp63.jpg
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
d1645eee671170a803407d4eab8bcfe70cf56f8e88c85be3708cc3cf21df402a

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Last-Modified
Sat, 22 Dec 2012 04:15:27 GMT
Server
Apache
ETag
"24cf-4d16936bd75c0"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=248
Content-Length
9423
Expires
Mon, 10 Jan 2022 11:51:12 GMT
dsh
hb.adscale.de/
11 B
460 B
XHR
General
Full URL
https://hb.adscale.de/dsh
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.91.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
content-type
text/plain
access-control-allow-origin
https://www.dreamies.de
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
/
adx.adform.net/adx/
5 B
449 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc4NTEzMyZ0cmFuc2FjdGlvbklkPWVkYWJjMDhkLWUxZDUtNGYzMy05OTljLWI2ZmE2ZjA2MDRlNg%3D%3D&pt=gross&stid=9087f0a6-e02d-4766-97a7-ff072e3be643&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.dreamies.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
prg.smartadserver.com/prebid/
710 B
823 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
01db616244f2eb80b9b3cade8d98711b35767a5e50c8b435f8e20ba72e0dddc0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:10 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b27%3b84
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dreamies.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/
710 B
828 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b8934bb91ab65923e359a79932f0c12e36d456e12ea2b1e3c3c64a4a4e2f503a

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:10 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b27%3b72
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dreamies.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/
12 KB
4 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f61a548a3fbc7228225be0ec92dea49a5b282d56884fa266496b9b92abe2c864
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.236.42.67; 185.236.42.67; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5263a370-d21f-4e63-94b7-4b417166a9cc
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dreamies.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
session
prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/
0
57 B
XHR
General
Full URL
https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/session
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.199.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 14 Jul 2021 11:51:11 GMT
auction
prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/
0
58 B
XHR
General
Full URL
https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/auction
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.199.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 14 Jul 2021 11:51:11 GMT
rs_300250.php
as1.dreamies.de/ Frame 09E6
1 KB
810 B
Document
General
Full URL
https://as1.dreamies.de/rs_300250.php
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.98.152 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
de30d2e9f59c50988941be2f1a10f4a43c39027ad12574e655264c704a0ca3b8

Request headers

Host
as1.dreamies.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dreamies.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
dreamies_ab=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dreamies.de/

Response headers

Date
Wed, 14 Jul 2021 11:51:11 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Content-Length
485
Connection
close
Content-Type
text/html; charset=ISO-8859-1
rs_300250.php
as1.dreamies.de/ Frame 8EB8
764 B
730 B
Document
General
Full URL
https://as1.dreamies.de/rs_300250.php
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.98.152 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
840f913f3cae9407139b452ee9dd6b05604d1aad7855238b437e0bbc55ceb88e

Request headers

Host
as1.dreamies.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dreamies.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
dreamies_ab=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dreamies.de/

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Content-Length
405
Connection
close
Content-Type
text/html; charset=ISO-8859-1
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dreamies.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 18:26:10 GMT
x-content-type-options
nosniff
age
149101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 18:26:10 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dreamies.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 01:25:07 GMT
x-content-type-options
nosniff
age
123964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 01:25:07 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid_v3l/202003181643/
9 KB
5 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid_v3l/202003181643/wrap.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cdfd11eeff2c617a795c4e0404e2c9fe3a200bf0ea64dbde36737a7046e8a26

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Content-Encoding
gzip
Age
395
X-Cache
HIT
Connection
keep-alive
Content-Length
4026
x-amz-id-2
7db0AVQpnEfvuZE6ydwy4zXCHEzqXoWp7mr+I5uuUi9xfssQvcWYFpsX27LJWig6/Z2Ek6PXN6A=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Thu, 19 Mar 2020 13:45:42 GMT
Server
AmazonS3
X-Timer
S1626263472.216986,VS0,VE0
ETag
"3fd29b71b30816563db55ec396d140b6"
x-amz-request-id
FKJN1AZBGP8VVH7T
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
982
rs_72890.php
as1.dreamies.de/ Frame 49F3
907 B
820 B
Document
General
Full URL
https://as1.dreamies.de/rs_72890.php
Requested by
Host: s1.dreamies.de
URL: https://s1.dreamies.de/rs/js/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.98.152 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
79c51a2697708ce753a6ed997b3921a6403ef8a3edc027b42f76d66396965150

Request headers

Host
as1.dreamies.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dreamies.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
dreamies_ab=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dreamies.de/

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Content-Length
495
Connection
close
Content-Type
text/html; charset=ISO-8859-1
rs_160600.php
as1.dreamies.de/ Frame 79DE
764 B
730 B
Document
General
Full URL
https://as1.dreamies.de/rs_160600.php
Requested by
Host: s1.dreamies.de
URL: https://s1.dreamies.de/rs/js/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.98.152 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e9b9753fe268287e0cf1aa16f9035fc17abf6c9b055cee916fb6e5a2e0a0ff63

Request headers

Host
as1.dreamies.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dreamies.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
dreamies_ab=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dreamies.de/

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Content-Length
405
Connection
close
Content-Type
text/html; charset=ISO-8859-1
/
services.vlitag.com/uv/
13 B
710 B
XHR
General
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.dreamies.de%2F&mtk=12294
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=9606a3996ea764c9859669b987170dc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 14 Jul 2021 11:51:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B7mC2cPUIpMrX9R8zAjzdrB2Tadb2xxEPCfmg%2FbtJtZCyE1Q026Fvd1SzTGOKIvvsjP6sHjBbsYEB%2BVZ64vA6el%2BkvzH7FaUQwbGKNG0d8SUdbNWlS4oFr1ZVOfi06zZ1TgU3WwY0sNO3IpO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dreamies.de
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
66ea89a6cb1a2b16-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
9606a3996ea764c9859669b987170dc2.js
tag.vlitag.com/v1/1626188333/
497 KB
114 KB
Script
General
Full URL
https://tag.vlitag.com/v1/1626188333/9606a3996ea764c9859669b987170dc2.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=9606a3996ea764c9859669b987170dc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2336fe718d6f740c0132267637d1cfcf5929f7a4ae71f7eccddb097bb7dc8b5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
75135
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7Lrfg1NhqeNLv6KBc2dIZ84JrpoulRXx2pphdeY7%2F7Yx3oerKfimKRae10d3xjVH4q9OJpOIFQBEpflFkGxjHOehZmDuVFWR8bFHQTro5VRhis3S24b9benchTcX7qI18mfypR2znw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66ea89a6bff94e31-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/
267 KB
68 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626188333/9606a3996ea764c9859669b987170dc2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1779903
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DLUSlwDDdW9Jbdpm2uszLdjaMhXG5PYazxDfM7BN0Xgs8KhR%2FYL5ge3E9P4thqrGjJL506lrc0wd04hdRVpg2ObnnENb1mVdm117%2FBw6cuUsF62bbzsVB%2BtdaRmdo%2Bnm61aXRuBt8XEJ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
66ea89a749564e31-FRA
expires
Wed, 23 Jun 2021 21:56:07 GMT
prebid-v5.4.1.js
assets.vlitag.com/prebid/default/
444 KB
122 KB
Script
General
Full URL
https://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626188333/9606a3996ea764c9859669b987170dc2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07a6b6ca8a51419e3a69038e3923b0776bd8b7d7e395008b9c634b24f57514c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
278978
cf-polished
origSize=454509
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Sun, 11 Jul 2021 06:21:25 GMT
server
cloudflare
etag
W/"60ea8de5-6ef6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wPgGzzbfr7fwJZIVt17IVyua6mgfPgHaWUmwL4SdPZZWkmEYhjrzD%2FgRXODICEvilIWq63YoOHpIbhMiVbM5fv4rE9Lis2TJ5c%2B4p%2B6VS2nZXoPHddIH4iGO5EnWWvIUZf0TsCaT8LdgbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
66ea89a749504e31-FRA
expires
Sun, 11 Jul 2021 06:51:33 GMT
gpt.js
www.googletagservices.com/tag/js/
68 KB
24 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626188333/9606a3996ea764c9859669b987170dc2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afdf6aa9bf8a705163c9a6b0b84ff29cd5cbc9fa98448517d9dfc70b5efd4fd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"929 / 868 of 1000 / last-modified: 1626261094"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24152
x-xss-protection
0
expires
Wed, 14 Jul 2021 11:51:11 GMT
viPlayer_v45.min.js
assets.vlitag.com/plugins/vlPlayer/
13 KB
5 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v45.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626188333/9606a3996ea764c9859669b987170dc2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2571683
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 14 Jun 2021 17:20:56 GMT
server
cloudflare
etag
W/"60c78ff8-34ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fZF%2BmuN6qDcTWfaJHMkXUXjkdqPZ3rGA8pFALmKn%2B0C%2FYjk1Qaa1r2CLG7VDekIIzqCSyE%2FjXEZ%2FP%2F83tyDQOR%2FydeJL44XHpwlZUgEmMk%2BgJu80CEQ5k6bcTdjLon%2FH62annLEO5PGYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
66ea89a7494b4e31-FRA
expires
Mon, 14 Jun 2021 17:59:48 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
340 KB
117 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626188333/9606a3996ea764c9859669b987170dc2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119593
x-xss-protection
0
expires
Wed, 14 Jul 2021 11:51:11 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/
38 KB
16 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1626188333/9606a3996ea764c9859669b987170dc2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2574575
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gkjgoTIQqZL1DBufF9Ecuy4CE3qTiqvI%2FDU7QpnKQu8wc7GvUsJj9Nj5F73ExArqUybhGWRuTlQ3URmJpBHAwC2UX0O5NSvAT77nfN8IEMscFGV0UVfqDFJE0RhTxvQ4YQYGUeiNsaLHAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
66ea89a749584e31-FRA
expires
Mon, 14 Jun 2021 17:11:36 GMT
56669,56667,56651
ad.yieldlab.net/yp/ Frame 09E6
154 B
574 B
Script
General
Full URL
https://ad.yieldlab.net/yp/56669,56667,56651
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:11 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
129
Expires
Tue, 13 Jul 2021 11:51:11 GMT
adition.js
imagesrv.adition.com/js/ Frame 09E6
30 KB
8 KB
Script
General
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
acb94099df08c0f63ff7feff2c00a04210135b3902395dbd27941a2c4a6d27a9

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
br
last-modified
Wed, 16 Jun 2021 06:12:33 GMT
etag
"339535881-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
7981
js
adfarm1.adition.com/ Frame 09E6
1 KB
1 KB
Script
General
Full URL
https://adfarm1.adition.com/js?wp_id=2762854
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
ADITIONSERVER v1.0 /
Resource Hash
b99791a8c5635175c4eca9ef087357283f74b20167d58bf4ac6518dd98b97479

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 13:51:12 +0200
Content-Encoding
gzip
Server
ADITIONSERVER v1.0
Transfer-Encoding
chunked
P3P
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control
max-age=600
Connection
keep-alive
Content-Type
application/x-javascript
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2021070801.js
securepubads.g.doubleclick.net/gpt/
330 KB
115 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070801.js?31061777
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
b57cf4b2a6d028000ae47e3a3fc971356b6f098d8862acbf8e6d475d92702eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Jul 2021 08:38:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117436
x-xss-protection
0
expires
Wed, 14 Jul 2021 11:51:11 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
34 B
74 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dreamies.de
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
875f1ea3be76a5f9f5348719d2d5d39794d05a2c8c0135702c6c668e3b024c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Jul 2021 11:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50
x-xss-protection
0
expires
Wed, 14 Jul 2021 11:51:11 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210714
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c78928061282d676df07504970f09485ac928556d3d60a04bd122edf20e7af7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
31436
x-jsd-version
1.0.1037
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
941
etag
W/"6a3-QFT3uJE5giKxGMn+RuzloBWnjsM"
x-served-by
cache-fra19139-FRA
x-jsd-version-type
version
date
Wed, 14 Jul 2021 11:51:11 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
userconnect.js
js.adscale.de/
14 KB
5 KB
Script
General
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PU2jw1UpXYdxb7_s5N9z9C2Wbpw_NRZJ
content-encoding
br
last-modified
Sat, 10 Jul 2021 00:26:53 GMT
server
AmazonS3
age
5055
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 14 Jul 2021 10:26:56 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
qnPCauWIy_9matqCRpEgp5HYNOkKmZBZqscnRx_Hg76ORSJyecEfEQ==
userconnect
ih.adscale.de/
181 B
342 B
Script
General
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=9682701e-acf7-46d9-9d91-0fec4a25e31e&cbfn=stroeerCoreConnect&ts=1626263471460&umd=false&gdpr=1&gdpr_consent=&gdpr_version=2
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-length
181
content-type
application/javascript
map
ih.adscale.de/ Frame 1450
3 KB
3 KB
Document
General
Full URL
https://ih.adscale.de/map?format=display&ssl=1
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
08b6ea4980476a9ca414b09b29ad9a611d016948a764e8e406664046c4bdc9ef

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dreamies.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=d61dd404920146b285df4083a20fc93d; cct=1626263471384; ng=2#1509674951#27104391#89381
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dreamies.de/

