urlscan.io logo urlscan.io
SecurityTrails logo

www.vielfliegertreff.de Open in urlscan Pro
185.152.233.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u21277559.ct.sendgrid.net/ls/click?upn=ZZyjexhbs3VsyAbJhzMg078FXhrbTJ4jS4Y8f77DZIRfR-2FAVdqJpoOxiKbhBOcC4H-2BbvYn3HRpQKevv...
Effective URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Submission: On December 13 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 6 countries across 38 domains to perform 154 HTTP transactions. The main IP is 185.152.233.4, located in Germany and belongs to NETDSIGN-AS, DE. The main domain is www.vielfliegertreff.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 10th 2023. Valid for: a year.
This is the only time www.vielfliegertreff.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.54 11377 (SENDGRID)
25 185.152.233.4 57537 (NETDSIGN-AS)
2 167.233.10.157 24940 (HETZNER-AS)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.56.202.187 16625 (AKAMAI-AS)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 52.211.10.80 16509 (AMAZON-02)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 184.30.16.195 16625 (AKAMAI-AS)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 212.237.244.233 205411 (BOREUS)
1 1 85.14.248.91 24961 (MYLOC-AS ...)
1 2600:9000:206... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2600:9000:249... 16509 (AMAZON-02)
1 185.89.211.12 29990 (ASN-APPNEX)
9 2a00:1450:400... 15169 (GOOGLE)
5 88.99.52.179 24940 (HETZNER-AS)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 23.32.185.35 16625 (AKAMAI-AS)
1 35.71.131.137 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 184.30.17.243 16625 (AKAMAI-AS)
1 2602:803:c003... 26667 (RUBICONPR...)
1 65.9.66.68 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 52.48.20.196 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 74.125.133.154 15169 (GOOGLE)
22 217.79.188.59 24961 (MYLOC-AS ...)
4 217.79.188.46 24961 (MYLOC-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
6 217.79.188.21 24961 (MYLOC-AS ...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 95.101.149.233 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
154 49
1    167.89.115.54 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u21277559.ct.sendgrid.net
25    185.152.233.4 (Germany)

ASN57537 (NETDSIGN-AS, DE)
www.vielfliegertreff.de
stats.vielfliegertreff.de
2    167.233.10.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.10.233.167.clients.your-server.de
cdn.netpoint-media.de
2    2a02:26f0:3500:299::1dae (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.justice.gov
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:4700:20::681a:305 (United States)

ASN13335 (CLOUDFLARENET, US)
adnz.co
xd.adnz.co
api.adnz.co
1    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
1    2a02:26f0:480:e::210:f10b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
functions.adnami.io
2    52.211.10.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-10-80.eu-west-1.compute.amazonaws.com
ups.xplosion.de
2    2606:4700:e0::ac40:620b (United States)

ASN13335 (CLOUDFLARENET, US)
ubn3k2x9bfd2yw3n3.ay.delivery
1    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    212.237.244.233 (Germany)

ASN205411 (BOREUS, DE)
PTR: fin-lamp-new.dns.boreus.de
financeads.net
www.financeads.net
1    85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    2600:9000:206f:d200:1c:9c14:f240:93a1 (United States)

ASN16509 (AMAZON-02, US)
banner.bluesummit.de
2    2606:4700:20::ac43:44e1 (United States)

ASN13335 (CLOUDFLARENET, US)
api.adnz.co
1    2a02:26f0:480:e::210:f110 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
macro.adnami.io
1    2600:9000:2490:9400:e:29d5:db00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.xplosion.de
1    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
9    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    88.99.52.179 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.179.52.99.88.clients.your-server.de
api.assertcom.de
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
at.teads.tv
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.48.20.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-20-196.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2607:f8b0:4009:817::2003 (Bolingbrook, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
bid.g.doubleclick.net
22    217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
4    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:3c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nzl.c.2mdn.net
3    2a02:26f0:480:f::213:7edc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
32 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 17335
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 65170
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 54473
156 KB
25 vielfliegertreff.de
www.vielfliegertreff.de
stats.vielfliegertreff.de
644 KB
17 googlesyndication.com
edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
109 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
542 KB
6 adnz.co
adnz.co — Cisco Umbrella Rank: 64294
xd.adnz.co — Cisco Umbrella Rank: 88226
api.adnz.co — Cisco Umbrella Rank: 69716
21 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
8 KB
5 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 11548
2 KB
5 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2324
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
16 KB
4 gstatic.com
csi.gstatic.com
396 B
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
136 KB
3 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1586
188 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r3---sn-4g5e6nzl.c.2mdn.net — Cisco Umbrella Rank: 661568
998 B
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
734 B
3 xplosion.de
ups.xplosion.de — Cisco Umbrella Rank: 20001
cdn.xplosion.de — Cisco Umbrella Rank: 30067
5 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4166
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
25 KB
2 financeads.net
financeads.net — Cisco Umbrella Rank: 236072
www.financeads.net — Cisco Umbrella Rank: 318434
819 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
65 KB
2 ay.delivery
ubn3k2x9bfd2yw3n3.ay.delivery — Cisco Umbrella Rank: 165246
54 KB
2 adnami.io
functions.adnami.io — Cisco Umbrella Rank: 33907
macro.adnami.io — Cisco Umbrella Rank: 12891
28 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
5 KB
2 justice.gov
www.justice.gov — Cisco Umbrella Rank: 68364
19 KB
2 netpoint-media.de
cdn.netpoint-media.de — Cisco Umbrella Rank: 63063
251 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
428 B
1 teads.tv
at.teads.tv — Cisco Umbrella Rank: 4890
346 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
575 B
1 bluesummit.de
banner.bluesummit.de
165 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11353
1 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
78 KB
1 sendgrid.net
u21277559.ct.sendgrid.net
319 B
0 a-mx.com Failed
id.a-mx.com Failed
154 38
Domain Requested by
23 www.vielfliegertreff.de www.vielfliegertreff.de
22 imagesrv.adition.com securepubads.g.doubleclick.net
www.vielfliegertreff.de
imagesrv.adition.com
9 securepubads.g.doubleclick.net cdn.netpoint-media.de
securepubads.g.doubleclick.net
www.vielfliegertreff.de
www.googletagservices.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.vielfliegertreff.de
edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
imasdk.googleapis.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
6 ad2.adfarm1.adition.com securepubads.g.doubleclick.net
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
5 api.assertcom.de ubn3k2x9bfd2yw3n3.ay.delivery
4 ad4.adfarm1.adition.com securepubads.g.doubleclick.net
ad4.adfarm1.adition.com
4 csi.gstatic.com imasdk.googleapis.com
4 gum.criteo.com 1 redirects cdn.netpoint-media.de
static.criteo.net
3 code.createjs.com imagesrv.adition.com
3 api.adnz.co adnz.co
2 eus.rubiconproject.com cdn.netpoint-media.de
eus.rubiconproject.com
2 r3---sn-4g5e6nzl.c.2mdn.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 imasdk.googleapis.com www.vielfliegertreff.de
2 fonts.googleapis.com edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
www.vielfliegertreff.de
2 oajs.openx.net 1 redirects
2 edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ad.yieldlab.net cdn.netpoint-media.de
2 script.4dex.io cdn.netpoint-media.de
script.4dex.io
2 xd.adnz.co adnz.co
xd.adnz.co
2 cdn.confiant-integrations.net cdn.netpoint-media.de
cdn.confiant-integrations.net
2 ubn3k2x9bfd2yw3n3.ay.delivery cdn.netpoint-media.de
2 ups.xplosion.de cdn.netpoint-media.de
cdn.xplosion.de
2 cdn.jsdelivr.net www.vielfliegertreff.de
cdn.netpoint-media.de
2 stats.vielfliegertreff.de www.vielfliegertreff.de
stats.vielfliegertreff.de
2 www.justice.gov www.vielfliegertreff.de
2 cdn.netpoint-media.de www.vielfliegertreff.de
cdn.netpoint-media.de
1 token.rubiconproject.com eus.rubiconproject.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.google.com tpc.googlesyndication.com
1 mug.criteo.com www.vielfliegertreff.de
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 fastlane.rubiconproject.com cdn.netpoint-media.de
1 match.adsrvr.org cdn.netpoint-media.de
1 at.teads.tv cdn.netpoint-media.de
1 ib.adnxs.com adnz.co
1 cdn.xplosion.de ups.xplosion.de
1 macro.adnami.io functions.adnami.io
1 banner.bluesummit.de www.vielfliegertreff.de
1 m.exactag.com 1 redirects
1 www.financeads.net 1 redirects
1 financeads.net 1 redirects
1 ads.pubmatic.com cdn.netpoint-media.de
1 functions.adnami.io cdn.netpoint-media.de
1 ads.rubiconproject.com cdn.netpoint-media.de
1 adnz.co cdn.netpoint-media.de
1 u21277559.ct.sendgrid.net 1 redirects
0 id.a-mx.com Failed cdn.netpoint-media.de
154 57

This site contains links to these domains. Also see Links.

Domain
www.justice.gov
financeads.net
www.themehouse.com
www.facebook.com
Subject Issuer Validity Valid
*.vielfliegertreff.de
Sectigo RSA Domain Validation Secure Server CA		 2023-01-10 -
2024-02-10		 a year crt.sh
*.netpoint-media.de
Thawte TLS RSA CA G1		 2023-09-25 -
2024-10-12		 a year crt.sh
www.justice.gov
GeoTrust RSA CA 2018		 2023-04-25 -
2024-04-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
functions.adnami.io
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.xplosion.de
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
ay.delivery
GTS CA 1P5		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
api.assertcom.de
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-11-14 -
2024-01-23		 2 months crt.sh

This page contains 19 frames:

Primary Page: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Frame ID: E8B046D158492D19C989F100DAEC2C12
Requests: 79 HTTP requests in this frame

Frame: https://xd.adnz.co/xdomain_cookie.html
Frame ID: 6C44E8F99F25388F05DC623FBD06368D
Requests: 1 HTTP requests in this frame

Frame: https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38B85EFAF41C3C3A0DBCAD66378484A6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.vielfliegertreff.de
Frame ID: 2EDC78036E8E09B11508098CE7501717
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55FD784C5FB49F65C68BBC31D678F7A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E5D9EF1EDF4C0ED2F3B0019B6F231B2
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: CC5023353A099669AA84A6E93D3CE2D7
Requests: 1 HTTP requests in this frame

Frame: https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5CEE78232E894776F0F9A69B35CA4DB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Frame ID: EF3961D1B57765D46CE1592FE06521F4
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwl8wiJXokN74U_HVSzVWZPM8ieKGHBzM38tjFXZi1j_hdrsd1vpRE6HyOBChFjT5PmfkC6c-pZATPZyH5cCkun2P0nIuHHuZWts_4CleBk0wZvuEh8S2hSbpvpyvAQAOUFwluSE_9ju12N-KqrlZStxC-FUjt37Cz8-rG4nsZAa04sEO8q6Jb7xqMLtGN0Xviba3X4U37feXHASP_NriJRmUPzj0d4PuTTE_apMgHnDYu8wncgpPTSyPQKW5sGbezRwNffNX0DzgQX32AaIPvTRkaKrx4gxSf4OI1H338LuLqXueWnHKh2agLFMPqhmMDNrrAoNfETGrxgHBglBMbKs3zqGaaC1lxT7fTQ_qkZK3ru70YV2_j-4NbB8NfVBu5bSLqeg&sai=AMfl-YRY5QLbilL8ctLj6BH1GSnKYoqAos-g6CCHb9CMsR0pQF7dm-cao2fBkKpUrUfwoSZ7Eq-EczcrSYYO73-r4AiffwSLgyGJAX1Q9t4bWi53fYh9p9yq0fMOOanqcakESRWUIc6bA1vEYaLivz-ngR2OI1z9XU7hRMHDEx0lWc4V7R8&sig=Cg0ArKJSzPZM5hrnE-ITEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C24C13665289259CFB2B0DFDB31E06F1
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDZNxmwAlRkc7igIcLx_LiYqWN_Ao1TVlHRoeSI9myHectCbfljvGeDtjI1B7kkc1ogAAccT4AQg4XFN2VbRcAWGHtKzKnD9XisjzcW2NkzAafpVhdIVyrmKUCN22-aT6oZvIUMlPF8lsNUFd6krNU9_6CAFM4WImT1GfVP8TrVIdf3NR_LrU3NXCPEoZ6zt6fiiL2HNlypWre7iiN4xxMQRMBDtNR2yk51ALZC7Egq-zjKFG8mJZUmhRxAKUNXiM7qYEKkYZVqkaq5o3chW_xYwjbz-eAb5PgkeJw7FSpqhXkKlZVrxFfVwoe1ogDUWw6-JtpOAZCSqInD2FDR3qUs3l1f1CmfdP077kOoKq3vCI2fJf8v6KVylfv9mx4QxoNvgNdKDT8T8Zp--42bQR9HSgoGquwQXn8tRQZ5UmJG19pE_o8r9c&sai=AMfl-YSF5f5DT5Ke-S2ROsuK7pmZSkzsD_7Cg_ZqSFeyCjB-5TM4sBKKsEUXilDt-2QPLwKIUj5WmYVKa1KOEeLqpI_crPkvJAPSsk6Kewvk2N9qFPnrH7ChTdYfhfZWtND9Wi0G-xlj3hky7AYPxrFvLVu9x6ksOyqgNfnlXWLcaBMqE-Q&sig=Cg0ArKJSzOqSyuwid-1oEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: EE323AFDD316E39109501B8281C83F12
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 160060D60DBD6B1C7EBE86A8A25B938F
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 27FA44EE11AE0E285900AAC6BE477041
Requests: 12 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 972AF60495E155E6B06FF5BB7633D179
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 10563A5278DBD0B404414163C22748DC
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: A1ADCD51CD4334314A51BA3878861537
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: BEA5B6351D98ACF736042CCCE0EC8CCE
Requests: 6 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/6846326/766/2x2?ts=1702439454022&type=h
Frame ID: DDD8D5E7DDCA3096183C3448F94F631D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8A5B3A70F09BDEA4830885ED30C3FC24
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WUPlus - Kostenloses Konto von Western Union | Vielfliegertreff