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2646
set-cookie
tu=4#908621492#48~~451739~451739~1#101~~451739~451739~1#39~~451739~451739~1#40~~451739~451739~1#42~~451739~451739~1#75~~451739~451739~1#108~~451739~451739~1#63~~451739~451739~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None
nuggad
nugmw.userreport.com/rc-ap/5aeebb19-a87c-482e-b050-3d0d4422afa8/si.nuggad.net/
Redirect Chain
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
  • https://nugmw.userreport.com/rc-ap/5aeebb19-a87c-482e-b050-3d0d4422afa8/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
2 KB
2 KB
Script
General
Full URL
https://nugmw.userreport.com/rc-ap/5aeebb19-a87c-482e-b050-3d0d4422afa8/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1200:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1aa17d474b49573537199f259f77fe5957fe8aad7dde9aa89543cb487652e096

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
get, post, options
content-type
text/javascript
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
1852
x-amz-cf-id
gIExD74SEvzP0fIqRYmPynHhXv56Mi6HGZcJvLjmG1Uqou54aYN17w==

Redirect headers

date
Wed, 14 Jul 2021 11:51:11 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
get, post, options
location
https://nugmw.userreport.com/rc-ap/5aeebb19-a87c-482e-b050-3d0d4422afa8/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
0
x-amz-cf-id
CA5F71L33_IHpfpKw6EOwfrPrl989Ucm9P2-1El_cknmsX1obQYKtA==
match.js
js.adscale.de/ Frame 1450
4 KB
2 KB
Script
General
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
w7posiEOdDsV4fA8cMvB1saOlh6.Szzy
content-encoding
br
last-modified
Sat, 10 Jul 2021 00:26:53 GMT
server
AmazonS3
age
5056
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 14 Jul 2021 10:26:56 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
1boNmk-xltv8BP_Eh0JUr-XfS4EoDtm_v9vuqo2YOiiBX-cynBsWUA==
img
ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/ Frame 1450
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=d61dd404920146b285df4083a20fc93d&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=101&tpuid=BBID-01-03009774724896941-16339896
49 B
465 B
Image
General
Full URL
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=101&tpuid=BBID-01-03009774724896941-16339896
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Location
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=101&tpuid=BBID-01-03009774724896941-16339896
Date
Wed, 14 Jul 2021 11:51:12 GMT
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Transfer-Encoding
chunked
nuggad
ih.adscale.de/
49 B
266 B
Image
General
Full URL
https://ih.adscale.de/nuggad?/nvars/d7=2&d10=4&d2=6&d4=7&d11=2&d8=2&d9=4&d12=4&d1=1&d3=2
Requested by
Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:11 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif
56669,56667,56651
ad.yieldlab.net/yp/ Frame 49F3
154 B
574 B
Script
General
Full URL
https://ad.yieldlab.net/yp/56669,56667,56651
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_72890.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:12 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
129
Expires
Tue, 13 Jul 2021 11:51:12 GMT
multiad.php
ssl.adklick.de/ Frame 49F3
354 B
767 B
Script
General
Full URL
https://ssl.adklick.de/multiad.php?id=24046&data=c80e2e3dfd073a58a7868ba33aed57a9&site=25684&catid=23&auswahl=1&width=728&height=90
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_72890.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.136.189.31 , Germany, ASN41391 (CLUSTERS-AS, DE),
Reverse DNS
Software
Apache/2.2.22 (Debian) / PHP/5.4.4-14+deb7u8
Resource Hash
f21636c62b89301b5e606d67575596580c179540f970b8ee442744d13305cba6

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:15 GMT
Content-Encoding
gzip
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.4-14+deb7u8
Vary
Accept-Encoding
P3P
policyref="http://partners.adklick.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Content-Type
text/html
Content-Length
278
56669,56667,56651
ad.yieldlab.net/yp/ Frame 8EB8
154 B
574 B
Script
General
Full URL
https://ad.yieldlab.net/yp/56669,56667,56651
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:12 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
129
Expires
Tue, 13 Jul 2021 11:51:12 GMT
banner.php
view.webplexmedia.de/ Frame 8EB8
221 B
362 B
Script
General
Full URL
https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=4
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b91de2ff4353c3fd241fba92e56a44f0e1a34c58bffdc23b745d728c598e43cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
banner
adfarm1.adition.com/ Frame 09E6
954 B
1 KB
Script
General
Full URL
https://adfarm1.adition.com/banner?sid=2762854&adjsver=3&fvers=&iframe=1&ref=https%3A//www.dreamies.de/&ro=https%3A//as1.dreamies.de/rs_300250.php&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1263863774&ac=1&screen_res=6&prf[_TCF_ENABLED]=0&prf[_TCF_PP_PERSONAL]=0&wpt=J&clickurl=
Requested by
Host: adfarm1.adition.com
URL: https://adfarm1.adition.com/js?wp_id=2762854
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
ADITIONSERVER v1.0 /
Resource Hash
f16399146601769922cb0971ff136ca92c40843bc9a6f32fe03b58ffdd3c38b8

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 13:51:12 +0200
Content-Encoding
gzip
Server
ADITIONSERVER v1.0
Transfer-Encoding
chunked
P3P
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Expires
Sat, 01 Jan 2000 00:00:00 GMT
56669,56667,56651
ad.yieldlab.net/yp/ Frame 79DE
154 B
574 B
Script
General
Full URL
https://ad.yieldlab.net/yp/56669,56667,56651
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_160600.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:12 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
129
Expires
Tue, 13 Jul 2021 11:51:12 GMT
banner.php
view.webplexmedia.de/ Frame 79DE
221 B
362 B
Script
General
Full URL
https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=3
Requested by
Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_160600.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
88aa8a88b6067fc0f1a7deab60ebe597c3c847f0b06c840d2b00a9bffa1d4104
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
300x250
ad.yieldlab.net/d/56667/5653/ Frame 09E6
683 B
802 B
Script
General
Full URL
https://ad.yieldlab.net/d/56667/5653/300x250?id=2762854_1544577_5277337&ts=6984748426925769935
Requested by
Host: adfarm1.adition.com
URL: https://adfarm1.adition.com/banner?sid=2762854&adjsver=3&fvers=&iframe=1&ref=https%3A//www.dreamies.de/&ro=https%3A//as1.dreamies.de/rs_300250.php&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1263863774&ac=1&screen_res=6&prf[_TCF_ENABLED]=0&prf[_TCF_PP_PERSONAL]=0&wpt=J&clickurl=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
3722caddf62172aa87267cb3ae345d5594a01e378b40612cc0a998a1c8956a34

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:12 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
357
Expires
Tue, 13 Jul 2021 11:51:12 GMT
b2.php
view.webplexmedia.de/ Frame 3654
740 B
592 B
Document
General
Full URL
https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4efcba0f9c87558f05983085941c34d3b9b5e99cc2900d384748f8438ed061cc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
view.webplexmedia.de
:scheme
https
:path
/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as1.dreamies.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://as1.dreamies.de/

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:12 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
b2.php
view.webplexmedia.de/ Frame C6EB
740 B
593 B
Document
General
Full URL
https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=160&h=600&sid=867&size=3
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
2de905224b9efeddae92cba06370c788ccbff6007a15adcaff1af9d025eac571
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
view.webplexmedia.de
:scheme
https
:path
/b2.php?uid=333004898&e=0&s=0&p=0&w=160&h=600&sid=867&size=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as1.dreamies.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://as1.dreamies.de/

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:12 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
lg0.jpg
view.webplexmedia.de/ Frame 3654
1 KB
2 KB
Image
General
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame 6198
689 B
613 B
Document
General
Full URL
https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
986cc1d114617dff9d2270d370626d01229b10e3792ad35dc2122b890d11d0c7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
view.webplexmedia.de
:scheme
https
:path
/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:12 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
lg0.jpg
view.webplexmedia.de/ Frame C6EB
1 KB
2 KB
Image
General
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=160&h=600&sid=867&size=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame ADBF
1 KB
911 B
Document
General
Full URL
https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=3&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=160&h=600&sid=867&size=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4a3af12b279b4e2bf81201d368ce1109d23a44b08ad920d7d9aeabdeffc7fc4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
view.webplexmedia.de
:scheme
https
:path
/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=3&referrer=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:12 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
lg0.jpg
view.webplexmedia.de/ Frame 3654
1 KB
2 KB
Image
General
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame C6EB
1 KB
2 KB
Image
General
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=160&h=600&sid=867&size=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
adition.js
imagesrv.adition.com/js/ Frame 09E6
0
0

2x2
ad.yieldlab.net/d/6846326/766/ Frame 09E6
22 B
492 B
Script
General
Full URL
https://ad.yieldlab.net/d/6846326/766/2x2?ts=654528932&consent=
Requested by
Host: ad.yieldlab.net
URL: https://ad.yieldlab.net/d/56667/5653/300x250?id=2762854_1544577_5277337&ts=6984748426925769935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
977db676822d169898477bb8d00fad87112543cb4ad505a1cc6a864a0fe7cad5

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:12 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
48
Expires
Tue, 13 Jul 2021 11:51:12 GMT
m
ad.yieldlab.net/ Frame 09E6
0
360 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=739302&ext_id=1&gdpr_consent=
Requested by
Host: ad.yieldlab.net
URL: https://ad.yieldlab.net/d/56667/5653/300x250?id=2762854_1544577_5277337&ts=6984748426925769935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as1.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Tue, 13 Jul 2021 11:51:12 GMT
js
adfarm1.adition.com/ Frame 09E6
0
0

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1450
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=73d85ad267bcd64fbfd84bf...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
49 B
488 B
Image
General
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Jul 2021 11:51:11 GMT
57fgjj6v.js
ad4m.at/ Frame ADBF
50 KB
15 KB
Script
General
Full URL
https://ad4m.at/57fgjj6v.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=3&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date
Wed, 14 Jul 2021 11:51:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
85176
cf-polished
origSize=51099
x-guploader-uploadid
ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 14 Jun 2021 12:10:52 GMT
server
cloudflare
etag
W/"74122576aed15d7733ede69522f341f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TzKMdDBsE3MthspDH6i3E4SWko9%2FYXf5neFYGlWwheeVEtM7onZudOsI%2F%2F5gk%2BbgBBAAwvo2FW6nUwA5OzeFguIv5KVD%2BPNOO4C8K9DGimc2cKEYt9xVi0GjXRDVwO27"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672651995370
content-type
application/javascript; charset=utf-8
expires
Tue, 13 Jul 2021 12:11:36 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
16036
cf-ray
66ea89b1bdf72bca-FRA
cf-bgj
minify
ad.js
qualigo.com/doks/ Frame ADBF
15 KB
3 KB
Script
General
Full URL
https://qualigo.com/doks/ad.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=3&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
16758a225d7715173e4374a9f8d10e782981d79a2200b703f19cdc578f33e820
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jan 2020 07:49:58 GMT
Server
Apache/2.4.10 (Debian)
ETag
"3b57-59cde0112f710-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15552000; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2992
57fgjj6v.js
ad4m.at/ Frame 6198
50 KB
16 KB
Script
General
Full URL
https://ad4m.at/57fgjj6v.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date
Wed, 14 Jul 2021 11:51:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
85176
cf-polished
origSize=51099
x-guploader-uploadid
ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 14 Jun 2021 12:10:52 GMT
server
cloudflare
etag
W/"74122576aed15d7733ede69522f341f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I7MdEnk8PJBz8FsTCGbrvNMPmJYzVxZ%2BGg%2FnqbuHZgZRzPO7JpwP5yjso%2FwOzrJzle5nPwj6EopFgnLdl%2F6yeWU1lt%2BA68f%2FfEKdHwti02G6lxoyH78parLqdy8fOP5N"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672651995370
content-type
application/javascript; charset=utf-8
expires
Tue, 13 Jul 2021 12:11:36 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
16036
cf-ray
66ea89b1bdf82bca-FRA
cf-bgj
minify
api.php
media.beruf.biz/ Frame D11F
193 B
332 B
Document
General
Full URL
https://media.beruf.biz/api.php?size=3
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
2300c2eb228abfa53d652ea88540b3dee7d594f5c4b6203b5b3cf48ff54fef30
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
media.beruf.biz
:scheme
https
:path
/api.php?size=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.webplexmedia.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://view.webplexmedia.de/

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
frame.html
ad4m.at/ Frame 0A5C
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.webplexmedia.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://view.webplexmedia.de/

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Wed, 14 Jul 2021 12:51:12 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1781715
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5UfMfNyznnSVk8l5uGv3OfYMzvzNiRV6QFuvJj0lx4i5v2RI61JQWilgOU0cSemTSUb4pqNGU%2FNfW9qgK0mKRj6kGJwYmOy2oebaViuuG3af2QzFBqo5e4R77ExL7E%2Bx"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
66ea89b20b0b4e9e-FRA
content-encoding
br
frame.html
ad4m.at/ Frame 87E1
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.webplexmedia.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://view.webplexmedia.de/

Response headers

date
Wed, 14 Jul 2021 11:51:12 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Wed, 14 Jul 2021 12:51:12 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1781715
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9IBaLpS%2FqJCsDnHIL0WQsx41moH0QyeAcAG0W46ozNVnqHMR%2Filsm88nYgd4Vx%2FBjUt54ITRt9gsubSpBtiAbwzne0jAg9HKLpqE%2F2YlA8HpxN63%2Btv2AQSJkwOcGwkS"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
66ea89b20b074e9e-FRA
content-encoding
br
rs
ad4m.at/ Frame ADBF
427 B
878 B
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fcbb9e74baed7e737ea0fce2c65cd1bd4fc5677c7c493971116582fc49be5b

Request headers

Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
66ea89b288a53140-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8t2%2BiJsnj9FaRpdv69795MRCw6y0U1j0JW0H9WqUiA%2FniKzK0wHCM5rsC7jzKG1s2WjNEaiQF2JQBbxU5HwfjVJTpyozVpJmKdtJUf65evTpEegHU7nbRZH4v8X6HJBx"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://view.webplexmedia.de
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
rs-rvz5
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3-29
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://view.webplexmedia.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://view.webplexmedia.de
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-rvz5
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4CqGHnirYYIyyvZouvMQu%2FK4zUUf7IsEKeao5DbWfjlhWCHJvTMl4rMHZbuj80%2FVJ%2F0dXzoc0oqnOt6wOOCR96gp2EYRm4TlgFl1DHgLVmCVDint5Q1WRFN5XcavZUn4"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66ea89b258503140-FRA
rs
ad4m.at/ Frame 6198
428 B
886 B
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a41ffdbbf06845fff8a3f4e2ad471e64947ba09eda47409d85cda9fb42b8708

Request headers

Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
66ea89b2889e3140-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J%2F8YRgtPp2%2B1u0kpl3stuGZg65hMRREsokD15n%2Bc6qhaXZn9hrfVtQG3BCngvQyT83p%2FGGEx8Wq64Wtko3o2hxJnBlEA5MrcknALVjuuTWRf6%2FWvR2mV7j91fL%2F4r3j7"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://view.webplexmedia.de
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
rs-rvz5
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3-29
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://view.webplexmedia.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://view.webplexmedia.de
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-rvz5
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KvaUOrMFzlicVyryFvSNgoI9xyUuGkx5pNkY%2BRPqTu%2BQeO4U%2Fg%2B%2BNVkkvfoCdztoZ3M7zka9sQ2joDwZxw1QQCJuEqzXekMZpeKiN9I5Dmgn4M8mWa%2BP1mG3OpnQO5qy"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66ea89b2584e3140-FRA
rar
as.ad4m.at/ad/ Frame 313E
6 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb1827143cc749fc9d3a14e56b5ea6175033be72ec8971fc553cbd4dab4fb15
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.webplexmedia.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://view.webplexmedia.de/

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66ea89b2b88f2bca-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame 49F5
6 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477f17e04c5614fafb76a903e4f9a61ade47b13b2a87c08941c5362a0f802618
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.webplexmedia.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://view.webplexmedia.de/

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66ea89b2b89c2bca-FRA
content-encoding
br
img
ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/ Frame 1450
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b6203746b3d36440%2F1626263471827%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=75&tpuid=9167451645549144546
49 B
499 B
Image
General
Full URL
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=75&tpuid=9167451645549144546
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:13 GMT
X-Proxy-Origin
185.236.42.67; 185.236.42.67; 832.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
913565c6-0f53-40b3-9410-3b3047ee16bc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=75&tpuid=9167451645549144546
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
media.beruf.biz/ Frame D11F
438 B
426 B
Document
General
Full URL
https://media.beruf.biz/?sess=2qV0%2F7TSeA2uYkmSCTz3Id2jduB6myrooF0t60GgZeU%3D
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
74431153bf92c1594fee9626c9d14da37492e9f3ccf0932e376cce4037541822
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
media.beruf.biz
:scheme
https
:path
/?sess=2qV0%2F7TSeA2uYkmSCTz3Id2jduB6myrooF0t60GgZeU%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 313E
64 KB
7 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
182811
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
66ea89b2ed7e4e9e-FRA
expires
Wed, 14 Jul 2021 12:51:13 GMT
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 313E
12 KB
12 KB
Image
General
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
661052
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdtZ8h-Bnv-A8XxIrNSa25NVhj2BWxx3JhgIMMmAW69wRNTUR9lPGev504JvsYeeBFoM7v1LTNIAqRlBidAV8EZZe1qarg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G0Z8kAtGNSyBBuNX89P19mP0nW6cMQwbo3Z%2FDYsPMMKXt2Ivs2uE%2FJUmShtSYjm9DNzIhwaGeUS86U7ZkPjRwoAk3A%2BOEbzuwFaIg5pOgFCRTENtZQF9LGVTXrUXBDjEmbElCSxe5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
66ea89b2e9222bca-FRA
cf-bgj
imgq:85,h2pri
923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 313E
10 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1022640
cf-polished
qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid
ADPycdvTmCmAav2YP-0KbTU-pyv9yOICGDqJKQpta-nVyAFvzcMh3gtVcLa2SKjESwYy9qWQ2TmKooF-IfD6y5LdxGg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10372
last-modified
Fri, 18 Sep 2020 09:05:40 GMT
server
cloudflare
etag
"0d69fd9136fbb169fa63568d6c765a6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jBujhCbNumjmLW4pHT%2F36UdIAsGpEyP0ysnKfrAVFGx4m%2BTPSdoFYEKUY3Ouatzmo4ifN%2BdlIO9VB7Jpm24t92cUvfJMEOIgeWWY3LEVawCSIkSwKqeihsdQb2TSZ3TLwu0jHYc08A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600419940053465
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12438
accept-ranges
bytes
cf-ray
66ea89b2e91e2bca-FRA
cf-bgj
imgq:85,h2pri
DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
assets.ad4m.at/logo/ Frame 313E
17 KB
18 KB
Image
General
Full URL
https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a8cf463d8af865cc28bd6d81d41134e809375632eef8823768b460ce8e6e7c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=LGKJgg==, md5=Ei5zIqWPShlUxwtKF9+vsw==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1021837
cf-polished
origFmt=png, origSize=29332
x-guploader-uploadid
ADPycdsWBz9lw-maDU-lfTkb2moxMw4aJ7jvd0gKlj4PInukS6qD4WuHKZ1qFBj4x-fphU8brk5IjGj3HJiivr0ugdmklC4Hvw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17118
last-modified
Wed, 13 May 2020 13:33:22 GMT
server
cloudflare
etag
"122e7322a58f4a1954c70b4a17dfafb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vBH4VGXkJLCbgVpsY8G6cYEluq%2BUx9lmEHotpyzAFE4u%2FNZeQ5FJFDOq5ed35cLTL7IzLrnonGGowCwmYgtGN4NoX6ZJOssiczroHhRba56fugavJ6cTCFS%2B7risLVK3ccb4aJhobw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589376802466357
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29332
accept-ranges
bytes
cf-ray
66ea89b2e9242bca-FRA
cf-bgj
imgq:85,h2pri
0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
assets.ad4m.at/product_image/ Frame 313E
173 KB
174 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e32ef435211e0c76ed41d7c05246cb68d456f7a5f3632a75ceaf59ba8bca139e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=9lWGdA==, md5=6T5fEe/PNRZQbAIrbdpBHQ==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
663222
cf-polished
origFmt=png, origSize=270249
x-guploader-uploadid
ADPycduAKxaxuVEYh7DNsIxNfdR28NRB1kGUKcXJpPjondHhmc6N432F0anf8yMMRVGHCxhKmQK5zuObiEbwUnnpDwQNn-kJgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
177030
last-modified
Tue, 13 Oct 2020 11:03:48 GMT
server
cloudflare
etag
"e93e5f11efcf3516506c022b6dda411d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LFbao1t2KAyx4rpg7flVVTJVVM0QagcEDjpdvqBDc61uQiaAlU3pRXl3jdt%2BTgW12hydZyVGtQAVXn4Nk%2BokeoRUDP%2BXIsk81fvPvJOYk3U9G8vJchxw%2FhnKkkZeaLAkrIKZRHuJVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1602587028244722
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
270249
accept-ranges
bytes
cf-ray
66ea89b2e9272bca-FRA
cf-bgj
imgq:85,h2pri
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 313E
53 KB
54 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
662763
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtDvXrLGlA14wCVPhRsHG0oxS6asgyL4f1iL1EDSdKjOq816Scmb-G6oIBtkW_AcUF534Xm3Mok3PDp6TAkU6aH2Y8IdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iK65bvFp8vKQatOgaSttqTaLGBvsqGj4ESCVvSZa2amt%2BGl2dP16ZzQ7ViN26dYAokThzdh8gGPPPZ56mf5HJ7DhtFra%2BDkKlmY6dwA5Zj1mKh42fG%2FEVz%2B8XLzrFozqQS3FIpMCfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
66ea89b2e92b2bca-FRA
cf-bgj
imgq:85,h2pri
26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
assets.ad4m.at/product_image/ Frame 313E
31 KB
32 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UIcfng==, md5=WdNWx4gdrvbwTy1Z36jlTw==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1021808
cf-polished
qual=85, origFmt=jpeg, origSize=80186
x-guploader-uploadid
ADPycduC0lDZjMdjoSwjJDEVU2W6qkGaSEvZLo0LUJ2CVGzMGoIYJi2nDu93wG6PVpPspOLKtiUsBr-A-jwyBt2xhiE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
31900
last-modified
Wed, 10 Feb 2021 09:05:09 GMT
server
cloudflare
etag
"59d356c7881daef6f04f2d59dfa8e54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F8Q%2BumY2tglYJeM8ZETCEt9FIY2w2%2B7XsApnvwSRcrOXeSgchCc6roSrbFsNw7PxD9lWti5Qzv40L1qEALutMvLR8cZspddHkCZYmoXpFXPtFm%2FkMpnSz6FL6BF8DKXwskAbOQ0tEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612947909004757
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
80186
accept-ranges
bytes
cf-ray
66ea89b2e92d2bca-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 313E
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021071413511652810657371X117679V1226132702MSoneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_a...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202107141351165281065...
43 B
741 B
Image
General
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021071413511652810657371X117679V1226132702MSoneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021071413511652810657371X117679V1226132702MSoneidARztYfqf7W2CAHRH4tktMMEUMtbtDJdoneid__webplexmedia_advancedad_300x250&wfid=117679
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 49F5
64 KB
7 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
182811
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
66ea89b30dc34e9e-FRA
expires
Wed, 14 Jul 2021 12:51:13 GMT
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 49F5
12 KB
13 KB
Image
General
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
661052
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdtZ8h-Bnv-A8XxIrNSa25NVhj2BWxx3JhgIMMmAW69wRNTUR9lPGev504JvsYeeBFoM7v1LTNIAqRlBidAV8EZZe1qarg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zu%2FYpfA19u%2BDRfp7mjM%2F5eebGkTJJ2JlqysRlnH8TiU3V5aDa2esuu%2B4ANQPUC7vcgeQlJRbOXI7xpqAY0YmC2%2FZzBJGIImfTgbBQUzuklkEo8yMRghuaPk1sWpjXeFz2okE96mqTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
66ea89b309802bca-FRA
cf-bgj
imgq:85,h2pri
923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 49F5
10 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1022640
cf-polished
qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid
ADPycdvTmCmAav2YP-0KbTU-pyv9yOICGDqJKQpta-nVyAFvzcMh3gtVcLa2SKjESwYy9qWQ2TmKooF-IfD6y5LdxGg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10372
last-modified
Fri, 18 Sep 2020 09:05:40 GMT
server
cloudflare
etag
"0d69fd9136fbb169fa63568d6c765a6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=up7hDuF2coDgYd16%2FABvJCYdqEOmt4MzpBANGl4SNT7lCobg3uoBAdGdOxTcNya2XkfE2bCuK6uYC%2FVHx%2FOoCsBSF6rmpXBJrG7O%2FP64XFi1DoxPxrilONZwfWe4n7ME1BN5rvKbXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600419940053465
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12438
accept-ranges
bytes
cf-ray
66ea89b309832bca-FRA
cf-bgj
imgq:85,h2pri
DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
assets.ad4m.at/logo/ Frame 49F5
17 KB
17 KB
Image
General
Full URL
https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a8cf463d8af865cc28bd6d81d41134e809375632eef8823768b460ce8e6e7c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=LGKJgg==, md5=Ei5zIqWPShlUxwtKF9+vsw==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1021837
cf-polished
origFmt=png, origSize=29332
x-guploader-uploadid
ADPycdsWBz9lw-maDU-lfTkb2moxMw4aJ7jvd0gKlj4PInukS6qD4WuHKZ1qFBj4x-fphU8brk5IjGj3HJiivr0ugdmklC4Hvw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17118
last-modified
Wed, 13 May 2020 13:33:22 GMT
server
cloudflare
etag
"122e7322a58f4a1954c70b4a17dfafb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GBF72s36zTsQJuGO43V4EiBLl%2FqWQvQlrUQorwii4I0fDXHMOadDSRnrSBiVPuf%2FBE66uN0oBFlGoLAu6KwaDamXdsg62vu1Yi7cKavGEyFjOXqJ%2FSQl3vvXjYgznCTS5CHyYHRw%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589376802466357
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29332
accept-ranges
bytes
cf-ray
66ea89b309842bca-FRA
cf-bgj
imgq:85,h2pri
0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
assets.ad4m.at/product_image/ Frame 49F5
173 KB
174 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e32ef435211e0c76ed41d7c05246cb68d456f7a5f3632a75ceaf59ba8bca139e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=9lWGdA==, md5=6T5fEe/PNRZQbAIrbdpBHQ==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
663222
cf-polished
origFmt=png, origSize=270249
x-guploader-uploadid
ADPycduAKxaxuVEYh7DNsIxNfdR28NRB1kGUKcXJpPjondHhmc6N432F0anf8yMMRVGHCxhKmQK5zuObiEbwUnnpDwQNn-kJgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
177030
last-modified
Tue, 13 Oct 2020 11:03:48 GMT
server
cloudflare
etag
"e93e5f11efcf3516506c022b6dda411d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tyEgj%2FiFK3DLVPfHvP3lvG6Ga0bxyOmMGq1zUKxGFIxPgFB5knijZ%2Bz4G1P1sAKoZeTbb1RCVGPBxhGiF%2BjKEAkTEtZZXQZ7KUYDyxPiQE0O2fmLqJ02z2TzhIc%2FsD6odxwFEyR1dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1602587028244722
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
270249
accept-ranges
bytes
cf-ray
66ea89b30dd34e9e-FRA
cf-bgj
imgq:85,h2pri
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 49F5
53 KB
54 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
662763
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtDvXrLGlA14wCVPhRsHG0oxS6asgyL4f1iL1EDSdKjOq816Scmb-G6oIBtkW_AcUF534Xm3Mok3PDp6TAkU6aH2Y8IdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oly4VdczMx4YWK%2BfME7G5Wm9xcB8ET7di6EQ%2BFJNFHk49%2FPO7osnu8xQqONJ%2BiBahCnn0xwig2avYFd52QFAbup4xQa0yZ2IE%2FcYNMKN2jfLuiY%2BLnLhjE3xdQy5cmCU8XdyL7dp8A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
66ea89b30dd74e9e-FRA
cf-bgj
imgq:85,h2pri
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame 49F5
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=xKcLcA==, md5=LqUh6dMvJZgb+FCIIELoIQ==
date
Wed, 14 Jul 2021 11:51:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1013373
cf-polished
qual=85, origFmt=jpeg, origSize=29501
x-guploader-uploadid
ADPycdvY-CgmXy5QKbjlA8dxG5NClEy-INHBok9g2jUhyfd_Zl9nHayowgNbyNOeCKGIGqlLKm68uIdkYRfu12M1Af4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15016
last-modified
Mon, 06 Apr 2020 13:24:35 GMT
server
cloudflare
etag
"2ea521e9d32f25981bf850882042e821"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=37Hp5UouuN0U37RKyXnW78q%2BfjPrB7Mmyi6xKSZQfssnycecN3Et5eF6XFwuLC78m9pnn6qwVOkh7H6LzfDyU6vFbq%2FZm8lZNk%2FVFQfWDq5Ek7SbpndCQn69ZMSTA1gI8o9Q3g6Hsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586179475532187
content-type
image/webp
expires
Thu, 15 Jul 2021 11:51:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29501
accept-ranges
bytes
cf-ray
66ea89b30dda4e9e-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 49F5
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021071413511652810657375X117679V1226132702MSoneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_a...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202107141351165281065...
43 B
741 B
Image
General
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021071413511652810657375X117679V1226132702MSoneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021071413511652810657375X117679V1226132702MSoneide2Xh3fVfR1WUjHZHet1t445H7tbtxrqoneid__webplexmedia_advancedad_160x600&wfid=117679
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
Cookie set iframe_banner.php
qualigo.com/doks/ Frame 26FC
3 KB
1 KB
Document
General
Full URL
https://qualigo.com/doks/iframe_banner.php?ds=33651&subds=qualigo_com&cat=&search=qualigo&wo=de&m=de&erotic=0&bc_lid=&dc_wi=&af_site=&af_ref=&af_subid=&af_tnb=&aw_id=&aw_gid=&aw_linkid=&aw_mid=&format=ad_160x600&target=0&sponsoredby=1&images=&track=&trackingurl=&col_headline=0000a0&col_text=404040&col_url=808080&col_bg=f2f2f2&col_border=858585&deep_ref=&prnt_ref=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D333004898%26e%3D0%26s%3D0%26p%3D0%26sid%3D867%26size%3D3%26referrer%3D
Requested by
Host: qualigo.com
URL: https://qualigo.com/doks/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
9c170bac7bdb51042712275545a85f282f9cb5f447f2f8531c754aebe2f834fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Host
qualigo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://view.webplexmedia.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://view.webplexmedia.de/