Page URL History Show full URLs

  1. https://u21277559.ct.sendgrid.net/ls/click?upn=ZZyjexhbs3VsyAbJhzMg078FXhrbTJ4jS4Y8f77DZIRfR-2FAVdqJpoOxiKbhBO... HTTP 302
    https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

154
Requests

96 %
HTTPS

50 %
IPv6

38
Domains

57
Subdomains

49
IPs

6
Countries

2688 kB
Transfer

6911 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u21277559.ct.sendgrid.net/ls/click?upn=ZZyjexhbs3VsyAbJhzMg078FXhrbTJ4jS4Y8f77DZIRfR-2FAVdqJpoOxiKbhBOcC4H-2BbvYn3HRpQKevvznW1sb518h2VLI6OxbocaDTR76FaDxWLxcKoj7hit5SCslV1P3Kw189QNeh7Z5zfvOj-2FNl9h9vC3x8RWEthD-2F5x1htn4-3D6PR__bfE8dbM3hH2xyXf9aupbo8gzeV-2F5IUnsUu7BSMWmX5ewKd-2FF1f999xBaq7YD4SBnQ-2F8pxGR8X28MVBLxiOSpx5vFBS6TKSGkS1Wv8W7DBllwgWJmpkBhM1k0pqBWbL9r8iuiRjmTMeHK-2BhAyvQwA8MbIqoKagJOXSbr7VKBzHWnKoZtRz8A1Ow9CC3-2FQfZ-2FNG-2BroEiB504vp8BHKMjdtB5QT89Pzq87Jmb6ZEVIylejSwwztpm6v0JVjnIBJVSh6xjTxD9Ynj36x2TkvUorIsp4Y-2BKBz7JI598DOgETs10tusP0H0lv6QHjamALLNujnqqtQYT2s6frBAWFqgYJzuyOTYxwGaboARAQnyShNok0aiRkMAHzi9O1l4ydEJgzpnK65usGm3FZhOZCPXNFyuw-3D-3D HTTP 302
    https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://financeads.net/tb.php?t=42196V14043641B&https=1 HTTP 301
  • https://www.financeads.net/tb.php?t=42196V14043641B&https=1 HTTP 302
  • https://m.exactag.com/ai.aspx?extProvId=73&extPu=amex-financeads&extLi=MultiCard&extCr=MultiCard&extSi=42196&url=https%3A%2F%2Fbanner.bluesummit.de%2FAmerican%2520Express%2FDE%2FMultiCard%2F300x250.gif HTTP 302
  • https://banner.bluesummit.de/American%20Express/DE/MultiCard/300x250.gif
Request Chain 70
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&rid=esp&cc=1
Request Chain 73
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=vielfliegertreff.de&sn=ChromeSyncframe&so=0&topUrl=www.vielfliegertreff.de&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=8Yo0OXxYS0dnK2c3eHRNUjlXYld3a3ZtYXQycldlRGtvUkJYa3UwNzRRcGd2TU1mbkVhdGRMekhQTmpPTnBya3VTZUd5OHU2ZTJ2WERiTm5NVjBEa29jU3haVHYyRmNWYjhLVllGcnpuQndpWU5QU1FBQ3BvNDJQUXZVWkZXaGRxaysvNFI1Yk1yNGJ1eXBRUXFOL2tpaEIwVlZjdWNOdkJzN1NEamgxRnl0bTZ2MTlKS2hjWUdZNE92RWk0V3FqNUsyU1VPSitkRWxrdCszSktPUWdaUm1ublkwaERERWo0bkdTcTQxK242Y3p3YlprTXRicFhhVnN3SnpaTnBzd1ZmSVZOVlNaVzV3WWQyK2F5OE4vakJOc3BSdUVORXdpbkQ5SWY2bmdrSWZNRTArTT18&cppv=2
Request Chain 110
  • https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/C7A0898DD6D50C74B0981441813080A1429DE31.67F11356254AEC25BB72A3E961463B663A693D55/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0630C954BC4FB8ED1F94F34BA3AFC5791A61FF74.0979329E77D5CC1F6F0F2C170040F7DCA92FB6AA/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:2b::7/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1702438919/mv/u/mvi/3/pl/43/file/file.mp4

154 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request page-9
www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/
Redirect Chain
  • https://u21277559.ct.sendgrid.net/ls/click?upn=ZZyjexhbs3VsyAbJhzMg078FXhrbTJ4jS4Y8f77DZIRfR-2FAVdqJpoOxiKbhBOcC4H-2BbvYn3HRpQKevvznW1sb518h2VLI6OxbocaDTR76FaDxWLxcKoj7hit5SCslV1P3Kw189QNeh7Z5zfvOj...
  • https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
124 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b0ac6ddfe92f83366e26e8468e31c457e559e0071a1ae1301cdb1fbcfa1bf9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
26283
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 03:50:52 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=500
Last-Modified
Wed, 13 Dec 2023 03:50:52 GMT
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
138
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 03:50:52 GMT
Location
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9#post-3980963
Server
nginx
X-Robots-Tag
noindex, nofollow
css.php
www.vielfliegertreff.de/forum/ 		312 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=3&l=3&d=1620757197&k=4ed3c46f6c44ac96c876cd1bc97354b40c087894
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
092ac9fb393995c71dfd03c2b192a45f84abf2c4f433178869dfa5e343c1fe3b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 18:19:57 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=499
Content-Length
61016
Expires
Thu, 12 Dec 2024 03:50:52 GMT
materialdesignicons-webfont.woff2
www.vielfliegertreff.de/forum/styles/vft/fonts/icons/material-icons/fonts/ 		312 KB
313 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/styles/vft/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=5.8.55
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Request headers

Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Origin
https://www.vielfliegertreff.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:52 GMT
Last-Modified
Fri, 05 Feb 2021 12:41:18 GMT
Server
Apache
ETag
"4e1f0-5ba9622f69780"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
319984
materialdesignicons.min.css
www.vielfliegertreff.de/forum/styles/vft/fonts/icons/material-icons/css/ 		263 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/styles/vft/fonts/icons/material-icons/css/materialdesignicons.min.css?d=1620757197
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:16 GMT
Server
Apache
ETag
"41c3a-5ba9622d81300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
43421
css.php
www.vielfliegertreff.de/forum/ 		179 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/css.php?css=public%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Ath_covers.less%2Cpublic%3Athxpress_xf.less%2Cpublic%3Auix.less%2Cpublic%3Auix_material.less%2Cpublic%3Auix_pro.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less&s=3&l=3&d=1620757197&k=9d44e69f1125192b3859f83ae91557d0f5f113ca
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c9c279343f830bf5a6730cc09ed55ec5c9a211c8669bc5fe0e8747994b1ee94a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 18:19:57 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=500
Content-Length
26700
Expires
Thu, 12 Dec 2024 03:50:52 GMT
preamble.min.js
www.vielfliegertreff.de/forum/js/xf/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/xf/preamble.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Apr 2021 18:17:49 GMT
Server
Apache
ETag
"c4a-5bf8e2e716d40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
1561
1249123.js
cdn.netpoint-media.de/ 		121 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.netpoint-media.de/1249123.js
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.10.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.10.233.167.clients.your-server.de
Software
nginx/1.22.0 (Ubuntu) /
Resource Hash
3163d8719e25e7c49adc3cad3f3068a2a69184ec083aff846ad3c9b1a06e90ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
gzip
last-modified
Tue, 12 Dec 2023 21:10:39 GMT
server
nginx/1.22.0 (Ubuntu)
etag
W/"6578cc4f-1e410"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
max-age=300, public
access-control-allow-credentials
true
cdn-s
2
expires
Wed, 13 Dec 2023 03:55:53 GMT
vielfliegertreff_logo.svg
www.vielfliegertreff.de/forum/styles/vft/vft/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vielfliegertreff.de/forum/styles/vft/vft/vielfliegertreff_logo.svg
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
1bd4442a90e67df15018b9766aa5028cbd59e976640ce96d6c7735ca3d9c6f54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:52 GMT
Last-Modified
Thu, 08 Apr 2021 14:05:21 GMT
Server
Apache
ETag
"1212-5bf7689b5ea40"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
4626
doj-seal-fb.jpg
www.justice.gov/sites/all/modules/features/doj_sharing/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justice.gov/sites/all/modules/features/doj_sharing/images/doj-seal-fb.jpg
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:299::1dae Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5e5d7f615cd4e185b62f06cab12926e6aabc3541792cd7d793f288893e1b47ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 31 Oct 2023 07:02:35 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=1209600
x-age
238164
accept-ranges
bytes
x-ah-environment
prod
content-length
18216
x-request-id
v-80ed1a70-8154-11ee-a058-0349a98411b2
x-cache-hits
12
favicon.ico
www.justice.gov/themes/custom/usdoj_uswds/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justice.gov/themes/custom/usdoj_uswds/favicon.ico
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:299::1dae Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9a45759a58d4d6f7105f20ecdf56613a1ddfaba25fc06512823e1cee5c64ea0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 25 Oct 2023 10:39:24 GMT
server
nginx
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=1209600
x-age
0
accept-ranges
bytes
x-ah-environment
prod
content-length
933
x-request-id
v-b4ad647c-743a-11ee-b160-f39aaf28dd91
jquery-3.5.1.min.js
www.vielfliegertreff.de/forum/js/vendor/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/vendor/jquery/jquery-3.5.1.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Apr 2021 18:17:49 GMT
Server
Apache
ETag
"15d84-5bf8e2e716d40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
30910
vendor-compiled.js
www.vielfliegertreff.de/forum/js/vendor/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/vendor/vendor-compiled.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Apr 2021 18:17:49 GMT
Server
Apache
ETag
"113ab-5bf8e2e716d40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
21176
core-compiled.js
www.vielfliegertreff.de/forum/js/xf/ 		218 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/xf/core-compiled.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ce0b4828d46b9a738e00e578337cab2c9340f58101c0a6ad65fef1e7d163d63e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Apr 2021 18:17:49 GMT
Server
Apache
ETag
"36734-5bf8e2e716d40-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
20210125.min.js
www.vielfliegertreff.de/forum/js/themehouse/global/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/global/20210125.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:14 GMT
Server
Apache
ETag
"2b29-5ba9622b98e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
3955
index.js
www.vielfliegertreff.de/forum/js/themehouse/covers/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/covers/index.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
7a2eed95a3cca45397acd2aa229c588ac2c3f792b70e7fee18eb07c27d704006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 15:12:40 GMT
Server
Apache
ETag
"3214-5ba70049c2a00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
2899
core.min.js
www.vielfliegertreff.de/forum/js/siropu/am/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/siropu/am/core.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
f165ff4946bc02ef9991ecc2cc1722e40007be0c697765a5214ece8b8710becf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Sat, 10 Apr 2021 20:49:02 GMT
Server
Apache
ETag
"22f5-5bfa46913cb80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
2879
notice.min.js
www.vielfliegertreff.de/forum/js/xf/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/xf/notice.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Apr 2021 18:17:49 GMT
Server
Apache
ETag
"101d-5bf8e2e716d40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
1759
defaultReaction.min.js
www.vielfliegertreff.de/forum/js/themehouse/reactplus/ 		1 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/reactplus/defaultReaction.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
2e4b29279885fe7563561f27b9da11ac677061a51b27c9dc5cf1a380373a6caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jan 2021 08:38:30 GMT
Server
Apache
ETag
"526-5b8aff2738d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
605
hiddenContent.min.js
www.vielfliegertreff.de/forum/js/themehouse/reactplus/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/reactplus/hiddenContent.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ac870c077252563ae60536570f2b3e172e7d28237dcd96243c9bb3c6a200fe96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jan 2021 08:38:30 GMT
Server
Apache
ETag
"628-5b8aff2738d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=497
Content-Length
694
ripple.min.js
www.vielfliegertreff.de/forum/js/themehouse/uix_pro/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/uix_pro/ripple.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:16 GMT
Server
Apache
ETag
"58c-5ba9622d81300-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
693
index.min.js
www.vielfliegertreff.de/forum/js/themehouse/uix_pro/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/uix_pro/index.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:16 GMT
Server
Apache
ETag
"2026-5ba9622d81300-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
2870
jquery.hoverIntent.min.js
www.vielfliegertreff.de/forum/js/themehouse/uix_pro/vendor/hover-intent/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/uix_pro/vendor/hover-intent/jquery.hoverIntent.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:16 GMT
Server
Apache
ETag
"8c4-5ba9622d81300-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=497
Content-Length
939
defer.min.js
www.vielfliegertreff.de/forum/js/themehouse/uix_pro/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/uix_pro/defer.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:14 GMT
Server
Apache
ETag
"4625-5ba9622b98e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=496
Content-Length
3973
deferNodesCollapse.min.js
www.vielfliegertreff.de/forum/js/themehouse/uix_pro/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/uix_pro/deferNodesCollapse.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:14 GMT
Server
Apache
ETag
"b62-5ba9622b98e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=497
Content-Length
1303
deferWidthToggle.min.js
www.vielfliegertreff.de/forum/js/themehouse/uix_pro/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vielfliegertreff.de/forum/js/themehouse/uix_pro/deferWidthToggle.min.js?_v=513a1529
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2021 12:41:14 GMT
Server
Apache
ETag
"94c-5ba9622b98e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=497
Content-Length
1062
piwik.js
stats.vielfliegertreff.de/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.vielfliegertreff.de/piwik.js
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Dec 2021 01:21:43 GMT
Server
Apache
ETag
"f93c-5d2c08bb4f7c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
20798
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
sprite_sheet_emojione.png
www.vielfliegertreff.de/forum/styles/default/xenforo/reactions/emojione/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vielfliegertreff.de/forum/styles/default/xenforo/reactions/emojione/sprite_sheet_emojione.png
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=3&l=3&d=1620757197&k=4ed3c46f6c44ac96c876cd1bc97354b40c087894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
da4f904df05d820628611d7b19738510a3eb1779064f82d4136568bafd272009

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/forum/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=3&l=3&d=1620757197&k=4ed3c46f6c44ac96c876cd1bc97354b40c087894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Last-Modified
Fri, 09 Apr 2021 18:17:49 GMT
Server
Apache
ETag
"1d13-5bf8e2e716d40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=497
Content-Length
7443
1f602.png
cdn.jsdelivr.net/joypixels/assets/6.0/png/unicode/64/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/joypixels/assets/6.0/png/unicode/64/1f602.png
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec164a14dc2a275fb375b27e591c0dd6cd0995ec277445ade8b83ee5c38e3a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1117283
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2988
x-served-by
cache-fra-eddf8230064-FRA
server
cloudflare
etag
W/"bac-JFyfDAIOYeakwrBnvQ/9rx2NkFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXgJjYVlKMjN%2F3SYSV%2B%2BoiY8tRIxDxfho7W9NcpGx%2BPkmMj0m6MEKmXEMsDkusbFw9rMCwID3D%2BjUsyzEMXgR3pZXnBx%2F9oT7GiZrhk0ZvPsu%2FfhP4TU0NXbMFk%2BBlNtWJPFECpqFGUXn3XwYgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
834b3ed5effe3665-FRA
semantiq-track.js
adnz.co/semantiq/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adnz.co/semantiq/semantiq-track.js?tenantId=3186,5580,5581
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f696578ecaa8bd188dd7e43707fe4253e6741939eb69d6a491b339379c18d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx0000064faca5a860c7d7b-0065792a1d-10d5faa-default
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 16:20:06 GMT
server
cloudflare
etag
W/"ad07d52292b6ed42412a5b05f14a943c"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY3LfgmiSdb9sGX2rkD92PBBf%2FUzrD1M02P7XV3%2FU4gmh5Zk4bTWSdPH3M4GhC%2F0YJHxhI1LpmNsFAS4AVxpTTNm3ggSyI0OCyS4UmK%2Bik0S1vOioxfBegqDoMFdQ4yqpvGUGBY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
, public
access-control-allow-credentials
true
cf-ray
834b3ed64da31e4d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
9623.js
ads.rubiconproject.com/header/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/header/9623.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
adsm.macro.vielfliegertreff.de.js
functions.adnami.io/api/macro/ 		34 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://functions.adnami.io/api/macro/adsm.macro.vielfliegertreff.de.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af1b6d29d22fef555ab63bae6d0d919a1908c65ee489cdc959dc2f8b091f4825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

request-context
appId=cid-v1:facaa1ec-d085-46dd-8784-a70b3579a97b
date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
br
cache-control
max-age=11546
content-length
5402
content-type
text/javascript
default.js
ups.xplosion.de/loader/90807/ 		867 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ups.xplosion.de/loader/90807/default.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.10.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-10-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8221b649320539c076f0327cda840236eecb6533f239cf79d5bbf56344a67dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:53 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
867
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"
forest.min.js
ubn3k2x9bfd2yw3n3.ay.delivery/forest/uBN3k2X9Bfd2yw3N3/js/bid/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubn3k2x9bfd2yw3n3.ay.delivery/forest/uBN3k2X9Bfd2yw3N3/js/bid/forest.min.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:620b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7279605c59cb41f7476bd08bb1dd25f3088cf74b8a8e47190d6046699d7c94c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 03:03:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
W/"65791f17-1569e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSyac%2F50j3SRVgBNBkMduhLYWisge1a3X0WDnHzNmlZOMs31DHd4EPWGmA4lbMM2rEZr64PhwRJ2j6yYgBTc8C0e14wq8xeqaJuoAO097%2BMD8CJe%2FwT2hyU%2FxgYsbFnYpbyAZtw53eD6YlGujooZaSZdYE7CviENDd24Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
834b3ed638f89159-FRA
alt-svc
h3=":443"; ma=86400
client-v2.js
ubn3k2x9bfd2yw3n3.ay.delivery/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:620b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9939ad43158d512c15a08b09dfd32b195ac085a276678d5996c4d2f7264ffd78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 20:57:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
887
etag
W/"65738352-16eb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr9jp4swyiODExHjnCjOMi%2ByB%2BMyx2yyCMfByg7rmuhd4cDLHZ%2BxWbwvEAoV1sa6nDH7WDrVHNo86rQvfgL5XzucLykQzcP3Hh2wxC1lvPA3P4PwXMSbUm5Lnv%2BJ8PfKKGWGPuhHau%2FY2nQmzbYBAqxHt59gSW%2Fb93z5SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cf-ray
834b3ed638f99159-FRA
alt-svc
h3=":443"; ma=86400
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162700/11702/ 		227 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162700/11702/pwt.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
44ab8bbed6f2b2d15f0913b7902f32130a3079db2dde908a833364fa2557a0ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 14:38:39 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=54882
accept-ranges
bytes
content-length
79510
expires
Wed, 13 Dec 2023 19:05:35 GMT
config.js
cdn.confiant-integrations.net/LXKJ0nitXhfw0KUSoE6GHImGl5Q/prebid/ 		91 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/LXKJ0nitXhfw0KUSoE6GHImGl5Q/prebid/config.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c230770973c3a8a476d8a17c8b1db4725f23c633dc1efb6e29752558281d39b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 20:45:08 GMT
server
cloudflare
x-amz-request-id
H0V9JCBSCV5XD6GC
age
167
etag
W/"251f54ba0991fc747be83b1613f763aa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
834b3ed66ca430ea-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xtGwT+CfrerwZ65nEaBG7SfLVrrKhvCAu4oTaHicYrJVqPyPNH9X8iIO/5knYsKlO1Y4oSbv+HXXtHBkEDPxKbTJFMyOYtC0vtvTcl8/VZw=
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bb087b62af8139de785426da0824076ffb3d97613625d12cbea25281f1690d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
300x250.gif
banner.bluesummit.de/American%20Express/DE/MultiCard/
Redirect Chain
  • https://financeads.net/tb.php?t=42196V14043641B&https=1
  • https://www.financeads.net/tb.php?t=42196V14043641B&https=1
  • https://m.exactag.com/ai.aspx?extProvId=73&extPu=amex-financeads&extLi=MultiCard&extCr=MultiCard&extSi=42196&url=https%3A%2F%2Fbanner.bluesummit.de%2FAmerican%2520Express%2FDE%2FMultiCard%2F300x250...
  • https://banner.bluesummit.de/American%20Express/DE/MultiCard/300x250.gif
164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.bluesummit.de/American%20Express/DE/MultiCard/300x250.gif
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Server
2600:9000:206f:d200:1c:9c14:f240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c51a4bbd141e8c2adb7c2decf8ab41e8954578135c7d1c66b06f7bd31a2788e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
date
Wed, 13 Dec 2023 03:50:54 GMT
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Tue, 12 May 2020 15:19:52 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
106
etag
"5ebabe98-29021"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=300, public
accept-ranges
bytes
content-length
167969
x-amz-cf-id
TMHw2SVId0gQxd1eNoKk7rT1037k-cPSknUKZqrhS3_D7yyyVNzGkw==
expires
Wed, 13 Dec 2023 03:54:08 GMT