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Server
Apache/2.4.10 (Debian)
Strict-Transport-Security
max-age=15552000; preload
Set-Cookie
PHPSESSID=a02426gcln5dtc4i91tol9hn3g; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1009
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
link.html
track.webgains.com/ Frame 313E
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
340c6ac58ed4412fa6dcb546892bd483d9599a1fe6ecfa9275331a4131b1f6d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:13 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 313E
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2100045&wgcampaignid=1384975&js=1&nw=1&clickref=oneidkZjU5f3fb2Et4HwHetmC9jdTPtmtp3Voneid__webplexmedia_advancedad_300x250&viewref=oneidKAzuRfZf13YT5HMHktPtZpkfKtrtwQroneid__webplexmedia_advancedad_300x250&cp=776764804&origsource=https://view.webplexmedia.de/
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
acc1139635f969f035a045518919109f4030deffa24e92cd8f10d1eecaf4b89b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:13 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
media.beruf.biz/ Frame D11F
287 B
363 B
Document
General
Full URL
https://media.beruf.biz/?sess=2qV0%2F7TSeA2uYkmSCTz3Ib10HcZO7%2F4VbB30feFGXnE%3D
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/?sess=2qV0%2F7TSeA2uYkmSCTz3Id2jduB6myrooF0t60GgZeU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
fee71d69bb9b1d213e686a0403133dece40743310999f717ad5ec11025998532
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
media.beruf.biz
:scheme
https
:path
/?sess=2qV0%2F7TSeA2uYkmSCTz3Ib10HcZO7%2F4VbB30feFGXnE%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
link.html
track.webgains.com/ Frame 49F5
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_160x600&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
98841fb393b5cbc420e68ab6e94bab5aa663f1d05c2e8c3e552024cc2af6a29d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:13 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 49F5
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2100045&wgcampaignid=1384975&js=1&nw=1&clickref=oneidkZjU5f3fb2Et4HwHetmC9jdTPtmtp3Voneid__webplexmedia_advancedad_160x600&viewref=oneidKAzuRfZf13YT5HMHktPtZpkfKtrtwQroneid__webplexmedia_advancedad_160x600&cp=409528357&origsource=https://view.webplexmedia.de/
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
56fb1247eb1a98a7d818e7bc457120aad9e67c41cd86bd3195dfeab594f650b6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:13 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:13 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
media.beruf.biz/tags/3001/ Frame 95BA
175 B
320 B
Document
General
Full URL
https://media.beruf.biz/tags/3001/index.html
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/?sess=2qV0%2F7TSeA2uYkmSCTz3Ib10HcZO7%2F4VbB30feFGXnE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
3542daa0b3f160db6a743090522c670275cf13222bafcfca2a83268e27b06b0f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
media.beruf.biz
:scheme
https
:path
/tags/3001/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://media.beruf.biz/?sess=2qV0%2F7TSeA2uYkmSCTz3Ib10HcZO7%2F4VbB30feFGXnE%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://media.beruf.biz/?sess=2qV0%2F7TSeA2uYkmSCTz3Ib10HcZO7%2F4VbB30feFGXnE%3D

Response headers

server
nginx
date
Wed, 14 Jul 2021 11:51:13 GMT
content-type
text/html
last-modified
Thu, 17 Jun 2021 02:27:36 GMT
etag
W/"60cab318-af"
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
Cookie set question
qualigo.com/de/ Frame F473
6 KB
2 KB
Document
General
Full URL
https://qualigo.com/de/question
Requested by
Host: qualigo.com
URL: https://qualigo.com/doks/iframe_banner.php?ds=33651&subds=qualigo_com&cat=&search=qualigo&wo=de&m=de&erotic=0&bc_lid=&dc_wi=&af_site=&af_ref=&af_subid=&af_tnb=&aw_id=&aw_gid=&aw_linkid=&aw_mid=&format=ad_160x600&target=0&sponsoredby=1&images=&track=&trackingurl=&col_headline=0000a0&col_text=404040&col_url=808080&col_bg=f2f2f2&col_border=858585&deep_ref=&prnt_ref=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D333004898%26e%3D0%26s%3D0%26p%3D0%26sid%3D867%26size%3D3%26referrer%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
46dd51cc462cdea5ac65c45863e5fb44fc3042aa05c7aad22ed2995646828f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Host
qualigo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://qualigo.com/doks/iframe_banner.php?ds=33651&subds=qualigo_com&cat=&search=qualigo&wo=de&m=de&erotic=0&bc_lid=&dc_wi=&af_site=&af_ref=&af_subid=&af_tnb=&aw_id=&aw_gid=&aw_linkid=&aw_mid=&format=ad_160x600&target=0&sponsoredby=1&images=&track=&trackingurl=&col_headline=0000a0&col_text=404040&col_url=808080&col_bg=f2f2f2&col_border=858585&deep_ref=&prnt_ref=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D333004898%26e%3D0%26s%3D0%26p%3D0%26sid%3D867%26size%3D3%26referrer%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://qualigo.com/doks/iframe_banner.php?ds=33651&subds=qualigo_com&cat=&search=qualigo&wo=de&m=de&erotic=0&bc_lid=&dc_wi=&af_site=&af_ref=&af_subid=&af_tnb=&aw_id=&aw_gid=&aw_linkid=&aw_mid=&format=ad_160x600&target=0&sponsoredby=1&images=&track=&trackingurl=&col_headline=0000a0&col_text=404040&col_url=808080&col_bg=f2f2f2&col_border=858585&deep_ref=&prnt_ref=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D333004898%26e%3D0%26s%3D0%26p%3D0%26sid%3D867%26size%3D3%26referrer%3D

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Server
Apache/2.4.10 (Debian)
Strict-Transport-Security
max-age=15552000; preload
Set-Cookie
PHPSESSID=nulsjk6t2ojsfv9hqa4cfi695a; path=/ qualigo_test=1626263473; path=/; expires=Wed, 14-Jul-2021 13:51:13 UTC; secure; HostOnly; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate no-store
Pragma
no-cache
X-App-Runtime
0.025 sec
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1382
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
gen.js
ads.themoneytizer.com/s/ Frame 95BA
4 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
2127
expires
Thu, 15 Jul 2021 11:50:44 GMT
requestform.js
ads.themoneytizer.com/s/ Frame 95BA
464 B
474 B
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=78618&formatId=2
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
439f17450717c29a46c73c412bfb2dc2eee41ea202ace0245aee854c21a91504