Redirect headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 13 Dez 2023 03:50:53 GMT
X-ET-Code
0
Content-Type
text/html; charset=iso-8859-1
Location
https://banner.bluesummit.de/American%20Express/DE/MultiCard/300x250.gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1250
Expires
Mon, 26 Jul 1997 05:00:00 GMT
xdomain_cookie.js
xd.adnz.co/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xd.adnz.co/xdomain_cookie.js
Requested by
Host: adnz.co
URL: https://adnz.co/semantiq/semantiq-track.js?tenantId=3186,5580,5581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1afabdbc9ffd54173ee5d42ffafe4026965be1c28143570c7d32e6cfa46cdd7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000590be52153b1c21e-00656c55b4-11c6789-default
age
1762
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 03 Dec 2023 09:09:30 GMT
server
cloudflare
etag
W/"21a9dc60217182683a8388843f5a4c30"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrpWV9fbe0JcVOS0HvLVs%2FlWdZpRUIEOeJGP%2Bvunjn8XzhN6BL3pPSOjr3Ca2cPMMCHtCoov3wC1bsCfpu4UHJxgy4o1wiB8GJDYWRuUAj%2F646%2BWFG%2FY9O2c6mOPoh2fGqVLXw3Viik%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
834b3ed95f5d1e4d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
page-keywords
api.adnz.co/api/ws-semantiq/ 		221 B
876 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.adnz.co/api/ws-semantiq/page-keywords?tenantIds=3186,5580,5581&url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9
Requested by
Host: adnz.co
URL: https://adnz.co/semantiq/semantiq-track.js?tenantId=3186,5580,5581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec689cacb4362aca3394a8b58151b8b785465fb9a049303f7728e0937087f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-envoy-upstream-service-time
8
ratelimit-limit
100
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://www.vielfliegertreff.de
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvZLGfjg2I%2FnB5CSwkTLZqq9vv7aC9cIeymcrRWPTMRxGOxLJJaas25zJ2hXULWDyXrlglmnUT56R8VfAxYvYGxvK5aWUTc3Qvm2rRciZ4cJP%2BJiRxj47I1AORA6dU0iIk4W2ICi50ht"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-ray
834b3ed95ae5363c-FRA
ratelimit-remaining
99
expires
0
piwik.php
stats.vielfliegertreff.de/ 		0
239 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.vielfliegertreff.de/piwik.php?action_name=WUPlus%20-%20Kostenloses%20Konto%20von%20Western%20Union%20%7C%20Vielfliegertreff&idsite=1&rec=1&r=095071&h=4&m=50&s=53&url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&_id=bbe26ee6620ba1b1&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=wYq3O9&pf_net=77&pf_srv=151&pf_tfr=8&pf_dm1=651
Requested by
Host: stats.vielfliegertreff.de
URL: https://stats.vielfliegertreff.de/piwik.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.152.233.4 , Germany, ASN57537 (NETDSIGN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://www.vielfliegertreff.de
Date
Wed, 13 Dec 2023 03:50:53 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=499
adsm.macro.rmb.js
macro.adnami.io/macro/gen/ 		96 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by
Host: functions.adnami.io
URL: https://functions.adnami.io/api/macro/adsm.macro.vielfliegertreff.de.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f110 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58db861b69ddfad0545cde07a28222b95cf7e7d263b745d731f8d4cb9d6ab0fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
br
last-modified
Tue, 12 Dec 2023 12:23:10 GMT
content-md5
f9LAAdNIc86C1QIAjGhkcQ==
etag
0x8DBFB0D1AFA34B4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ba713e5c-201e-006f-4cf6-2cc8f1000000
cache-control
max-age=10648
x-ms-version
2009-09-19
content-length
23293
p.min.js
cdn.xplosion.de/adp/profiling/1.0.0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xplosion.de/adp/profiling/1.0.0/p.min.js
Requested by
Host: ups.xplosion.de
URL: https://ups.xplosion.de/loader/90807/default.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:9400:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f192b52f249f5c4fad0cf86aa4cb0cce6b55d6ec72f706eacf8bb5defb6d317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
lVWdVlgr0qFDIbVhvuXuxya2BcB5zCGX
content-encoding
gzip
via
1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
date
Wed, 13 Dec 2023 00:07:50 GMT
last-modified
Mon, 20 Nov 2023 13:45:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
76044
x-amz-server-side-encryption
AES256
etag
W/"0c81a4ff07585e457c47fc3a43e4c08b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
KDGAU8k-EH2P0DJe9jhcno8sEJ-JIqxlM0-AdeXuQ2YkZ_sm0dFwlw==
getuidj
ib.adnxs.com/ 		11 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: adnz.co
URL: https://adnz.co/semantiq/semantiq-track.js?tenantId=3186,5580,5581
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:53 GMT
an-x-request-uuid
c9bcf329-2b6b-498c-85ea-395c8347b675
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.35; 81.95.5.35; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
visitor-id
api.adnz.co/api/ws-convey/ 		20 B
638 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.adnz.co/api/ws-convey/visitor-id?url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9
Requested by
Host: adnz.co
URL: https://adnz.co/semantiq/semantiq-track.js?tenantId=3186,5580,5581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4e804089f0cc18437e100e62f907795c3771f7bb0152c36f480c8015ed1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="Not used"
x-envoy-upstream-service-time
6
ratelimit-limit
100
alt-svc
h3=":443"; ma=86400
content-length
20
pragma
no-cache
server
cloudflare
etag
-2032845478930561875
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHHGkA0ig7TopADVs9dm4EANbG1T%2BWmObnv3D2chZe1SG9whncmZX2AnxyO4N038aUguV2IdwZmvbeY9mRlHTDkoxZB3tMc9GV%2Bp8SRLzw0Bit7rmYLtnW5V5quK%2BU1MhyjL8l6SVbzW"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.vielfliegertreff.de
access-control-expose-headers
ETag, Authorization
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
834b3ed95f5c1e4d-FRA
ratelimit-remaining
99
expires
-1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
819f1ea405ba638b9af14d383ee7becca5922102f4e51cc6c7622817f4f44d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29428
x-xss-protection
0
server
cafe
etag
942 / 19704 / m202312060101 / config-hash: 6487957748488688722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 03:50:53 GMT
prebid8.js
cdn.netpoint-media.de/static/ 		549 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.netpoint-media.de/static/prebid8.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/1249123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.10.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.10.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6c167455c2c0630d0b560a2c9e7f747b366174d2e5c52af465147e88b9e5ba2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 19:15:56 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"654546ec-89510"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
max-age=14400, public
access-control-allow-credentials
true
cdn-s
11
expires
Wed, 13 Dec 2023 07:50:53 GMT
pageview
api.assertcom.de/ 		0
315 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/pageview
Requested by
Host: ubn3k2x9bfd2yw3n3.ay.delivery
URL: https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.52.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.179.52.99.88.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
wrap.js
cdn.confiant-integrations.net/prebid/202310231203/ 		146 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/prebid/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/LXKJ0nitXhfw0KUSoE6GHImGl5Q/prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce959d68ed1d0fdb66bcfd2fabfd1508148877d06f8df8e24c16239903612622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:08 GMT
server
cloudflare
x-amz-request-id
FBT1RCGKA1JAJHZ7
age
1297029
etag
W/"0ba7ed08f1a9164ce938d3ba5a6f533a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834b3ed98e5130ea-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Xjkoied057xjsFvxQ2Kd8I6rxJlHUU+SM1ymtLG9pl+CSjhGQ9xza85GGbyeEcTysxf3Xh2ekrY=
data
ups.xplosion.de/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ups.xplosion.de/data?title=WUPlus%20-%20Kostenloses%20Konto%20von%20Western%20Union%20%7C%20Vielfliegertreff&hostSiteUrl=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&userAgent=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&userLang=en-US&color=24&os=Win32&timezone=-1&screen=1200x1600&event_id=page_view&gdpr=&gdpr_policy=0&gdpr_consent=&gdpr_success=1&gdpr_path=d&gdpr_is_ifr=false&gdpr_cmp_loc_2=false&_rfs=1&_sid=90807&_ver=1.0.0&_seg=jsonp&_=926122780585
Requested by
Host: cdn.xplosion.de
URL: https://cdn.xplosion.de/adp/profiling/1.0.0/p.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.10.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-10-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a5bd4dc6b6ce4b5fd25f90bba75bf8d154c328d2df04fcb6cba0282a89a55187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:53 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
1303
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"
xdomain_cookie.html
xd.adnz.co/ Frame 6C44 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xd.adnz.co/xdomain_cookie.html
Requested by
Host: xd.adnz.co
URL: https://xd.adnz.co/xdomain_cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2717d6c9540ef58d7a2551925e8756b072e2a2efe80e6813b7f0319f5f5df9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=86400
cache-control
public
cf-cache-status
DYNAMIC
cf-ray
834b3eda1fd11e4d-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Dec 2023 03:50:53 GMT
last-modified
Tue, 12 Dec 2023 16:20:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiGVGJJf%2FilpY8GA%2B9P3lxFOjVXUWOeSh4Up%2BOvfHbGE2yey5VFrHSOkRGVDrFIiwbrh6EdpBWpuTytvpQBnlKm2tWF0dcc5grCjaZXhtfiJZGZJG%2BUwwGwaXkMGtO%2BrqAEtgG6Bim8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-request-id
tx0000018eb04cdf76528c1-0065792a1d-12dfa56-default
x-envoy-upstream-service-time
1
x-rgw-object-type
Normal
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.vielfliegertreff.de%2F&domain=www.vielfliegertreff.de&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vielfliegertreff.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 13 Dec 2023 03:50:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
208259
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42599
x-jsd-version
1.0.1902
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"634-TYzb/8jnowgM/pO+/pUXsjhGSAk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsNB8Io7VxtBdJuLOTBOE2w1e3MWoUGAqEhJvNrxaFoYKxa8eENj3Orsh%2BwLCa3jzhP1NiLqQ19Qh3ox%2FKimkrlBqQj4sOK98Os7Ymn5KIny0CdcRPXuZMXdqW6snwqMHDwwo2uaKqAOY%2BNY358%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
834b3eda8eb465ce-FRA
/
id.a-mx.com/sync/ 		0
0
json
gum.criteo.com/sid/ 		2 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.vielfliegertreff.de%2F&domain=www.vielfliegertreff.de&cw=1&lsw=1
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
213722
expires
0
fpc
at.teads.tv/ 		0
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_7923&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.vielfliegertreff.de
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 13 Dec 2023 03:50:53 GMT
rid
match.adsrvr.org/track/ 		63 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=oztgoii&fmt=json
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
92d75626ed8623a9142dcd4e85698452e57eaa23ea880af67818f00212f19e3d

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 13 Dec 2023 03:50:53 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 12 Jan 2024 03:50:53 GMT
localstore.js
script.4dex.io/ 		483 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1370165
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvV19PSnbrAMOVSW9Z3rOyyEnOJAyvdL9RpAMBiWHJBEBomVwIIlcK5pDEz%2FYZUBxI%2F06PMGww70mXkUJSLyInRm5ZMb%2F28l6ryY7YbjcOJUVXn%2FKtGepVSpHqeO8fKN4uth066nBV0W%2BR4g"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
834b3edabe5e39ee-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
432 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:14:16 GMT
x-content-type-options
nosniff
age
52597
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
441821
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 13:14:16 GMT
5207511,5207515
ad.yieldlab.net/yp/ 		2 B
685 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/yp/5207511,5207515?ts=1702439453931&json=true&t=bannertyp%3Dhalfpage%2Clayer%2Cstandards%2Cfloor-ad&ids=&atypes=&schain=1.0,1!netpoint-media.de,3386431,1,,,,&pubref=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&sizes=5207511%3A970x250%7C800x250%7C728x90%2C5207515%3A300x600%7C300x250
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.vielfliegertreff.de
Content-Language
de-DE
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
22
Expires
Tue, 12 Dec 2023 03:50:53 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		510 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9623&site_id=335120&zone_id=1762358&size_id=2%3B15&alt_size_ids=57%2C125%3B10&rp_schain=1.0,1!netpoint-media.de,3386431,1,,,&rf=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&tg_i.domain=vielfliegertreff.de&tg_i.page=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&tk_flint=pbjs_lite_v8.22.0&x_source.tid=4ecb1d44-f123-4d60-8812-5922e44b72cd&l_pb_bid_id=5743dde755d26f%3B6be54637f6c91&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=26fb10c6-d42e-4ba2-a6b8-aee7d706c114%3B6afc6a54-5075-4f12-bc2b-266ac666158f&rp_maxbids=1&slots=2&rand=0.13073801019677767
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a2b90522db2902fd5c3942ade56a8c692ee449b1f8a4f6dfc2e4efc7eff43ac

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:53 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1302306
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQbnRwOSsxE8RaWsKfuI%2B%2F%2B0TzOETFpvb0GguLniFJuc4QTbuIjz4zRigj6WtZY0adlCc02aAD29h2SL8mJoMGi%2Bjkk2vSGIavECrVdx5jKyS1GT9wfX9nHs%2BgS8NEFjQ7NraA0tzFOhV1U%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
834b3edb3b3465c4-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:16:06 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
84889
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
0_KLO954iOoUMEASA77mA_BAtF6DUAmwjzRVEp9iOspSOupT0KHp6w==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
7f2ad286a7da7335f2277dcc5eec424c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Dec 2023 03:50:54 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
6527
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
834b3edbaad02c6b-FRA
expires
Sat, 16 Dec 2023 03:50:54 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:27:07 GMT
content-encoding
gzip
age
552227
x-guploader-uploadid
ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:27:07 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		125 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1379980542247865&correlator=4066202780988514&eid=31077976%2C31080079%2C31080123%2C44807689%2C44777900%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21807001401%3A3386431%2Cvielfliegertreff.de%2C6694575_oop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702439453982&lmt=1702439452&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=1771&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=979318565.1702439454&ga_sid=1702439454&ga_hid=860441356&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYm4qyisYxSABSAghkEhsKDDMzYWNyb3NzLmNvbRibirKKxjFIAFICCGQSFwoIcnRiaG91c2UYm4qyisYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJuKsorGMUgAUgIIZBIUCgVvcGVueBibirKKxjFIAFICCGQ.&dlt=1702439452900&idt=1043&cust_params=dvc%3Dd%26keywords%3D%252Cwuplus%252C-%252Ckostenloses%252Ckonto%252Cvon%252Cwestern%252Cunion%26sw%3D500%252C600%252C700%252C800%252C900%252C1000%252C1100%252C1200%252C1300%252C1400%252C1500%252C1600&adks=1360978947&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc6b267d43cd574a4d300cc3f95b4af254a5633808a4ef9a32f6e1302486a370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34154
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 03:50:54 GMT
expires
Thu, 12 Dec 2024 03:50:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 23:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
14168
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13835
x-xss-protection
0
server
cafe
etag
9174524701941205614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 23:54:45 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e85df7c29bf6287435597c14d5b1db9ad6745c789960710769e2817b0a2ceacf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-NgWcU4VsKBrtU4PiDjVPf6MHA3Q"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vielfliegertreff.de
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 13 Dec 2023 03:50:54 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.vielfliegertreff.de
location
/esp?url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		60 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.20.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-20-196.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
41b0355d6212f9f12f2a088df119d929c80bd90e244fbe6dbd6f98df4887b095

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-cache
x-server
10.45.11.54
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame 2EDC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.vielfliegertreff.de
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 03:50:53 GMT
server
Kestrel
server-processing-duration-in-ticks
335129
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame 2EDC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=vielfliegertreff.de&sn=ChromeSyncframe&so=0&topUrl=www.vielfliegertreff.de&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=8Yo0OXxYS0dnK2c3eHRNUjlXYld3a3ZtYXQycldlRGtvUkJYa3UwNzRRcGd2TU1mbkVhdGRMekhQTmpPTnBya3VTZUd5OHU2ZTJ2WERiTm5NVjBEa29jU3haVHYyRmNWYjhLVllGcnpuQndpWU5QU1FBQ3BvNDJQUXZVWk...
460 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8Yo0OXxYS0dnK2c3eHRNUjlXYld3a3ZtYXQycldlRGtvUkJYa3UwNzRRcGd2TU1mbkVhdGRMekhQTmpPTnBya3VTZUd5OHU2ZTJ2WERiTm5NVjBEa29jU3haVHYyRmNWYjhLVllGcnpuQndpWU5QU1FBQ3BvNDJQUXZVWkZXaGRxaysvNFI1Yk1yNGJ1eXBRUXFOL2tpaEIwVlZjdWNOdkJzN1NEamgxRnl0bTZ2MTlKS2hjWUdZNE92RWk0V3FqNUsyU1VPSitkRWxrdCszSktPUWdaUm1ublkwaERERWo0bkdTcTQxK242Y3p3YlprTXRicFhhVnN3SnpaTnBzd1ZmSVZOVlNaVzV3WWQyK2F5OE4vakJOc3BSdUVORXdpbkQ5SWY2bmdrSWZNRTArTT18&cppv=2
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bed63ff52bf12e30f9159456a22d07325f2093d907f15d8d646554bd8db64342
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1597033
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=8Yo0OXxYS0dnK2c3eHRNUjlXYld3a3ZtYXQycldlRGtvUkJYa3UwNzRRcGd2TU1mbkVhdGRMekhQTmpPTnBya3VTZUd5OHU2ZTJ2WERiTm5NVjBEa29jU3haVHYyRmNWYjhLVllGcnpuQndpWU5QU1FBQ3BvNDJQUXZVWkZXaGRxaysvNFI1Yk1yNGJ1eXBRUXFOL2tpaEIwVlZjdWNOdkJzN1NEamgxRnl0bTZ2MTlKS2hjWUdZNE92RWk0V3FqNUsyU1VPSitkRWxrdCszSktPUWdaUm1ublkwaERERWo0bkdTcTQxK242Y3p3YlprTXRicFhhVnN3SnpaTnBzd1ZmSVZOVlNaVzV3WWQyK2F5OE4vakJOc3BSdUVORXdpbkQ5SWY2bmdrSWZNRTArTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
325511
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
118e50d67acff5bf3e6d2e1dce3031f7d1e6a46ecf782788c60a1aff0857e869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12237
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 03:50:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55FD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
28125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 20:02:09 GMT
expires
Wed, 11 Dec 2024 20:02:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1E5D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c5c229908cd5b6717ed2f02c697b1e0b3af1862cfb6ce72010f623a7bf49abda
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w24juWiPCcAaOER-sPFdsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-w24juWiPCcAaOER-sPFdsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 03:50:54 GMT
expires
Wed, 13 Dec 2023 03:50:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 55FD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
48210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 14:27:24 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1379980542247865&correlator=855217198047182&eid=31077976%2C31080079%2C31080123%2C44807689%2C44777900%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21807001401%3A3386431%2Cvielfliegertreff.de%2C6549825_728x90%2C6549827_300x250&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=728x90%7C800x250%7C900x300%7C970x90%7C970x250%2C120x600%7C160x600%7C300x250%7C300x600&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702439454326&lmt=1702439452&adxs=200%2C1265&adys=449%2C605&biw=1600&bih=1200&scr_x=0&scr_y=1771&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.vielfliegertreff.de%2Fforum%2Fthreads%2Fwuplus-kostenloses-konto-von-western-union.151255%2Fpage-9%23post-3980963&vis=1&psz=1200x18%7C120x18&msz=1200x0%7C120x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=979318565.1702439454&ga_sid=1702439454&ga_hid=860441356&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYm4qyisYxSABSAghkEhsKDDMzYWNyb3NzLmNvbRibirKKxjFIAFICCGQSFwoIcnRiaG91c2UYi4uyisYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJuKsorGMUgAUgIIZBIUCgVvcGVueBibirKKxjFIAFICCGQ.&dlt=1702439452900&idt=1043&ppid=0000002032845478930561875-gqyoei&prev_scp=npAdcuid%3D6549825%26Whitelists%3D54680%2C54731%2C54679%2C52944%26Channel%3Dbusiness%2Creise%2520%2526%2520wetter%2Cnetpoint-rotation%2Ctdu%2520-%2520rotation%2Ctdu%2520-%2520reise%2Ctdu%2520-%2520wirtschaft%2Ctdu%2520-%2520b2b%2Ctdu%2520-%2520produkt-%2520und%2520dienstleistungssuche%2Cbusiness%2520%2526%2520news%26main_size%3D728x90%26bannertyp%3Dlayer%2Cbillboard%2Cwallpaper%2Cstandards%2Cfloor-ad%2Cbillboard970%26a_wallpaper_type%3D728x90%26Blacklists%3D%2C47226%2C%2C%2C53702%26gam%3D6549825%2C%252Fvielfliegertreff.de%252F6549825_728x90%2C728%252C90%252C800%252C250%252C900%252C300%252C970%252C90%252C970%252C250%2Cnpm_6549825%2C6549825%2Cvie_rotation_728x90%26viewability%3D50%26adnami%3Dtsd%252Cfs%252Cis%7CnpAdcuid%3D6549827%26Whitelists%3D54680%2C54731%2C54679%2C52944%26Channel%3Dbusiness%2Creise%2520%2526%2520wetter%2Cnetpoint-rotation%2Ctdu%2520-%2520rotation%2Ctdu%2520-%2520reise%2Ctdu%2520-%2520wirtschaft%2Ctdu%2520-%2520b2b%2Ctdu%2520-%2520produkt-%2520und%2520dienstleistungssuche%2Cbusiness%2520%2526%2520news%26main_size%3D300x250%26bannertyp%3Dhalfpage%2Clayer%2Cstandards%2Cfloor-ad%26Blacklists%3D%2C47226%2C%2C%2C53702%26gam%3D6549827%2C%252Fvielfliegertreff.de%252F6549827_300x250%2C120%252C600%252C160%252C600%252C300%252C250%252C300%252C600%2Cnpm_6549827%2C6549827%2Cvie_rotation_300x250%26viewability%3D60&cust_params=dvc%3Dd%26keywords%3D%252Cwuplus%252C-%252Ckostenloses%252Ckonto%252Cvon%252Cwestern%252Cunion%26sw%3D500%252C600%252C700%252C800%252C900%252C1000%252C1100%252C1200%252C1300%252C1400%252C1500%252C1600%26iab%3D52%26ctx_segment%3DS203%252CS485%252CS486%252CS636%26sentiment%3Dpositive&adks=3154613594%2C694314661&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61c6858fad7370e7f7044a2f98fa4fb133a2bac6463beee3c82c799b5961c618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16724
x-xss-protection
0
google-lineitem-id
6419668996,6385892542
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138456128854,138447909472
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1E5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1379980542247865&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
pd
google-bidout-d.openx.net/w/1.0/ Frame CC50 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 13 Dec 2023 03:50:54 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
generate_204
tpc.googlesyndication.com/ Frame 55FD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WwCIMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 03:50:54 GMT
expires
Thu, 12 Dec 2024 03:50:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
api.assertcom.de/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: ubn3k2x9bfd2yw3n3.ay.delivery
URL: https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.52.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.179.52.99.88.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
css2
fonts.googleapis.com/ Frame D5CE 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
URL: https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 03:41:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 03:50:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EF39 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
50498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 13:49:16 GMT
css
fonts.googleapis.com/ Frame EF39 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 03:35:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 03:50:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EF39 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:05:54 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EF39 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 13:38:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EF39 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
50499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 13:49:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D5CE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
URL: https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 02:25:36 GMT
csi
csi.gstatic.com/ Frame EF39 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq38hu8u&c=8634022183268&slotId=4317011091634&qqid=CNe0opfBi4MDFZ0qVQgdOp8BzA&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:817::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF39 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CbEt5Hip5ZdetAZ3V1PIPur6G4Az1jcWSb-rg64DOELOx9P0IEAEg49CZc2CVwqWCsAegAcjHtfICyAEFqAMByAObBKoEkAJP0NKJ91p2BaMnOqhJBHlKnTVQvjvqarZAdpqZEq4cAjkBv4CvkvgqNcrgSNPkmXzNqeS-33a3-wtLoLqy0CSLxkGQ6C_QYmjeifOO-oSVRp0whk3jUyz-J2mpUnWuEyxu3k1oKV867tsbRDE1MUkpJgiDjIg8RCN97tgOuT2R8zdjGZF6dcJCuyxFbn0v0RdsJzCnegHM6YbKIqEb3Yo9VMgVtTkLdTAoezf_PtbDfVN1NfEXxD0lNEPBhouREbtoaYZN_H5IaVzvdfLB9vnquEDfl5uDm_h15tMh6W2Y7vbYoIosxvg-vsENsPZZnEqExmE2T__-NQJ73bAq89N1xVZ1QKoSXxM89fpSSfGYiMAE1_7t7ZQE4AQDiAXSjfuhQ5AGAaAGToAHoLjKjQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljjoaGXwYuDA_IIG2FkeC1zdWJzeW4tMjcyNTY0NjcxNDI3MjQwNYAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRF4g0TCM7NoZfBi4MDFZ0qVQgdOp8BzLAT4e74FdATANgTDIgUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1702439454566&ai=CbEt5Hip5ZdetAZ3V1PIPur6G4Az1jcWSb-rg64DOELOx9P0IEAEg49CZc2CVwqWCsAegAcjHtfICyAEFqAMByAObBKoEkAJP0NKJ91p2BaMnOqhJBHlKnTVQvjvqarZAdpqZEq4cAjkBv4CvkvgqNcrgSNPkmXzNqeS-33a3-wtLoLqy0CSLxkGQ6C_QYmjeifOO-oSVRp0whk3jUyz-J2mpUnWuEyxu3k1oKV867tsbRDE1MUkpJgiDjIg8RCN97tgOuT2R8zdjGZF6dcJCuyxFbn0v0RdsJzCnegHM6YbKIqEb3Yo9VMgVtTkLdTAoezf_PtbDfVN1NfEXxD0lNEPBhouREbtoaYZN_H5IaVzvdfLB9vnquEDfl5uDm_h15tMh6W2Y7vbYoIosxvg-vsENsPZZnEqExmE2T__-NQJ73bAq89N1xVZ1QKoSXxM89fpSSfGYiMAE1_7t7ZQE4AQDiAXSjfuhQ5AGAaAGToAHoLjKjQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljjoaGXwYuDA_IIG2FkeC1zdWJzeW4tMjcyNTY0NjcxNDI3MjQwNYAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRF4g0TCM7NoZfBi4MDFZ0qVQgdOp8BzLAT4e74FdATANgTDIgUAdgUAdAVAfgWAYAXAQ
Requested by
Host: edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