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
286
expires
Thu, 15 Jul 2021 11:51:14 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1450
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=d5cb5e9e1f46bc6662a1db610...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsi...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YO7PuB6OJc01OPJIEsHDXwAA%26711
49 B
360 B
Image
General
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YO7PuB6OJc01OPJIEsHDXwAA%26711
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:20 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YO7PuB6OJc01OPJIEsHDXwAA%26711
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
298
Expires
Wed, 14 Jul 2021 11:51:20 GMT
bootstrap.css
qualigo.com/lib/bootstrap/dist/css/ Frame F473
143 KB
21 KB
Stylesheet
General
Full URL
https://qualigo.com/lib/bootstrap/dist/css/bootstrap.css
Requested by
Host: qualigo.com
URL: https://qualigo.com/de/question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://qualigo.com/de/question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Feb 2019 09:34:56 GMT
Server
Apache/2.4.10 (Debian)
ETag
"23a5a-581c341399900-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15552000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
21330
jquery.min.js
qualigo.com/lib/jquery/dist/ Frame F473
84 KB
30 KB
Script
General
Full URL
https://qualigo.com/lib/jquery/dist/jquery.min.js
Requested by
Host: qualigo.com
URL: https://qualigo.com/de/question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://qualigo.com/de/question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Feb 2019 09:34:56 GMT
Server
Apache/2.4.10 (Debian)
ETag
"14e55-581c3413a0660-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15552000; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
29885
jquery-ui.min.js
qualigo.com/lib/jquery-ui/ Frame F473
234 KB
63 KB
Script
General
Full URL
https://qualigo.com/lib/jquery-ui/jquery-ui.min.js
Requested by
Host: qualigo.com
URL: https://qualigo.com/de/question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://qualigo.com/de/question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Feb 2019 09:34:56 GMT
Server
Apache/2.4.10 (Debian)
ETag
"3a7cc-581c3413a3540-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15552000; preload
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
bootstrap.min.js
qualigo.com/lib/bootstrap/dist/js/ Frame F473
36 KB
10 KB
Script
General
Full URL
https://qualigo.com/lib/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: qualigo.com
URL: https://qualigo.com/de/question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://qualigo.com/de/question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Feb 2019 09:34:56 GMT
Server
Apache/2.4.10 (Debian)
ETag
"90b5-581c341399900-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15552000; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
9833
pvClk.min.js
analytics.webgains.io/ Frame 313E
59 KB
60 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-50.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
last-modified
Mon, 28 Jun 2021 16:00:47 GMT
server
AmazonS3
age
43810
etag
"edfa65aada7c65cbe3a78f39f8444ab3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 13 Jul 2021 23:41:04 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
60765
x-amz-cf-id
NepBDcg5O2FecH-zjI9DO9J1NAkZkvguxren2YiDuoAIC63ayMpjNQ==
hit
diapi.webgains.com/2.0/ Frame 313E
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBeI02Rhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtIMk.Nk4Jl9RJ8mcK4rTKyNfweUTlfe2Rc7L1eWNNW5BNlYiJ4uy.8P1&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221626263473%22%2C%22%22%2C%22%22%2C%22%22%2C%221634039473%22%2C%22oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=f1a4941b60a8fa18b0eea4073a6c2bf5&userIP=185.236.42.67&doAffectv=1&wgtime=1626263473
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:14 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 313E
25 KB
26 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__asuidXleVyGTN_1UWQhe7za6WUa3s-P3is3gvasuid__webplexmedia_advancedad_300x250&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:14 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:14 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
hit
diapi.webgains.com/2.0/ Frame 313E
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBeI0vMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea8IXWDK1civmjn4U_IvqCSFQ_01kKJA237lY5BSmVjMk.4Tg&wgcookie=%7B%22wgifp265095%22%3A%5B%221384975%22%2C%22265095%22%2C%222100045%22%2C%22%22%2C%221626263473%22%2C%22%22%2C%22%22%2C%22%22%2C%221634039473%22%2C%22oneidKAzuRfZf13YT5HMHktPtZpkfKtrtwQroneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=e9f45bd1ad2537953b020f899a0272a5&userIP=185.236.42.67&doAffectv=1&wgtime=1626263473
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2100045&wgcampaignid=1384975&js=1&nw=1&clickref=oneidkZjU5f3fb2Et4HwHetmC9jdTPtmtp3Voneid__webplexmedia_advancedad_300x250&viewref=oneidKAzuRfZf13YT5HMHktPtZpkfKtrtwQroneid__webplexmedia_advancedad_300x250&cp=776764804&origsource=https://view.webplexmedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:14 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 313E
4 KB
4 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid9rjSMfmfz7qfKHBH2t7tGxYu5tRtW7oneid__wortsuchen_advancedad_300x250&wglinkid=2100045
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C19877&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2CARztYfqf7W2CAHRH4tktMMEUMtbtDJd&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CMVzUzfrfKbjfWHEHGtQC66BTXt9tb4V&c=300&d=250&e=&g=239163729f2bf7134e099ab2c0ed5da1%2F18165677644571811089&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
83e6007117646a78f7448f428fc686cbd516f8e54408203a4caa58f709868697

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:18 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:18 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
3850
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fp_decode.html
track.webgains.com/ Frame 313E
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBcKjLtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4Jl9RJ8mcK4rTKyNfwcUTlfe2Rc7L1eWNNW5BNlYiJ4uy.16v
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:14 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
fp_decode.html
track.webgains.com/ Frame 313E
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBcKjPtQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jl9RJ8mcK4rTKyNfwcUTlfe2Rc7L1eWNNW5BNlYiJ4uy.1r9
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:14 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
img
ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/ Frame 1450
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eb093f5491332bfea41cff2c5d492a326966ed2f3cb922b3b81b2f7a7bd0f0f3&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b62037...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=eb093f5491332bfea41cff2c5d492a326966ed2f3cb922b3b81b2f7a7bd0f0f3&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd4384b...
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=42&tpuid=7712266775908450177
49 B
506 B
Image
General
Full URL
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=42&tpuid=7712266775908450177
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:14 GMT
server
nginx
location
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/img?tpid=42&tpuid=7712266775908450177
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
g.themoneytizer.net/g/ Frame 95BA
26 B
271 B
Script
General
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
fcfa6c4d7ec2b771b1df2404910700d7948fe24d98d5b007ddcf5d6a19ffb19b

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:15 GMT
Server
nginx
X-IPLB-Request-ID
B9EC2A43:53C4_91EFC191:01BB_60EECFB3_375155B:27AE7
X-IPLB-Instance
29820
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneybile.js
ads.themoneytizer.com/ Frame 95BA
38 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 14 Jul 2021 11:51:14 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
nginx
etag
"604b9fc7-981e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
16267
expires
Thu, 15 Jul 2021 11:50:32 GMT
smart.js
ced-ns.sascdn.com/diff/js/ Frame 95BA
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
35 KB
11 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F707) /
Resource Hash
1967a54ac0a585a7b888a93e6cfc624f5623b0e94a9a301a8f671d63a06f8d94

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:17 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 08:14:42 GMT
server
ECS (ska/F707)
age
12941
etag
"b4d028ec3146b48fd67b6682c7b63880:1626164084.881267"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
11155

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 14 Jul 2021 11:51:13 GMT
content-length
0
/
c.tmyzer.com/c/ Frame 95BA
0
271 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=78618&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=78618&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:14 GMT
Server
nginx
X-IPLB-Request-ID
B9EC2A43:EF9E_36264064:01BB_60EECFB2_ABED19A:17CAB
X-IPLB-Instance
38436
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
requestform3.js
ads.themoneytizer.com/s/ Frame 95BA
119 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=78618&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
3cb49664eb0eb74460e9c11094ef4f65e6e0ad9140b735cf2a999f578293e22b

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jul 2021 11:51:14 GMT
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame 45C9
1018 B
801 B
Document
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dreamies.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dreamies.de/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1621255706.244487"
Last-Modified
Mon, 17 May 2021 12:47:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Wed, 14 Jul 2021 11:51:14 GMT
Content-Length
445
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9449
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dreamies.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIleVhEAoYASABKAEwr5-7hwY4AUABSAEQr5-7hwYYAA..; uuid2=9167451645549144546
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dreamies.de/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sat, 10 Jul 2021 04:42:34 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 14 Jul 2021 11:51:15 GMT
Age
25712
X-Served-By
cache-lga21963-LGA, cache-hhn4022-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 379694
X-Timer
S1626263476.780592,VS0,VE0
Vary
Accept-Encoding
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1450
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a9def535-6413-4e3f-92b2-ce8904b78fe2
49 B
530 B
Image
General
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a9def535-6413-4e3f-92b2-ce8904b78fe2
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a9def535-6413-4e3f-92b2-ce8904b78fe2
cache-control
no-cache
date
Wed, 14 Jul 2021 11:51:13 GMT
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1995
content-type
text/html; charset=utf-8
content-length
237
expires
Wed, 14 Jul 2021 00:00:00 GMT
sync
gum.criteo.com/ Frame 95BA
49 B
362 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 14 Jul 2021 11:51:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2152
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame 95BA
4 KB
4 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:17 GMT
Last-Modified
Mon, 31 May 2021 09:07:48 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
B9EC2A43:FA5A_91EFC133:01BB_60EECFB5_19CC35B6:152D
ETag
"60b4a764-10b7"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4279
/
onetag-sys.com/usync/ Frame F6AD
3 KB
1 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
ef4f2c2bf7315c799eda06a33d7647a8e049de89dbe1e560f82d6391f8f73d90
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1626263474448
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://media.beruf.biz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://media.beruf.biz/

Response headers

p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie
OTP=JxvT3PICrod2U5y4jG42is1usP3f1eb81iPdwLsVJMY; path=/; expires=Fri, 14 Jul 2023 11:51:17; domain=onetag-sys.com; SameSite=None; Secure
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1128
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame CD0A
2 KB
1 KB
Document
General
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11deb83d73163a227f0c6324fd669f5bcde1b878edd27d2892b80cff366c14d0

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://media.beruf.biz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://media.beruf.biz/

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://media.beruf.biz
set-cookie
zc=fded0d18-407b-4d08-42e9-0cf797b2af5d; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=N%ED%E6%BBb9%94%03%E58T%AB%AF%88%8EG%D8%B2%EB%C2%FA%A8%11%CC%E2%28%CE%D6C%1B%28%19%B1%85%19%F9k%D4r%F0%C7%14%7Cd%12%F3%3Db%9C%16tt%04N%A6Y%5D%BAqrI%EFU%8E%B6%B1%1C%C9%03%2F%B9%A2%CB%F8%1B%CE%7B%02%F9%BA%7C%F3S%7B%F8%7F%06%25%8B%0C%CA%F7_%AB%F0%E2%CE%F5%CFb%DCE%E4%10i; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66ea89bb69be1f19-FRA
content-encoding
br
quant.js
secure.quantserve.com/ Frame 95BA
24 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 21 Jul 2021 11:51:14 GMT
px.js
p.cpx.to/p/12770/ Frame 95BA
3 KB
3 KB
Script
General
Full URL
https://p.cpx.to/p/12770/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.143.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-143-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1706ef43b3e26fca47fb0db95de4e804d64ebb9ce1b000bbc9868f54b8faf104

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:15 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
3015
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 95BA
25 KB
26 KB
Script
General
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 13:42:19 GMT
Via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
79742
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
KPYWi08ws_mYCJw-OAubMAosqH4L9wG6012jKmkJlMrAiAZZFSWrqw==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame 95BA
37 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 11:11:08 GMT
Server
Apache
ETag
"76412d-930b-5c71369539cd1"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1407
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Wed, 14 Jul 2021 12:14:42 GMT
prebid.js
ads.themoneytizer.com/moneybid4_40/build_last_noconsent/dist/ Frame 95BA
537 KB
167 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid4_40/build_last_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=78618&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
7f17cee3a20bef0824246aecd8e6026c7ca32e78a79306bdbc9b7fa7a4919bad

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 14 Jul 2021 11:51:14 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 08:00:41 GMT
server
nginx
etag
"60e55f29-86461"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
170944
expires
Thu, 15 Jul 2021 11:50:50 GMT
18.gif
id5-sync.com/qp/ Frame 95BA
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEKpDnA2pyLBLvVRHWcOkHkY&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=9167451645549144546&opid=apx&ops=&utidl=tech:goo:CAESEKpDnA2pyLBLvVRHWcOkHkY&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18952831570&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/qp/18.gif?puid=vec%3A18952831570&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.186 , France, ASN16276 (OVH, FR),
Reverse DNS
p06.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:12 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/qp/18.gif?puid=vec%3A18952831570&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
date
Wed, 14 Jul 2021 11:51:19 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 45C9
26 KB
6 KB
Script
General
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F715) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:17 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:08:39 GMT
server
ECS (ska/F715)
age
12150
etag
"f720a7f2a8432d0f18de76239266413f:1623053390.510436"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 45C9
79 KB
4 KB
Script
General
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71D) /
Resource Hash
1804e93c7d77871d5984f3bc595a41ae25366060999363e268a4126cf2b469d7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:17 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:09:32 GMT
server
ECS (ska/F71D)
age
13226
etag
"a072c6dc16e8a194aa1a6765717d1beb:1623053392.944265"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3599
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 45C9
4 KB
2 KB
Script
General
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F704) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:17 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:09:33 GMT
server
ECS (ska/F704)
age
37947
etag
"5c225f0da4164867a9eba01d527131e3:1623053391.489921"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 45C9
4 KB
2 KB
Script
General
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F705) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:17 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:09:34 GMT
server
ECS (ska/F705)
age
37938
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1623053391.858907"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 95BA
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:f000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:09:39 GMT
content-encoding
gzip
age
2496
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
EtbUXAvhsHBXn-kHex43PNJq6dAEQ1xWkjk2fa2m4TLCDLy5YHIQKw==
pixel;r=2047719378;labels=Categories.careers;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.beruf.biz%2Ftags%2F3001%2Findex.html;ref=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCT...
pixel.quantserve.com/ Frame 95BA
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2047719378;labels=Categories.careers;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.beruf.biz%2Ftags%2F3001%2Findex.html;ref=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCTz3Ib10HcZO7%252F4VbB30feFGXnE%253D;uht=2;fpan=1;fpa=P0-324265527-1626263474786;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=media.beruf.biz;je=0;sr=1600x1200x24;dst=1;et=1626263474786;tzo=-120;ogl=
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame CD0A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=9167451645549144546&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
95 B
164 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=9167451645549144546&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
66ea89be1f441f19-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:14 GMT
X-Proxy-Origin
185.236.42.67; 185.236.42.67; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b1b2e9a1-95ae-4a6c-b6aa-5e1924b23276
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=9167451645549144546&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/ Frame CD0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHL0PLSWpyY31axukk46gYk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3f...
95 B
176 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHL0PLSWpyY31axukk46gYk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
66ea89bfcac61f19-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHL0PLSWpyY31axukk46gYk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
450
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame CD0A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d18-407b-4d08-42e9-0cf797b2af5d%26reqId%3D0c433caa-01b0-4105-60ee-f3fa16...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d18-407b-4d08-42e9-0cf797b2af5d%26reqId%3D0c433caa-01b0-4105-60ee-f3fa16...
  • https://mwzeom.zeotap.com/mw?cid=28b00880-6be4-42a6-8094-33422f7225e9&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=28b00880-6be4-42a6-8094-33422f7225e9&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
66ea89c7c9761f19-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=28b00880-6be4-42a6-8094-33422f7225e9&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
449
mw
mwzeom.zeotap.com/ Frame CD0A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=fded0d18-407b-4d08-42e9-0cf797b2af5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=fded0d18-407b-4d08-42e9-0cf797b2af5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=02735386396556860551863906112782838644&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec...
95 B
256 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=02735386396556860551863906112782838644&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
66ea89c50c3c1f19-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v012-053bbcc6f.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
81eBtBE+SQ4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=02735386396556860551863906112782838644&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/ Frame CD0A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lVpII2ASj4k7V7MIHxDLrOgOhh%2FxPfpp%2BS41iYitP1U%3D
95 B
176 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lVpII2ASj4k7V7MIHxDLrOgOhh%2FxPfpp%2BS41iYitP1U%3D
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
66ea89d37a5c1f19-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:18 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lVpII2ASj4k7V7MIHxDLrOgOhh%2FxPfpp%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame CD0A
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dfded0d1...
  • https://mwzeom.zeotap.com/mw?cid=594960ee-cfb0-4200-a855-7682fcfa3bde&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=594960ee-cfb0-4200-a855-7682fcfa3bde&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
66ea89c58d061f19-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=594960ee-cfb0-4200-a855-7682fcfa3bde&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 14 Jul 2021 11:51:14 GMT
cmp.min.js
spl.zeotap.com/ Frame CD0A
541 B
458 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947c278794b2a9d7e44bfac400114672607efd14b3ebd784d76b4209dc81d523