URL: https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EF39 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq38hu93&c=8634022183268&slotId=4317011091634&qqid=CNe0opfBi4MDFZ0qVQgdOp8BzA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.gg&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:817::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame EF39 		30 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BACtqmegd7s1lAOdboSuDE6xjLtpwl_TdacIvaMyqUY5BpKJWy7RwADslluXyl03XuDYtUiZmLgDHn_E49CiQ803BT-Q&cry=1&dbm_d=AKAmf-A5eCTLg6FXFHIP0xWKObZCPojtZI5uOMEbNC-9Ji9wqy_GgTaRmkDwIA1kDZdvohzRp4NbuiTCy2Z9AJ4eeCVztLp_op1el_F2gzwiSN8Xet9DBpmCcI1goJTnC0bMboBUcLuFn-CIbayYoc5-Hs6wl4LzJxwaIJKVu-sXAFVo_3RkdByIt6PRWiL2m1YBmJNdYdybS83uMayGQuimuXq7U-bbcpC3n6HpptOIoAfBOUSqQySmvyHa-b6gLJZrCNtWNwYWfCNtuBk0KJd-2ORLvhTif-VohR5vbk07mOXVqgvrmxlE2Bc4jPNp9iwU5Sc5uOoNpugxA12AJiPD3K3JPz1KKj3rVAMDXUH-DWjqzY_HE9rC7zojH39PVjcP-x1YNywbrUUtGouDefBHqnRhhsdvxrNZnFKtXp2IgPDGtPjELY1sxVL2_fkiUH8MsIn0VftHITIEXJInImbnr0kBphSye3Nym62s4y-Z2zkQ3oRlb8DqAcKJL3L5gFQqKd4XSOgQWY0iusxIU30U_pRkE3kNf0Lr1JQEUt92xH-TcJRZn2GcmmGZ0Fz973pZGekzxo8Odwvc_BxqTCX8IOX-RGOYhfKuXz7tOLfLqrSRt0iEjKqkKQa5DS7pjpItotLn0_q39uqiINupHl2FQKF4YjzF-z2rHWFDyhh3TcO0CzcP4DOqOZiwJcbLzEwYcLQK4zMT_wDUNVwunjzDj5iBAFPxXpBU6GYvyrBRDxtaQI5Fm5HDTOdhjnNyZ2NoVs7UYH_OA0T9mU5azMaNHc7i_yfXOiO6nh5Mw-luPYCSt_XFfLprbv2_52CTtEt6QaQRluBXRqd_Pxtq-l_Tk_iBiMB6M7KCW-v97dleINIk3oqbH5OanLgR8NE_NhrIbK3BTCYldkcgSa42ZNqHLNilbkv1dzPru6XIiemMB8cfBTchlln8lb0FNCqmWazseOLt8XTOdME-PGU_P-9CU6bPiCYY1X0VHEh_ClYM3DYh5HyYKUGTKZ0IpjVTohX1p3wmXLYHhzPP9ExxOZyiUHqxwGS7kc25SgsHa0reqtCfpPpVzJuI5GfWs-meKlJWo4udoWlHOwOSNpo7TpR9qh8mRC0OEpd1QmH8Zalm01WGV7tq8k8srbgo9PYTVw7v4Pxe8xIjP5nIaIr9iZrixQ3NNPTVz6hkpHCr3PGwVrROUS3nbqCgJDqVOBDOYSMVRqtTvKOSsLYv2NJZFYX0X0GUp5WNDUUlhaQ3tmAflR-8xSQxLY5EtWaIfpT-yLIrc2rNGrj8ppa-K8gV2B-McQoV_ayaPqTQ6i2629wBReFD0PRW78nBcU8qiyisAsFG50VzJVkxlI6zZBgMCqMG26nyQD28qvMFspNIaPafT0d7BH6FWt26m5q2Q1cVtXGpVa8-LBupL39V1K5Ej_Zd2c1-CPjBRYjemp_K_Djp-8r8lSXWFBksa04v-UeXCllFB7_jkX2QzOdWy2DSKD-N8OiI7pebF_2dJMXFd_xYRozBnSbSpQX59KAgwSm4v2r66OSgEageR43LtSzE8LOR05IzXF8gMmucvH_9ygi8Y85iB78ZJ-VeStVZ79t8dk3VKlFPHoVl41sOoxf4dfU8ptLisMrz1UpirlC9Dqly5Harom3NoCVjZGkJKgzQUwDOHqZqXwwqpQz9ZJ7Euh3XBFNoZGlOfEl55mIbYhw2K5C99z6es-KEpxUFd-nE7MPnfH0QK261k5rZil-zilyOrjD4OmC32UZ8-kCX89GgRUkC6Uh33vumbcqMxn1bakgvCPYfYXfu3gLCs06O_vRuC7Ok_ACmwL1S9pWBBYFHzyBHdnt0mB270kPuP9hqoUHomqT74tdamhTC-yYE22Qd2ODBvFZSj7xCp3XUjBC9WMpBGmo-mABkkQJdoZfoiPwBgZ-h2u7dF0mN96MinpVpn8l0Q4_1aEC_gASlf6lHzC7on_4nT9OytqmubOyuTOSnQlr_6kUpJqlE4ardHeIKI_SQpRkKDZh39vPgdAQcohX7Sw9p4Kn1fufbgFtGobTy-u3tKJqrUBqiAFHL4f1nqsHPhwXHlHGZoFEVuOtDJUVt9rWDPKwujKCZ8M3mBYc018Bu7os-g2T_V3ywJ_2X5ibE84S42dJ1SdSYYXXuvD_ohDy8v6oRwTSE8rXUS8dhiTIcBYxZMyLhU3zGgCaqgxh4RptIjrg-ZsFAXfVNoqEtEAZRKEFZDtWYY6xLJm3U08rWhyNcz48N_EXhvfqyNWxxBPbEaKGauUAu-DsckVbCHFU9utlWBeO8dWIgCYrfP3kjy7BqJqziQzgnjykByprXSEDLbgvK_p0pS6ViL1W4vvjhpRZxmWeBTzi7mv2GJTnL3_A8vd2bpLpdNC3DXSNgjfKvR5ZovI8B2T2TaMnJJNb031e9K6uwcxP9ITjk_blBeVfGlD2Zibb2f3j2Smjd5ZQVvlUYiCLw1R8bKqNLAJsqskk8JpxTuChSJnPBsDL0-2MZSzZQbgqLj1StqudFVDYhZOM6t9s1q--I8vttwW1JThNk1KPtlZLp3TR-qHepWAYUBSQI2nJbWk1ZuaqcZK78MAqwJGHxB1A9dx7oO6jHkZvxPShw_CfQR04oY0chm43d75q-vORVW3dwQCBngGATb_q_fbLQHVz1ucvYK7y45tCLuHaHMlq3BV4oTxgHzIOhvNqzuG-0kx2bCF18UOYGvueq5A48MT7roXk7XXnenJYsah5Xc42kqw0vzJPJc7zaI0MfeVQANMetXwRFQiHOwLWqPvcWTsHOXfOZOVBX2YvqHz-PMZJIPI53jIBcX5kjA9RvrQZMHRSHK2T_VkwhtyustRbrmmrR3ZL8__Fyp5nTmXNkA-6k2vpZoSROnszNoVL5P6KGZb6kNZP5YRfpQk2K2EYk8mj2zc9SfJIjj9Q0K2_GT4amY77DqiWzvRVeDStIGUR17VgSJKoK10vBAKvzbNe4T9dsr7dl-i4RqpZQKUza3-NeUstgCNc2i5N53YQksstsiRF7Iwxu5qvHC7IqpoRDEUSCiZH0zpp8aGWt1pZjVnT4SareixpRWclQNkjLFyjy95yBZwbKA0PRsZ38UmMDOslj5UR4aduJ_3rZlh3daBmx6JvyxXFSlbaColt2hHP10-3t8oYvewEJOha-yLvoiVqwArlQj6qRxJtbuLFrxhsmSt5HEi6z5DUAYxHyb-RLVPHAMjkGCrUSQqCLQPiuS9gTu2zlUfIjucGb1wqzpU7RkKpKDsh_Qy4Hxg7oDSFxj972wnnUkUhy5OQu-Bhj8zMu5pO8R2z4H5MtOfijHvF4PihtsouwZfUdMnlUGK9bIpkhbZHQz2pTUxqEb7hVuak1aTgB6xTrv4EU6j9qV0YFES1W_GqcOg84M4qCv3u3WKy0ZW3mREQZF1bB9j7kHy_Nx-o6QLGNAgmksbPAk9U1-7ltzvNVDPb-lmx5SG7CpCb3cmqiLjrw2e_3pNcSV1ZixUcWId71tUH_oF10jJGuBfvV-AfvNUdm29rgob5_bbpQwOugrjfvCVhJ3HM_vAnynUN7aQev-nLy1518VhGfY5GNDvj4Tma_qMbmDQxcb8Gc1NhCxrDqdlEaKdU9xkG4iM_Puudp5iNvq60yZnzfwevO5cV10rBRbcBPQTYvEuUP0Iyc04LgOtFGEwu-7ZLuLAHABRNjA7_JyvxIwn7r1oc6-Ecw1NznyQ2HtIOKJxf0lXi6_RaY6dDH4UFFlFBkdq5LrBEgl2UHuSWzOGYennRsDBIonPtWhZwhNnFC__zL1uayGmnZzd7E1lkzmXLegEOIJ4YCVGDj4V2B_muVYqJzcySdYsamjYcnutyYEVAr9gHWRGfbndkWBOKyh7nXx0JGilLyJE39_vVwefAmHyq4Gki_y6ZcSI49nV-95Efx8vUPhrI8dYF4CTd3dAO4sCBgkYJr8k1w0X3mH02lBBIgc2PQKMsYqznIkeQViXmVODNELpnd8Q&cid=CAQSTwDICaaNGQBJ4fF2pGghLX8XKxcMfIYnoK6-VIheHFk7_8aI2ddfbZc_vw22_Wed6kBSLLMU3_Td_l2Eyd_eD5XmGlUD5WB5zjSZ5nIvU7gYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
cafe /
Resource Hash
1adfdffde1a54d4f0977518141e50977b6edb2e3259ce219dcec60ac8686c228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17416
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
error
api.assertcom.de/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error
Requested by
Host: ubn3k2x9bfd2yw3n3.ay.delivery
URL: https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.52.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.179.52.99.88.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C24C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwl8wiJXokN74U_HVSzVWZPM8ieKGHBzM38tjFXZi1j_hdrsd1vpRE6HyOBChFjT5PmfkC6c-pZATPZyH5cCkun2P0nIuHHuZWts_4CleBk0wZvuEh8S2hSbpvpyvAQAOUFwluSE_9ju12N-KqrlZStxC-FUjt37Cz8-rG4nsZAa04sEO8q6Jb7xqMLtGN0Xviba3X4U37feXHASP_NriJRmUPzj0d4PuTTE_apMgHnDYu8wncgpPTSyPQKW5sGbezRwNffNX0DzgQX32AaIPvTRkaKrx4gxSf4OI1H338LuLqXueWnHKh2agLFMPqhmMDNrrAoNfETGrxgHBglBMbKs3zqGaaC1lxT7fTQ_qkZK3ru70YV2_j-4NbB8NfVBu5bSLqeg&sai=AMfl-YRY5QLbilL8ctLj6BH1GSnKYoqAos-g6CCHb9CMsR0pQF7dm-cao2fBkKpUrUfwoSZ7Eq-EczcrSYYO73-r4AiffwSLgyGJAX1Q9t4bWi53fYh9p9yq0fMOOanqcakESRWUIc6bA1vEYaLivz-ngR2OI1z9XU7hRMHDEx0lWc4V7R8&sig=Cg0ArKJSzPZM5hrnE-ITEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adition.js
imagesrv.adition.com/js/ Frame C24C 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:00:03 GMT
etag
"3305548861-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8362
js
ad4.adfarm1.adition.com/ Frame C24C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=5151141&kid=6224710&bid=18870083&gdpr=&gdpr_consent=&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmk_tFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d_OAFH_9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T_QwjPVZvtA_MHmENzAAmRivCV5J_7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD-xG_qNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp-QDn0cDn70sXCeC3flUx1U8i6Ekgvy_5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE-T5oCeFDpqh-r84TKQ8erFg%2526sai%253DAMfl-YSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s_-DRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR_2om8Sf7YgU8kb8F0l-60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
72e2f825b405405c758138108ea79748a3a6e0eec698694d1f37c32c88143190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Wed, 13 Dec 2023 04:50:54 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
ad4.adfarm1.adition.com/ Frame C24C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=5151143&kid=6224710&bid=18870081&gdpr=&gdpr_consent=&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmk_tFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d_OAFH_9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T_QwjPVZvtA_MHmENzAAmRivCV5J_7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD-xG_qNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp-QDn0cDn70sXCeC3flUx1U8i6Ekgvy_5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE-T5oCeFDpqh-r84TKQ8erFg%2526sai%253DAMfl-YSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s_-DRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR_2om8Sf7YgU8kb8F0l-60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
9e73ad4f0d017e696146c8c254f97a2a0c12a6a667147755b321add63b208551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Wed, 13 Dec 2023 04:50:54 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C24C 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 03:50:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EE32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDZNxmwAlRkc7igIcLx_LiYqWN_Ao1TVlHRoeSI9myHectCbfljvGeDtjI1B7kkc1ogAAccT4AQg4XFN2VbRcAWGHtKzKnD9XisjzcW2NkzAafpVhdIVyrmKUCN22-aT6oZvIUMlPF8lsNUFd6krNU9_6CAFM4WImT1GfVP8TrVIdf3NR_LrU3NXCPEoZ6zt6fiiL2HNlypWre7iiN4xxMQRMBDtNR2yk51ALZC7Egq-zjKFG8mJZUmhRxAKUNXiM7qYEKkYZVqkaq5o3chW_xYwjbz-eAb5PgkeJw7FSpqhXkKlZVrxFfVwoe1ogDUWw6-JtpOAZCSqInD2FDR3qUs3l1f1CmfdP077kOoKq3vCI2fJf8v6KVylfv9mx4QxoNvgNdKDT8T8Zp--42bQR9HSgoGquwQXn8tRQZ5UmJG19pE_o8r9c&sai=AMfl-YSF5f5DT5Ke-S2ROsuK7pmZSkzsD_7Cg_ZqSFeyCjB-5TM4sBKKsEUXilDt-2QPLwKIUj5WmYVKa1KOEeLqpI_crPkvJAPSsk6Kewvk2N9qFPnrH7ChTdYfhfZWtND9Wi0G-xlj3hky7AYPxrFvLVu9x6ksOyqgNfnlXWLcaBMqE-Q&sig=Cg0ArKJSzOqSyuwid-1oEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adition.js
imagesrv.adition.com/js/ Frame EE32 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:00:03 GMT
etag
"3305548861-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8362
js
ad2.adfarm1.adition.com/ Frame EE32 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4694994&gdpr=&gdpr_consent=&ts=1712178924&kid=6109303&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh-Tpb3w6_iiWPZRYvE0RR6M96kGu8OjgvU7LqQ7_xw8dJMNRTWJabqbKhvdQmayFKG7sB4-wBbq4Ikn2korF34awTvn4GVpK-sc4VYkCI-If0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7_AIKxx3QniZN_Kk-sBKhZ1nHIchyAS98mqxqEz_h01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6_cuMK339bEVMX24KalAjFMS7yf19Jd-j50EMKkshFJPeNHgIVi-tuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl-YQrwHPhONKjO_V1nrTA4AIrke-KIp9KyFy_-EBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b-X6VPFUTR5OfPwYNQBb_35cbAZaX2KIHaqUJQWA_ehGhFb7Iqo0ebG59_yfPdqbDHr0KR_cqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP_xEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
e516134685437d4763df3dd354652d09576d5f25ab6b34fc468a1325875e71c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Wed, 13 Dec 2023 04:50:54 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EE32 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 03:50:54 GMT
/
api.assertcom.de/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: ubn3k2x9bfd2yw3n3.ay.delivery
URL: https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.52.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.179.52.99.88.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
/
api.assertcom.de/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: ubn3k2x9bfd2yw3n3.ay.delivery
URL: https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.52.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.179.52.99.88.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vielfliegertreff.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.vielfliegertreff.de
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
csi
csi.gstatic.com/ Frame EF39 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq38hu9e&c=8634022183268&slotId=4317011091634&qqid=CNe0opfBi4MDFZ0qVQgdOp8BzA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:817::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame EF39 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:02:22 GMT
file.mp4
r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame EF39
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0630C954BC4FB8ED1F94F34BA3AFC5791A61FF74.0979329E77D5CC1F6F0F2C170040F7DCA92FB6AA/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:2b::7/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1702438919/mv/u/mvi/3/pl/43/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:54 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8901949
Last-Modified
Wed, 10 Aug 2022 08:22:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 13 Dec 2023 03:50:54 GMT

Redirect headers

date
Wed, 13 Dec 2023 03:50:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
643
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
location
https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0630C954BC4FB8ED1F94F34BA3AFC5791A61FF74.0979329E77D5CC1F6F0F2C170040F7DCA92FB6AA/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:2b::7/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1702438919/mv/u/mvi/3/pl/43/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 1600 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
68292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 08:52:42 GMT
expires
Wed, 11 Dec 2024 08:52:42 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
banner
ad4.adfarm1.adition.com/ Frame C24C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=5151141&adjsver=3&fvers=&iframe=1&ref=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9%23post-3980963&ro=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.71%20Safari/537.36&os=17&browser=11&userid=0&kid=6224710&bid=18870083&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=5151141&kid=6224710&bid=18870083&gdpr=&gdpr_consent=&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmk_tFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d_OAFH_9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T_QwjPVZvtA_MHmENzAAmRivCV5J_7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD-xG_qNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp-QDn0cDn70sXCeC3flUx1U8i6Ekgvy_5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE-T5oCeFDpqh-r84TKQ8erFg%2526sai%253DAMfl-YSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s_-DRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR_2om8Sf7YgU8kb8F0l-60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
33b95f2e3303aaecddfcedccae317e6d9ebc4f396ea49d076952bd598fb5f1e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 04:50:54 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad2.adfarm1.adition.com/ Frame EE32 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4694994&adjsver=3&fvers=&iframe=1&ref=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9%23post-3980963&ro=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.71%20Safari/537.36&os=17&browser=11&userid=0&kid=6109303&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4694994&gdpr=&gdpr_consent=&ts=1712178924&kid=6109303&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh-Tpb3w6_iiWPZRYvE0RR6M96kGu8OjgvU7LqQ7_xw8dJMNRTWJabqbKhvdQmayFKG7sB4-wBbq4Ikn2korF34awTvn4GVpK-sc4VYkCI-If0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7_AIKxx3QniZN_Kk-sBKhZ1nHIchyAS98mqxqEz_h01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6_cuMK339bEVMX24KalAjFMS7yf19Jd-j50EMKkshFJPeNHgIVi-tuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl-YQrwHPhONKjO_V1nrTA4AIrke-KIp9KyFy_-EBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b-X6VPFUTR5OfPwYNQBb_35cbAZaX2KIHaqUJQWA_ehGhFb7Iqo0ebG59_yfPdqbDHr0KR_cqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP_xEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
340d111c02568f8711fce10ceb93405c9397e1486b0060afaac1dd142db0557f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 04:50:54 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1600 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
48210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 14:27:24 GMT
batch
api.adnz.co/api/ws-events-sink/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.adnz.co/api/ws-events-sink/batch?visitorId=-2032845478930561875&tenantId=3186&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjQxNzc1NDY0MTYxNTMxNjksInBhZ2VJbXByZXNzaW9uSWQiOjM3NzI5Mzk1OTE2NTQ1NjksInVybCI6Imh0dHBzOi8vd3d3LnZpZWxmbGllZ2VydHJlZmYuZGUvZm9ydW0vdGhyZWFkcy93dXBsdXMta29zdGVubG9zZXMta29udG8tdm9uLXdlc3Rlcm4tdW5pb24uMTUxMjU1L3BhZ2UtOSIsImJvZHkiOnt9fV0%3D
Requested by
Host: adnz.co
URL: https://adnz.co/semantiq/semantiq-track.js?tenantId=3186,5580,5581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySAzn28RAs31cUj7UqBScB4ARUs%2FUyIAVlgUbdNPiz3%2FSwd8CcFOmWXPtiU%2BEO8ciqCm4gGX%2B5BZvsn66SUBJIXVU2FG5m%2BXDhDpbGLjQLABtWhVBxc%2FIhMDnxd9FXsa%2B0aN2j1l%2B8q%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.vielfliegertreff.de
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
834b3ee04f63085d-FRA
ratelimit-remaining
99
alt-svc
h3=":443"; ma=86400
js
ad2.adfarm1.adition.com/ Frame C24C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4853111&gdpr=0&gdpr_consent=&ts=7311921778361437194&kid=6204576&bid=18866995&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=5151141&adjsver=3&fvers=&iframe=1&ref=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9%23post-3980963&ro=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.71%20Safari/537.36&os=17&browser=11&userid=0&kid=6224710&bid=18870083&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
b1075aabae4bc8e1aabe271d0179dcd7bd09f01566c1d9d58e2189aed155dc77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Wed, 13 Dec 2023 04:50:54 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
vorwerk_K7_set_winter_300x600_x_230918_vdj.html
imagesrv.adition.com/banners/268/01/1a/41/24/ Frame 27FA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
1481c2a6f6ed59acf6c811b812518083afabbd2c4afece5c65e177acb4e95618

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
1084
content-type
text/html
date
Wed, 13 Dec 2023 03:50:54 GMT
etag
"2991755540-br"
last-modified
Fri, 27 Oct 2023 14:37:40 GMT
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame EE32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-71GIb7lpcss-OUYWTkZR5RE4uyUKOj27GOMLwfcK_5AkyFmEYOf8fF0w5ONIX98H9DTGZZ8EBfMpVjbQPW0vReHyZ6CrWEKGV9FAKI8Zep4F8ESccG7-V_CAoKOZ94RGoBOnU1Q5C-7TeAICAOi8VxWzM2lb-yU7LJN_IaMCjD8dOeK8GjUvx3Y9eVppuY-1-iQEBtd-7xb9fecKZuBFjbGapKrqgTG5DT7_EHTlXFOkVCImhlSpMTanvEmz6koxMSmlZHq_S7lCVy7prPz6FTIvzQv48Ic9NF04BWXPiBr9qhxhY3SbcHUIDNWjTJ_FslBwKu9oOUS019IS6rkukRUAJOMfRAh8UjLfryIwXpVHmvz5k06_98HbAsAYbifxmeJCrFDqKgYT77_RgBpBzMDh9f98sdF0Pnc&sai=AMfl-YTMWMX1QL3rY1Uz8XvUi_bEW91YwiTo2SAOLqKUfwTA0bwhPmrJTz2BgHHmDRzVXvcbYNAdLDOa2xhFbyUfTZlKdWBIsrdd3fDSwYckXijoEKcoXSqInJLFokiZDgxfwPROqrfj0xLYXK-7JY_5WM1Vqq5JQjypqwG-zEiYdQYbEtA&sig=Cg0ArKJSzHyH0GDPqJ7HEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Dec 2023 03:50:54 GMT
truncated
/ Frame EE32 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57348bb88add7e139e51d3887d2ab8de0724c1974e7f25fcd252624f9e4c3430

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
banner
ad2.adfarm1.adition.com/ Frame C24C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4853111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9%23post-3980963&ro=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.71%20Safari/537.36&os=17&browser=11&userid=7311921778360452310&kid=6204576&bid=18866995&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4853111&gdpr=0&gdpr_consent=&ts=7311921778361437194&kid=6204576&bid=18866995&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
38897c7a5f5d90fbe8ff7d127b83c9a6ec4c9a832b8ad9a273c5b3e9f86cfc0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 04:50:54 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 27FA 		753 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:01:14 GMT
etag
"597418985-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame 27FA 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Wed, 13 Dec 2023 04:05:54 GMT
vorwerk_K7_set_winter_300x600_x_230918_vdj.js
imagesrv.adition.com/banners/268/01/1a/41/24/ Frame 27FA 		65 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.js?1695277876641
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
34593a1601aedee59f02e83b482233c229c8f60bc097e73239927587003e7ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
content-encoding
br
last-modified
Mon, 25 Sep 2023 12:55:51 GMT
etag
"3133381386-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
15746
file.mp4
r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame EF39 		371 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0630C954BC4FB8ED1F94F34BA3AFC5791A61FF74.0979329E77D5CC1F6F0F2C170040F7DCA92FB6AA/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:2b::7/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1702438919/mv/u/mvi/3/pl/43/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 13 Dec 2023 03:50:54 GMT
date
Wed, 13 Dec 2023 03:50:54 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-8901948/8901949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8901949
last-modified
Wed, 10 Aug 2022 08:22:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
client-protocol
quic
Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html
imagesrv.adition.com/banners/268/01/1f/e3/33/ Frame 972A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
910
content-type
text/html
date
Wed, 13 Dec 2023 03:50:54 GMT
etag
"1997221157-br"
last-modified
Fri, 24 Nov 2023 13:25:04 GMT
vary
Accept-Encoding
banner
ad4.adfarm1.adition.com/ Frame C24C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=5151143&adjsver=3&fvers=&iframe=1&ref=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9%23post-3980963&ro=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.71%20Safari/537.36&os=17&browser=11&userid=0&kid=6224710&bid=18870081&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=5151143&kid=6224710&bid=18870081&gdpr=&gdpr_consent=&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmk_tFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d_OAFH_9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T_QwjPVZvtA_MHmENzAAmRivCV5J_7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD-xG_qNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp-QDn0cDn70sXCeC3flUx1U8i6Ekgvy_5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE-T5oCeFDpqh-r84TKQ8erFg%2526sai%253DAMfl-YSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s_-DRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR_2om8Sf7YgU8kb8F0l-60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
d58ba9391f7f5f46e1f52f7efa9f210f46f2e87b080df6ee872e9fb60c4093b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 04:50:54 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
ad2.adfarm1.adition.com/ Frame C24C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4853113&gdpr=0&gdpr_consent=&ts=7311921778363796490&kid=6204576&bid=18866987&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=5151143&adjsver=3&fvers=&iframe=1&ref=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9%23post-3980963&ro=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.71%20Safari/537.36&os=17&browser=11&userid=0&kid=6224710&bid=18870081&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
7d5efc1c1d2d1f7b99e8f4643d17f031093fd7bc2eccfda447f184b5c7ee2800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Wed, 13 Dec 2023 04:50:54 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad2.adfarm1.adition.com/ Frame C24C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4853113&adjsver=3&fvers=&iframe=1&ref=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9%23post-3980963&ro=https%3A//www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.71%20Safari/537.36&os=17&browser=11&userid=7311921778360452310&kid=6204576&bid=18866987&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4853113&gdpr=0&gdpr_consent=&ts=7311921778363796490&kid=6204576&bid=18866987&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a9fd80c2436020272233da05783af9630a074aa5d6cbf1ea4b15d42862544319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 04:50:54 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html
imagesrv.adition.com/banners/268/01/1f/e3/2b/ Frame 1056 		0
0
Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html
imagesrv.adition.com/banners/268/01/1f/e3/33/ Frame A1AD 		3 KB
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
15f4cecefc550f2f99a4b0201530bad5ebb2002288df19a204354a4194177a82