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
66ea89bdcec21f19-FRA
date
Wed, 14 Jul 2021 11:51:14 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
pvClk.min.js
analytics.webgains.io/ Frame 49F5
59 KB
60 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_160x600&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-50.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
last-modified
Mon, 28 Jun 2021 16:00:47 GMT
server
AmazonS3
age
43811
etag
"edfa65aada7c65cbe3a78f39f8444ab3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 13 Jul 2021 23:41:04 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
60765
x-amz-cf-id
5Ai2FDxNR8uP9ipyKmU3KOeyAkNAVK0zA83dBKTZlFRRAq9G8SNJHA==
hit
diapi.webgains.com/2.0/ Frame 49F5
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBcTc.rAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiey.25.ea8IXWDK1civmjn4U_2vqCSFQ_01kKJA237lY5BSmWjMk.5JL&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221626263473%22%2C%22%22%2C%22%22%2C%22%22%2C%221634039473%22%2C%22oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_160x600%22%5D%7D&wgchecksum=b520720c24941abe5146d7a4e99fbf52&userIP=185.236.42.67&doAffectv=1&wgtime=1626263473
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_160x600&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
d1e797c515a409448d82f20dc32e107fdaa19937330cfa859b6233e82cb2312a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:18 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 49F5
25 KB
26 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid6KRuefm2Y6teAxfeHmHYtktxVmsmt1Trmoneid__adf_Netmix_Reach17_Singlesite&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C46427%2C22925&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2CKAzuRfZf13YT5HMHktPtZpkfKtrtwQr%2Ce2Xh3fVfR1WUjHZHet1t445H7tbtxrq&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CkZjU5f3fb2Et4HwHetmC9jdTPtmtp3V%2CDgzu3fwf35Zt3HmH9twCZZJS4tVtkWZ&c=160&d=600&e=&g=8c812b817d6ea9fff906046b1e4820f1%2F4442960463417467970&i=27720%2C22481%2C20774&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_160x600&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:20 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:20 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1450
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=251f2136211bd13cc0572195...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
49 B
552 B
Image
General
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 14 Jul 2021 11:51:14 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=594960ee-cfb0-4200-a855-7682fcfa3bde
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Jul 2021 11:51:13 GMT
cmp
spl.zeotap.com/ Frame CD0A
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&id_mid_4=fded0d18-407b-4d08-42e9-0cf797b2af5d&reqId=0c433caa-01b0-4105-60ee-f3fa1688dec5&uc=2&zdid=1258&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=fded0d18-407b-4d08-42e9-0cf797b2af5d; zsc=N%ED%E6%BBb9%94%03%E58T%AB%AF%88%8EG%D8%B2%EB%C2%FA%A8%11%CC%E2%28%CE%D6C%1B%28%19%B1%85%19%F9k%D4r%F0%C7%14%7Cd%12%F3%3Db%9C%16tt%04N%A6Y%5D%BAqrI%EFU%8E%B6%B1%1C%C9%03%2F%B9%A2%CB%F8%1B%CE%7B%02%F9%BA%7C%F3S%7B%F8%7F%06%25%8B%0C%CA%F7_%AB%F0%E2%CE%F5%CFb%DCE%E4%10i
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date
Wed, 14 Jul 2021 11:51:14 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66ea89be0f1f1f19-FRA
tracking-event
api.webgains.io/ Frame 313E
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 11:51:15 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 11:51:15 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 313E
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 11:51:15 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 11:51:15 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
fp_decode.html
track.webgains.com/ Frame 49F5
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBcTkDpmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_jV.lV9dXJscI_FeAiwfwlMtFyxYMJ5tFFg4K1kl1BNlY6RcQpw.6Yl
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:15 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
js
ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/ Frame 1450
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=edef41e1ee0d27178aeb2ae75806efd54e333b01d826ae423ba59e97f2d824cf&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd43...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=edef41e1ee0d27178aeb2ae75806efd54e333b01d826ae423ba59e97f2d824cf&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe69427f804fd43...
  • https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/js?tpid=48&tpuid=f3aaee3e460d392f97db88241d7426de
44 B
358 B
Script
General
Full URL
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/js?tpid=48&tpuid=f3aaee3e460d392f97db88241d7426de
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f5c5579ec0c8b516019f7e374171ad3fc1a467684e744714ec75d800607a3f02

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:16 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/e69427f804fd4384b6203746b3d36440/1626263471827/0/js?tpid=48&tpuid=f3aaee3e460d392f97db88241d7426de
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
fp_decode.html
track.webgains.com/ Frame 49F5
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBcTrMhRhk6Hb9LarUqUdHz16rgPtFFg4Jh5Dv5.25.ea8IXWDK1civmjn4U_2vqCSFQ_01kKJA237lY5BSmWjMk.61O
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4ca4ef3a650de4f758ef65f4e0c5e61ca7f6405c31ea0911c4fed14888242983

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:20 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
hit
diapi.webgains.com/2.0/ Frame 49F5
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1V9.ZBcTrNhmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_jV.lV9dXJscI_FeAiwfwlMtFyxYMJ5tFFg4K1kl1BNlY6RcQpw.5J4&wgcookie=%7B%22wgifp265095%22%3A%5B%221384975%22%2C%22265095%22%2C%222100045%22%2C%22%22%2C%221626263473%22%2C%22%22%2C%22%22%2C%22%22%2C%221634039473%22%2C%22oneidKAzuRfZf13YT5HMHktPtZpkfKtrtwQroneid__webplexmedia_advancedad_160x600%22%5D%7D&wgchecksum=c604280778a03a70505cbffac4b06e81&userIP=185.236.42.67&doAffectv=1&wgtime=1626263473
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2100045&wgcampaignid=1384975&js=1&nw=1&clickref=oneidkZjU5f3fb2Et4HwHetmC9jdTPtmtp3Voneid__webplexmedia_advancedad_160x600&viewref=oneidKAzuRfZf13YT5HMHktPtZpkfKtrtwQroneid__webplexmedia_advancedad_160x600&cp=409528357&origsource=https://view.webplexmedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
d1e797c515a409448d82f20dc32e107fdaa19937330cfa859b6233e82cb2312a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jul 2021 11:51:18 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 49F5
85 B
541 B
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid9rjSMfmfz7qfKHBH2t7tGxYu5tRtW7oneid__wortsuchen_advancedad_300x250&wglinkid=2100045
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2100045&wgcampaignid=1384975&js=1&nw=1&clickref=oneidkZjU5f3fb2Et4HwHetmC9jdTPtmtp3Voneid__webplexmedia_advancedad_160x600&viewref=oneidKAzuRfZf13YT5HMHktPtZpkfKtrtwQroneid__webplexmedia_advancedad_160x600&cp=409528357&origsource=https://view.webplexmedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:20 GMT
Last-Modified
Wed, 14 Jul 2021 11:51:20 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fire.js
s.cpx.to/ Frame 95BA
1 KB
2 KB
Script
General
Full URL
https://s.cpx.to/fire.js?pid=12770&ref=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCTz3Ib10HcZO7%252F4VbB30feFGXnE%253D&hn_ver=16&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12770/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.185.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c645dd5855d5aed13382c63709c09e7338640d36c2df6d1d7b5c137cb79f23dd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 14 Jul 2021 11:51:15 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
1073
Expires
Tue, 13 Jul 2021 14:50:49 GMT
ca.png
s.cpx.to/ Frame 95BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
  • https://s.cpx.to/ca.png?dsp=dbm&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&google_gid=CAESEGv9NWtIK6agasAqPQ9rOUc&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&google_gid=CAESEGv9NWtIK6agasAqPQ9rOUc&google_cver=1
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.185.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 14 Jul 2021 11:51:15 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&google_gid=CAESEGv9NWtIK6agasAqPQ9rOUc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
token.rubiconproject.com/ Frame 95BA
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=434171061d8e0cab&gdpr=0
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
an_fire
s.cpx.to/ Frame 95BA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12770%26ref%3Dhttps%253A%252F%252Fmedia.beruf.biz%252F%253Fsess%253D2qV0%25252F7TSeA2uYkmSCTz3Ib10H...
  • https://s.cpx.to/an_fire?app_nexus_uid=9167451645549144546&pid=12770&ref=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCTz3Ib10HcZO7%252F4VbB30feFGXnE%253D&hn_ver=16&fid=ceaf0238-c2...
95 B
865 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=9167451645549144546&pid=12770&ref=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCTz3Ib10HcZO7%252F4VbB30feFGXnE%253D&hn_ver=16&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.185.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 14 Jul 2021 11:51:18 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 14 Jul 2021 11:51:18 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:18 GMT
X-Proxy-Origin
185.236.42.67; 185.236.42.67; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fb758072-44d6-4a35-be8a-d0f71e6a4a85
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=9167451645549144546&pid=12770&ref=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCTz3Ib10HcZO7%252F4VbB30feFGXnE%253D&hn_ver=16&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/ Frame 95BA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=28b00880-6be4-42a6-8094-33422f7225e9&dsp=TTD
95 B
876 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=28b00880-6be4-42a6-8094-33422f7225e9&dsp=TTD
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.185.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 14 Jul 2021 11:51:16 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 14 Jul 2021 11:51:16 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=28b00880-6be4-42a6-8094-33422f7225e9&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
getuid
sync.smartadserver.com/ Frame 95BA
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dceaf0238-c2cd-4605-99df-4da3ac60e56c&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&gdpr=0&cklb=1
0
436 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&gdpr=0&cklb=1
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:18 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c&gdpr=0&cklb=1
pragma
no-cache
date
Wed, 14 Jul 2021 11:51:17 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
s.cpx.to/ Frame 95BA
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dceaf0238-c2cd-4605-99df-4da3ac60e56c
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dceaf0238-c2cd-4605-99df-4da3ac60e56c
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7B37C808-E444-4C0E-9F34-6D9490FF8310&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
95 B
881 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7B37C808-E444-4C0E-9F34-6D9490FF8310&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.185.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 14 Jul 2021 11:51:16 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 14 Jul 2021 11:51:16 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7B37C808-E444-4C0E-9F34-6D9490FF8310&fid=ceaf0238-c2cd-4605-99df-4da3ac60e56c
date
Wed, 14 Jul 2021 11:51:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
pool.grid-data.bidswitch.net/ Frame 95BA
43 B
220 B
Image
General
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: media.beruf.biz
URL: https://media.beruf.biz/tags/3001/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.3.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
en728x90.html
media.adklick.net/banner/ Frame 71AE
469 KB
95 KB
Document
General
Full URL
https://media.adklick.net/banner/en728x90.html?clickTAG=http%3A%2F%2Fpartners.adklick.de%2Ftracking.php%3Fid%3D2%26action%3Dlink%26banner%3D1857%26site%3D25684%26akref%3D68747470733a2f2f6173312e647265616d6965732e64652f%26user%3D24046%26subid%3D0%26aktrg%3D
Requested by
Host: ssl.adklick.de
URL: https://ssl.adklick.de/multiad.php?id=24046&data=c80e2e3dfd073a58a7868ba33aed57a9&site=25684&catid=23&auswahl=1&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.136.160.63 , Germany, ASN41391 (CLUSTERS-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) mpm-itk/2.4.7-02 PHP/5.6.33-0+deb8u1 OpenSSL/1.0.1t /
Resource Hash
1e22641ee662c2aeaf7ed06eea08446162b862006227906b7b09945726654179

Request headers

Host
media.adklick.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://as1.dreamies.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://as1.dreamies.de/

Response headers

Date
Wed, 14 Jul 2021 11:51:16 GMT
Server
Apache/2.4.10 (Debian) mpm-itk/2.4.7-02 PHP/5.6.33-0+deb8u1 OpenSSL/1.0.1t
Last-Modified
Fri, 08 Apr 2016 13:09:22 GMT
ETag
"7547d-52ff8e744e480-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html
tracking-event
api.webgains.io/ Frame 49F5
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 11:51:15 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 11:51:15 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
runtime.js
www.gstatic.com/swiffy/v7.4/ Frame 71AE
414 KB
121 KB
Script
General
Full URL
https://www.gstatic.com/swiffy/v7.4/runtime.js
Requested by
Host: media.adklick.net
URL: https://media.adklick.net/banner/en728x90.html?clickTAG=http%3A%2F%2Fpartners.adklick.de%2Ftracking.php%3Fid%3D2%26action%3Dlink%26banner%3D1857%26site%3D25684%26akref%3D68747470733a2f2f6173312e647265616d6965732e64652f%26user%3D24046%26subid%3D0%26aktrg%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f13917f2786183153315686042db7d0a06d1a0ec4832f31cdf3676b10e57e7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://media.adklick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 06:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-swf-services
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123824
x-xss-protection
0
last-modified
Wed, 17 Feb 2016 12:11:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jul 2021 06:15:28 GMT
identity
api.rlcdn.com/api/ Frame 95BA
0
221 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 14 Jul 2021 11:51:16 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://media.beruf.biz
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ Frame 95BA
109 B
543 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
cf33806b56d2a31aa2f0105131073141bbbe5fe05250c4b654c5dd406334aa1b

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 14 Jul 2021 11:51:16 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://media.beruf.biz
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 13 Aug 2021 11:51:16 GMT
sium
ih.adscale.de/ Frame 1450
0
190 B
XHR
General
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-78-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 14 Jul 2021 11:51:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
headerstats
as-sec.casalemedia.com/ Frame 95BA
0
429 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fmedia.beruf.biz%2F%3Fsess%3D2qV0%252F7TSeA2uYkmSCTz3Ib10HcZO7%252F4VbB30feFGXnE%253D&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:16 GMT
X-AK-INITIAL-GEO
CC:[SE], RC:[AB], CN:[EU], CIP:[185.236.42.67], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://media.beruf.biz
X-CS-CLIENT-GEO
10
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
10
Expires
Wed, 14 Jul 2021 11:51:16 GMT
e32360ee-cfb5-4200-9ad1-c6c4de57f433
onetag-sys.com/sync/i,1/ Frame F6AD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
  • https://onetag-sys.com/sync/i,1/e32360ee-cfb5-4200-9ad1-c6c4de57f433
0
290 B
Image
General
Full URL
https://onetag-sys.com/sync/i,1/e32360ee-cfb5-4200-9ad1-c6c4de57f433
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 14 Jul 2021 11:51:17 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/sync/i,1/e32360ee-cfb5-4200-9ad1-c6c4de57f433
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Jul 2021 11:51:16 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame F6AD
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
6220581521831243673
onetag-sys.com/sync/i,34/ Frame F6AD
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=JxvT3PICrod2U5y4jG42is1usP3f1eb81iPdwLsVJMY
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=JxvT3PICrod2U5y4jG42is1usP3f1eb81iPdwLsVJMY
  • https://onetag-sys.com/sync/i,34/6220581521831243673
0
151 B
Image
General
Full URL
https://onetag-sys.com/sync/i,34/6220581521831243673
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:19 GMT
server
nginx
location
https://onetag-sys.com/sync/i,34/6220581521831243673
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
onetag-sys.com/sync/i,19/ Frame F6AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc=
  • https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPuhR05u7FUae3Y7aF9CYyk&google_cver=1
0
287 B
Image
General
Full URL
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPuhR05u7FUae3Y7aF9CYyk&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPuhR05u7FUae3Y7aF9CYyk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F6AD
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=JxvT3PICrod2U5y4jG42is1usP3f1eb81iPdwLsVJMY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
sync
pixel.advertising.com/ups/58198/ Frame F6AD
0
125 B
Image
General
Full URL
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:51:19 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame F6AD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ
  • https://ups.analytics.yahoo.com/ups/58488/occ?verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-._k0XttE2uGLLYOqmf_jQ7h.T8xUxMmLbXgOonM-~A
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-._k0XttE2uGLLYOqmf_jQ7h.T8xUxMmLbXgOonM-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 14 Jul 2021 11:51:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://onetag-sys.com/match/?int_id=92&uid=y-._k0XttE2uGLLYOqmf_jQ7h.T8xUxMmLbXgOonM-~A
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/sync/i,29/ Frame F6AD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/sync/i,29/?tdid=28b00880-6be4-42a6-8094-33422f7225e9&ttl=1628855477
43 B
379 B
Image
General
Full URL
https://onetag-sys.com/sync/i,29/?tdid=28b00880-6be4-42a6-8094-33422f7225e9&ttl=1628855477
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
cache-control
no-cache, no-transform
content-length
64
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 11:51:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/sync/i,29/?tdid=28b00880-6be4-42a6-8094-33422f7225e9&ttl=1628855477
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
211
/
onetag-sys.com/match/ Frame F6AD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=b029c943-5c92-4289-84d9-911e4d3f0ba7&ssp=onetag&user_group=1
  • https://onetag-sys.com/match/?int_id=30&uid=0160da23-12e0-4b76-a69d-e227c692f3a6&gdpr=&gdpr_consent=&us_privacy=
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=30&uid=0160da23-12e0-4b76-a69d-e227c692f3a6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1626263474448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=0160da23-12e0-4b76-a69d-e227c692f3a6&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 14 Jul 2021 11:51:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
tracking-event
api.webgains.io/ Frame 49F5
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 11:51:20 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 11:51:20 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 95BA
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Jul 2022 02:38:11 GMT
notifyme.php
adtrack.adleadevent.com/ Frame 95BA
0
526 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.103.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://media.beruf.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 11:51:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 11:51:22 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://media.beruf.biz
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
launcher.js
sak.userreport.com/sdm/
104 KB
30 KB
Script
General
Full URL
https://sak.userreport.com/sdm/launcher.js
Requested by
Host: si.nuggad.net
URL: https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ba00:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d2926558dfb0319d469dca744d932a1934b0194213838a4c9529f4bd6887a23

Request headers

Referer
https://www.dreamies.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sWrYSLqsQlcXCNntUF8JvkdB.T4gE7_S
Content-Encoding
br
ETag
W/"bda6d36d4c7e0a8c7cdcadbef248c9f4"
Age
25
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 19 Apr 2021 08:08:31 GMT
Server
AmazonS3
Date
Wed, 14 Jul 2021 11:50:57 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
Cache-Control
max-age=7200, s-maxage=60
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
SCkaHuU29-F5A2_6yI1YgT3g2k8FIkrP72RimE2k9P48AJzsctWalw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imagesrv.adition.com
URL
http://imagesrv.adition.com/js/adition.js
Domain
adfarm1.adition.com
URL
http://adfarm1.adition.com/js?wp_id=2762854_1544577_5277337&keyword=yieldlab

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| userLanguageCode boolean| js_is_login boolean| vvdmbdrdegsdetzypp object| adition_yieldlab object| yl object| YLHH object| yieldlove_site_settings object| yieldlove_cmd object| confiant object| pbjsYLHH object| googletag function| pbjsYLHHChunk object| _pbjsGlobals object| stroeerCore object| vitag string| lang_con string| lang_del string| lang_chl string| lang_che string| lang_saf string| lang_nb_save string| lang_nb_error object| js_lang function| Cookies string| sw_push_publicKey function| urlB64ToUint8Array function| really function| really_delete function| getWindowWidth function| getWindowHeight function| randInt function| insertBBCode function| getIframe function| setUserNotice function| unsetUserNotice function| getDDBox function| centerDDBox function| closeDDBox function| checkPosition object| galleries object| email function| loadAjaxLeaderboard number| j number| exact_w number| h object| _VLIOBJ string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport object| $sf function| vlPlayer object| regeneratorRuntime function| __tcfapiui object| ggeac object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| vlipbChunk object| vlipb string| nobidVersion object| nobid function| stroeerCoreConnect undefined| retryHandle function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| yieldlove_ab object| NUGGjson function| aplauncherExec function| aplauncher string| apsrc

8 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: uuid2
Value: 9167451645549144546
.smartadserver.com/ Name: pid
Value: 5832513640545175435
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: pdomid
Value: 15
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.adscale.de/ Name: cct
Value: 1626263480790
.adscale.de/ Name: uu
Value: 070e530e377c44c992cb4125abe9796f
.ih.adscale.de/ Name: tu
Value: 4#0#

5 Console Messages

Source Level URL
Text
console-api error URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acdn.adnxs.com
ad.yieldlab.net
ad4m.at
adfarm1.adition.com
ads.themoneytizer.com
adscale-emea.adnxs.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
api.rlcdn.com
api.webgains.io
as-sec.casalemedia.com
as.ad4m.at
as1.dreamies.de
assets.ad4m.at
assets.vlitag.com
bbnaut.ibillboard.com
c.tmyzer.com
cdn-a.yieldlove.com
cdn.jsdelivr.net
ced-ns.sascdn.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
cookie-matching.mediarithmics.com
csync.smartadserver.com
d2zur9cc2gf1tx.cloudfront.net
diapi.webgains.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
ec-ns.sascdn.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
hb.adscale.de
ib.adnxs.com
id5-sync.com
ih.adscale.de
image2.pubmatic.com
imagesrv.adition.com
imasdk.googleapis.com
js-sec.indexww.com
js.adscale.de
match.adsrvr.org
media.adklick.net
media.beruf.biz
mwzeom.zeotap.com
nugmw.userreport.com
onetag-sys.com
p.cpx.to
partner.o2online.de
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.grid-data.bidswitch.net
portal.o2online.de
prg.smartadserver.com
prod-ingestion.tracking.v2.yieldlove-ad-serving.net
prod.perf-serving.com
qualigo.com
rules.quantcount.com
s.cpx.to
s1.dreamies.de
sak.userreport.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.vlitag.com
si.nuggad.net
spl.zeotap.com
ssl.adklick.de
ssum.casalemedia.com
sync.mathtag.com
sync.smartadserver.com
tag.leadplace.fr
tag.vlitag.com
tn1.dreamies.de
token.rubiconproject.com
track.adform.net
track.webgains.com
tracking.m6r.eu
ups.analytics.yahoo.com
view.webplexmedia.de
ww1097.smartadserver.com
www.dreamies.de
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
adfarm1.adition.com
imagesrv.adition.com
104.111.218.85
116.202.98.152
13.224.89.3
13.224.96.50
13.224.96.67
13.248.242.197
142.250.186.162
142.250.74.194
145.239.193.145
145.239.193.51
151.101.113.108
151.101.113.194
151.139.241.23
162.55.171.74
168.119.242.35
176.9.51.136
178.250.2.151
18.156.0.31
18.195.199.191
18.197.47.23
185.29.132.68
185.33.220.241
185.64.190.80
185.86.137.32
185.86.139.59
185.86.139.89
2.18.233.201
2.18.234.21
217.79.188.11
217.79.188.8
2600:9000:2156:1200:1f:a1b:34c0:93a1
2600:9000:2156:ba00:8:5c85:cdc0:93a1
2600:9000:2156:c400:12:6213:9cc0:93a1
2600:9000:2190:4000:f:4f64:8940:93a1
2600:9000:2190:f000:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:20::ac43:4597
2606:4700:3039::6815:c034
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2002
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:830::200a
2a02:2638:1::13
2a02:26f0:6c00::210:ba1a
2a04:4e42:3::485
3.120.52.200
3.121.3.128
3.121.91.240
3.123.78.164
3.127.166.11
34.120.133.55
35.158.179.12
37.157.6.245
37.157.6.247
37.252.173.113
37.252.173.27
46.236.13.147
46.4.15.228
51.210.32.121
51.75.198.14
51.89.9.253
51.91.68.112
52.213.6.221
52.30.185.188
54.154.124.189
54.246.103.100
54.246.143.132
54.36.109.186
54.38.64.100
62.209.227.211
68.232.35.16
69.173.144.138
69.173.144.165
72.251.244.141
78.46.85.162
81.29.72.47
82.113.101.132
84.200.5.215
94.136.160.63
94.136.189.31
003f0ae4a3783248b9c5815c1c38b4ecaf06ad0fa2308b6b317023771a806dda
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4
01d845b458775a7b8fdc5a8f35ba8b0e8e6152f820bd3ae118f5cb04f17f62db
01db616244f2eb80b9b3cade8d98711b35767a5e50c8b435f8e20ba72e0dddc0
0238ac150de3bb53511e646915cb6437c97c2f66e8ca8c63014087dea5818414
0271a1ae9f75d45cd855de8dc31b9f5c031584b30b541eacf78953c293dd1f06
0566408058824d7e2914d8dd919d022d672a332e0d9a0065477dd194f80ffd2e
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
063e81c05785c3cb672fbfb15caaca86187afbb22f044d77aec070f366135c7e
07eb0651901da3f172322c6a8c9bf673cc7a11d18b8c6613cc19c4e23d5fcd17
07fcbb9e74baed7e737ea0fce2c65cd1bd4fc5677c7c493971116582fc49be5b
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08b6ea4980476a9ca414b09b29ad9a611d016948a764e8e406664046c4bdc9ef
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8
0c8be380ea30eec9b09d65eb3628ad621af28cc62a325c7a9351f0c5593923aa
0cdfd11eeff2c617a795c4e0404e2c9fe3a200bf0ea64dbde36737a7046e8a26
0e668f902def91b9fec73061a6ce00149a0fdbda93e864de5c2629059756bc20
10f60515e40e0a7c8211fb49b0245567ca8ec840de81e3f76f38559bd7be8cf2
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c
11deb83d73163a227f0c6324fd669f5bcde1b878edd27d2892b80cff366c14d0
1254ef935264b35c3f7a70229bee326724c8857bbf2480fd7b11e3db626fc24d
148e9e627f2f052d2859afe0fb7b8948243feb284b82a9f9533dafa8029d3085
14d281ee630e468e6fbe88cf29bc8ef978abfd19747d9b6c7b19b6a65f13fb44
16758a225d7715173e4374a9f8d10e782981d79a2200b703f19cdc578f33e820
1706ef43b3e26fca47fb0db95de4e804d64ebb9ce1b000bbc9868f54b8faf104
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f
1804e93c7d77871d5984f3bc595a41ae25366060999363e268a4126cf2b469d7
18b151eab3f42175d6f9992cdb762645ad661ab753c213cdb64b8a9091d25480
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1967a54ac0a585a7b888a93e6cfc624f5623b0e94a9a301a8f671d63a06f8d94
19db38ba3d79cf4b63ed4f34bd753d36f4c4a8a155610b7d7e5dcb6c377175f6
1aa17d474b49573537199f259f77fe5957fe8aad7dde9aa89543cb487652e096
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
1e00b109caa528d0b5939891e8cb7bc4408361cf44bb3a0ec2938577b95dc50f
1e22641ee662c2aeaf7ed06eea08446162b862006227906b7b09945726654179
21129ab041a1c5934a7aa3ccfcd8c1afe1bddf59564ed135a79e62d39ec55b21
2300c2eb228abfa53d652ea88540b3dee7d594f5c4b6203b5b3cf48ff54fef30
246f738abf230439982eeaea35d65637c167cb5cbec1378e7918b8816e9881d7
24cf882fe751a2910640494d39db788c0667561389d9b05dab1c792b0daf9dde
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
29cf209b49d933654fcedb1a27dee5bfd728c53ca6e0c20bf3318738a684b81b
2b85c8eafb9f40a2cb70b7c764dcd7a31a26b6982895b9f22d293a20b3e757a5
2bc1f13e1ca9dbdc0a65d2913aea0cf4d500be30d9be2a5821953ef1ab1567ca
2de905224b9efeddae92cba06370c788ccbff6007a15adcaff1af9d025eac571
2f61f4a874b67d088a502359fb874fb9b7fc6ba6dadbdfa905b131fc8f12464e
340c6ac58ed4412fa6dcb546892bd483d9599a1fe6ecfa9275331a4131b1f6d1
3542daa0b3f160db6a743090522c670275cf13222bafcfca2a83268e27b06b0f
3722caddf62172aa87267cb3ae345d5594a01e378b40612cc0a998a1c8956a34
374f1fb8f270b70147973c371c56504a77b6040bad90f698d21348f2bfcb8011
39e0a4c2e56c5f4da2d455f1d613673c7d7a51f7f49ec2ae85193f39a75f02e1
3cb49664eb0eb74460e9c11094ef4f65e6e0ad9140b735cf2a999f578293e22b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7ce6be02f836eaa3a1040631360f8d129fb4b4f926ed0daf67ece34e8698e5
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
439f17450717c29a46c73c412bfb2dc2eee41ea202ace0245aee854c21a91504
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
46dd51cc462cdea5ac65c45863e5fb44fc3042aa05c7aad22ed2995646828f8e
477f17e04c5614fafb76a903e4f9a61ade47b13b2a87c08941c5362a0f802618
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
4a3af12b279b4e2bf81201d368ce1109d23a44b08ad920d7d9aeabdeffc7fc4d
4b723e3dc2d2b1607431f3609139e8138594f329fd312f909156efbbd0c99233
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c63929f6a8092c7f03326d1ceb9800bf7543e51a36d5bc411bed6db4a7519a8
4ca4ef3a650de4f758ef65f4e0c5e61ca7f6405c31ea0911c4fed14888242983
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef73d7aa2c3d54cff7a92b1281575780a16cd683174f2306adf060a8c0284d2
4efcba0f9c87558f05983085941c34d3b9b5e99cc2900d384748f8438ed061cc
534f53b8851d9dbd2859c3c07a88a2f9227fe14ebda8bc57e1d06593522b0462
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56fb1247eb1a98a7d818e7bc457120aad9e67c41cd86bd3195dfeab594f650b6
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5ca966afb2ba08a656665f88e37c98a41e6b268a4a09bcd985af5c4ef5b607a3
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
62ae283726b60dca9ab289f0b62ac6bbed46a3c66d8e40d312e94833877f06c6
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
65062a02887252a9163fe45a5975906e2277cfda1bb182da7693671998bd818f
65a07316415cbc4b4cfa137f5e2c4669a819498b641d19148538d0730464b178
675b94953fcba9ab8e04efdbd12a9f97f0a1051da5e9e3e6529c45604a100a9e
67fd03d12cd9941745e017cac44870121daf52d7ab971fcc49450e2eebbecc24
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6d2926558dfb0319d469dca744d932a1934b0194213838a4c9529f4bd6887a23
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570
74431153bf92c1594fee9626c9d14da37492e9f3ccf0932e376cce4037541822
759cf6b4e9333dbc23a196cc66cb9dea1249ce70dd8deddcb9c7eceb41f6720d
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
792e885389ac9957f7c28e8d8521a6107e9a3b4e9eb320efc701ca1aa52b337d
79c51a2697708ce753a6ed997b3921a6403ef8a3edc027b42f76d66396965150
79e92f64cc840a06b3c100393a4ce1556963142cc20ec80437e022c4c9ec012b
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
7f17cee3a20bef0824246aecd8e6026c7ca32e78a79306bdbc9b7fa7a4919bad
8352f20ee9fa8c887cb8e6aa6d7cf012bd1b87568736e18c52b5812b5cb27659
83bac6f5c298a4cbe018756b0d038e329775f9707df2ea2fe97e3c26b6cb2daa
83e6007117646a78f7448f428fc686cbd516f8e54408203a4caa58f709868697
840f913f3cae9407139b452ee9dd6b05604d1aad7855238b437e0bbc55ceb88e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
875f1ea3be76a5f9f5348719d2d5d39794d05a2c8c0135702c6c668e3b024c11
88aa8a88b6067fc0f1a7deab60ebe597c3c847f0b06c840d2b00a9bffa1d4104
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8bb1827143cc749fc9d3a14e56b5ea6175033be72ec8971fc553cbd4dab4fb15
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9
8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9
8ff40f3f42b5316d5f21c0b35f7b5670ec56136578a4b97a1efd97638c4cf00f
90de4a7f225ae7727c447e811c19d249dbfa4bc9a62513329d635c25a9ccd9d2
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
9416bba6b9429794168aadb14f8ccd4e897426f775efe88d87315f2b94a08608
947c278794b2a9d7e44bfac400114672607efd14b3ebd784d76b4209dc81d523
977db676822d169898477bb8d00fad87112543cb4ad505a1cc6a864a0fe7cad5
986cc1d114617dff9d2270d370626d01229b10e3792ad35dc2122b890d11d0c7
98841fb393b5cbc420e68ab6e94bab5aa663f1d05c2e8c3e552024cc2af6a29d
996e88028ba25113a025f983fd09325c32b2dc980863a8dc68b1c86bfde7ef6b
9a367c875e6b44fd8b5f4011049caffa067c0bab55126a6b6cbb8c26be697677
9a41ffdbbf06845fff8a3f4e2ad471e64947ba09eda47409d85cda9fb42b8708
9a49379e765da018c449ca3dfa9d2888da79117c2a8c7d68b73494825153baa7
9c170bac7bdb51042712275545a85f282f9cb5f447f2f8531c754aebe2f834fe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e
aaab3d1f3cef83d7c4521b34f7ff26b0160cee8f0fe7435090e6333e23042876
ab3d6fab81c5d118a00403ed1b87da111307e761c3c9c0742911380d2ab63068
acb94099df08c0f63ff7feff2c00a04210135b3902395dbd27941a2c4a6d27a9
acc1139635f969f035a045518919109f4030deffa24e92cd8f10d1eecaf4b89b
ad6dccea9accf018923fa6e7d0dce6c9272bfbe9bdd664fbbc7f6339b7bc8f2c
afdf6aa9bf8a705163c9a6b0b84ff29cd5cbc9fa98448517d9dfc70b5efd4fd6
b1e0c7eb86bd62284358ebf442058afe7c06afe7d3abb886a149e5517a561732
b2d0f0401b89ac8313607a3ccee129bd53f41cfae691144e140f074f31ddfbb1
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b57cf4b2a6d028000ae47e3a3fc971356b6f098d8862acbf8e6d475d92702eb4
b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675
b844d80868577b54b66e1e848e71a58fa3b55f4c4b6ccbaeb537f1ad564f7ea2
b8934bb91ab65923e359a79932f0c12e36d456e12ea2b1e3c3c64a4a4e2f503a
b91de2ff4353c3fd241fba92e56a44f0e1a34c58bffdc23b745d728c598e43cd
b99791a8c5635175c4eca9ef087357283f74b20167d58bf4ac6518dd98b97479
b9aa159b9e0098c3098031be8b36782bf32f46e39dec38d08ad88018994f8594
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bd596ec34b766ed4f098bb5f20a1f1613afb5730abdccea442b6e1252fac0b4c
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c1a2a1c98ea5fa813d305e756de5cb9d51fc59d83ff188b4abc5b5addb57fd1a
c2336fe718d6f740c0132267637d1cfcf5929f7a4ae71f7eccddb097bb7dc8b5
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c645dd5855d5aed13382c63709c09e7338640d36c2df6d1d7b5c137cb79f23dd
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c78928061282d676df07504970f09485ac928556d3d60a04bd122edf20e7af7e
c7a8cf463d8af865cc28bd6d81d41134e809375632eef8823768b460ce8e6e7c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdbb2411dbcae7780fbfa08aa92faaa70aa14026947fe814262772a59419e25f
cf33806b56d2a31aa2f0105131073141bbbe5fe05250c4b654c5dd406334aa1b
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1645eee671170a803407d4eab8bcfe70cf56f8e88c85be3708cc3cf21df402a
d1e797c515a409448d82f20dc32e107fdaa19937330cfa859b6233e82cb2312a
d4231edb6487ba242da33fb1ae515e822ace7d414b60d90dedd84825e29cb174
d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f
d7d1019f33ac8696d8f112a532c79ad5f67390563a0a39ec938fc0181d60e81a
dda45ef804639403b7965631c259fc12a52fc81aae8497c05fdd0c99f3dee4f7
de30d2e9f59c50988941be2f1a10f4a43c39027ad12574e655264c704a0ca3b8
e07a6b6ca8a51419e3a69038e3923b0776bd8b7d7e395008b9c634b24f57514c
e32ef435211e0c76ed41d7c05246cb68d456f7a5f3632a75ceaf59ba8bca139e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e77d042ff7d8d72536ff5c408f56f137a47c8c4ffba9fdd4221d98966ed7d805
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
e9b9753fe268287e0cf1aa16f9035fc17abf6c9b055cee916fb6e5a2e0a0ff63
eb22a5c54d3f3e62db846c44fc9286fdd63b45b93175e0a93a391ac4f69049a8
eca199fa7954e61e8c81d5ba8f268bcd2843be4437b9d856ee057273fd7b6520
ecce7a752e990fc32d7f6b1aaaf32c82ec5adb3a796ec5c815008369a3f7458d
ee08dac2e9f5e2f0548bb8471d57c07b796dbdcb251c4290da12e2405d2d3801
ef4f2c2bf7315c799eda06a33d7647a8e049de89dbe1e560f82d6391f8f73d90
ef87fa59546bb5ad91a463570a612f9a9655df735ff07b8e403f2e5bd0fde665
f13917f2786183153315686042db7d0a06d1a0ec4832f31cdf3676b10e57e7c8
f16399146601769922cb0971ff136ca92c40843bc9a6f32fe03b58ffdd3c38b8
f21636c62b89301b5e606d67575596580c179540f970b8ee442744d13305cba6
f5c5579ec0c8b516019f7e374171ad3fc1a467684e744714ec75d800607a3f02
f61a548a3fbc7228225be0ec92dea49a5b282d56884fa266496b9b92abe2c864
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fcfa6c4d7ec2b771b1df2404910700d7948fe24d98d5b007ddcf5d6a19ffb19b
fee71d69bb9b1d213e686a0403133dece40743310999f717ad5ec11025998532