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
910
content-type
text/html
date
Wed, 13 Dec 2023 03:50:54 GMT
etag
"1997221157-br"
last-modified
Fri, 24 Nov 2023 13:25:04 GMT
vary
Accept-Encoding
Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html
imagesrv.adition.com/banners/268/01/1f/e3/2b/ Frame BEA5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
698eef2f800e673dd4c3d80781186a6b1b2dec38d05c4b0cc81c1ac78df6067c

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
1109
content-type
text/html
date
Wed, 13 Dec 2023 03:50:54 GMT
etag
"2963951905-br"
last-modified
Fri, 24 Nov 2023 13:25:03 GMT
vary
Accept-Encoding
truncated
/ Frame C24C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3abe920b7f4531a9161e92d96ca195d6d57eb86169f88cacdef84e255521437d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C24C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthYUFwvoVawx65PxhG4xmUZatGmhqHLsadBgtfti9N4f2uXgZAS-QVwAL9_lg_0TfpKoTlAgHfemo-Bm7y-RsLdvZmnGnocLEvwD-U7Vz_i3nZtVIt1cO5Ap2fsRIXKsjhwfSYbnx7EJNngKuyPnLvDJYZvkiY6U3CLzaZ73xU1Xy1B0en3KbjwuKeex7vFqttqiXpvCtsye3aA4aui-ku5GtBPR3AqcBdlyVN4yPExiXOftM4G9nYSqn7Xcr9a1rfrLe3TaqUm1rgbYkKG2OoDEvJRp_t3Wst2bFICvcOY8jh3isDoqN9Pw1nTEk9PRtU3OWxODtgLW4-_oee0CocpEqfAUASUz3E79qyhfOzwcnex2ch-DS2zebpma1PmA9zz6d742K6&sai=AMfl-YTKwFf8jQlUXfC3H5EdHM-ZwO3gDoHowrdo5AAkWpGWrUT8NK3EVGFNQhoiNUweadMVweYvzr0SkSEKcpxmHOQB5T2tIFL_49ZfwcDGQ2TflZyTcgyUJeLfkxwcDIxfkJXiNrIZWao4sB4cGVoqossd4JI9fnmEUKKLSFkk4Ipy9r8&sig=Cg0ArKJSzDKBLxNuaRm_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Dec 2023 03:50:54 GMT
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame A1AD 		753 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:55 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:01:14 GMT
etag
"597418985-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame A1AD 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:55 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Wed, 13 Dec 2023 04:05:55 GMT
Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.js
imagesrv.adition.com/banners/268/01/1f/e3/33/ Frame A1AD 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.js?1700573331568
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
3bf683b76110f256c9dcf1116ef1e594e2ad0048c55f1c6c6be24dcb61433a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1f/e3/33/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_728x90_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361437194%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151141%2526kid%253D6224710%2526bid%253D18870083%2526c%253D15261%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363598038%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853111%2526kid%253D6204576%2526bid%253D18866995%2526c%253D12530%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:55 GMT
content-encoding
br
last-modified
Fri, 24 Nov 2023 12:45:02 GMT
etag
"1925780565-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
4986
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame BEA5 		753 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:55 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:01:14 GMT
etag
"597418985-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame BEA5 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:55 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Wed, 13 Dec 2023 04:05:55 GMT
Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.js
imagesrv.adition.com/banners/268/01/1f/e3/2b/ Frame BEA5 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.js?1700573325124
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
9937e85e88bef16a037065270f6c40a72b64c6fcfdc57423d2a893d4b99ceb31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:50:55 GMT
content-encoding
br
last-modified
Fri, 24 Nov 2023 12:45:02 GMT
etag
"1084937132-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
6154
bg_300x600.jpg
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/bg_300x600.jpg?1695277876634
Requested by
Host: www.vielfliegertreff.de
URL: https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
57ba54ef56fe10f0c59de1c344320cfe50dcaeacbcee43f49cd49fdac621e19b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:51 GMT
accept-ranges
bytes
etag
"1221729701"
content-length
25297
content-type
image/jpeg
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1600 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2AmcHip5ZfTtJ_PJnsEPideN4AwAAAAAOAHgBAI&bg=!9fal9rnNAAY3kmNgF5I7ADQBe5WfOLFxGwco0LFrq42ElH9osiQkyUpwrN_ljKOrGOBhLFyrY8nXhT2miMOi8DSK_K_BAgAAAJhSAAAAA2gBB5kDnpiqDc8U_um8UUZ751rq5wLCfzfAQema3Sm_TTAS243Ohuiw1pt2TVRzJowkF7ln_fRvPQER1HNjdpFpKA9_N6GwmD87jOCzOJrFyXSFwJsGfKfZBvq3nJLGQj4ocTnlaMwOJCA4rKzgiFGG7ghJ09VgT-Vr-ycD3QbD_72Wwj3NEdJmc__zm9ApXn8XzFnOhlI-PZtP2WsC4OyEYVZ12488b7BqxvEoY3ksjq7SGLbkGTvm05Jca6DYEWovP1fCk5mYcyDokzDXXUyb3MITelhfHipZL-gJ_GLdCbzruynxaCvO_1kOSdjDiVesY9NbNQMfWlY_1BOxI07rcJthc8Rsh3_-1rIvjQ7diukvV_FIsFgG-VSg37UyN_FoqkbvT2U0vmO_Ty0YRYPVRWkcvPp9X_ymQrwWbT9iIijzL1fzkErT08ZJ1_7yPsLffg89B2QAip17x943x9U_5Y7MzY5KcNbNndJiP-XCZGeXY3Hw8WHy3MGYWt4IZnq9biXfZgveTlrQetSVVvAUQTfF25HPIDUuOSlbf0VdmTls0ExrSbfGJiPWM2Ud3M4LrzwrrCgU0889BE637u4KlFqDbzUBCa3yCIItpzU2WkLDaHsKe7rvP7bB6WHK3u3tJsLDeRjIg8cFneaObUEHPSscgkUI4OLxgBpIKnYC2lG8_jtoe9W5UeXDbTOkqr-W1c6xm4b4AQjWmiYH88o5N56LXmVyZpA-np-Gqg2TIU0b4jarC54xwYbDwPG8a68jSIwSM7t7QnQLstcyy3mahr-6SaufRmhIVsONCDZqCtQQwB7MLXzW5UfucBtckGON6TGuXMl3p8K8pyb4ZV-tkEKbpDk1BeMX_YiDQGOSQTdaW14aDyG0JsBE1jLvjaNxSAUIr8cZeDtYzw6QVBNxz58uuyH2sJIUZ2iRR1CD-3qC8-FCjtjqyMXWISZEV-ms7zWDhsc52W7rd26VhqupetSpgCpNJbFBzvIwnj-xwVP9YfqrqNmtDAP-XohkDOtw_X1F7V1NRdcsN9x_3jG1Avm-cUmUI0LXyuUKNBviHHcRfTqXRLBwnBFZDL1EokFyp2UGPaA_OgWb4XFm2zEKGHy8URDTF0Tsq_z3AiYbXwlZq8PwafynTZQCmqXw7cmd_MIu2saX7dkDIYwLlwiWFvMnOpchOOpYxSyeo0bL19AmDfstaXjXEOD2VpJz_U5zb8LNqH5VTVRrolH5NDib7WmW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1379980542247865&bg=!uLulu_TNAAY3kmNgF5I7ADQBe5WfODDYT5iq5z7wNZBU72Gzr6MNqO4C_5Vs3u8GlEs6st5MZ9toglZuSfdyVxYOH7HxAgAAAHlSAAAAA2gBB5kDCiXkiWZhFvm8fDUUeQroQsIPw02o-2QF7qKX9zZsF5DfcqcsfQK-Am3Qj0MApwpuSS9UJZZx9aVCFVaVviTNKwrLuwOGf_z1AvvnoZEYmBX-WQ0L2drhZDtffqJlnPrChkBf21YogN4RDqbXeVMXtCf_rqlDrN3-Tb46KS4DC3vvMFpB5veDCyOCwEoy_5XjQQnLpGv5oqXWpYbGC69KCw6Pr1i9secqSTazNOQacFnpXaX2juoN5friOveq2bnOtfd00DGpV8whK8RWoyfo6asU81uveNUwTZjVVnlaPJwI4GpUC0JfqsHq2AZj1yId3z_14O4WWciq1JpUmj2JqDutsQUXYpCqUfs_3rHjBT121wqTNjXYhQZDPEJkU0MRtvF2qvCIp0frQt3ob-n-WqcyXJBfIMmlsBAi_nqdiQ256K2uaO7wianLFdnea5p3-K622BT4x3ZtOf6gteP6_W4-6I7mid7EcFsqNPtCD58JHT9keHriAa1d50YwpfXl028f6phkg7vGNP_hz4pauVEyvy5qvwkkSH2S_JTuWUghhlyrnLS-_OmwKbnX4UPStLM4C90RoBMajHiCpHE444EHu7s-rVJRxjhg7BdtZjQNN3pMgq9v0ACRZX5-LUeQ0lN63UZgdmB93lk0Ep8RjKmhQZbU1H8SlA_0XfapbU3aSkIp-kyeptpS3u7Jm2GwCQFJ1AkHwIBv9yR-sTGxY0HZUR8VEyrSzDiE2Kqg7oI3RBOm6ujVC2TQ9MjZQjG_EvHDgU-opyjdeQ7drUJ-vhD_etmAnEbuZvrOxMaKBiTwpfBI4cHMVXFfZf1vd52f719RsA6I7_w9HlXU9YAEp_IbiO9vWJfK49Zc3d2O76LylnhQGI0sp7BUd_NUTRdPCyIeIu-8YLIgV1iZqNxIAtSKa7OHmPGU69sMw59hYYDXpIzsX9pY8_8-BjyG_F-NN1HDqvKozGbiKCs4LQseG3cifNbXP5WzEQfkJBG9-m2lDdqQuUHljbm6lFn6k0RayqytvESuWXmEtSs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vielfliegertreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
Icon_Boost_Funktion.png
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		797 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/Icon_Boost_Funktion.png?1695277876634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
ecbf1ea6ac52be4174f757b07d71f0fd51347bee8df300450cc884745270f2e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:51 GMT
accept-ranges
bytes
etag
"1557814268"
content-length
797
content-type
image/png
Image.png
imagesrv.adition.com/banners/268/01/1f/e3/2b/images/ Frame BEA5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/images/Image.png?1700737690438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
29c279b190d2c088609d227ba4afa871c396abca1cc74fb9e4b7ffcf872f8fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 30 Sep 2019 08:42:29 GMT
accept-ranges
bytes
etag
"1770455863"
content-length
8763
content-type
image/png
plus.png
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		501 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/plus.png?1695277876634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
7e317fa633127f189a5104a7469ef0bff17586e8df33327f9434bff17322571a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:48 GMT
accept-ranges
bytes
etag
"3474637783"
content-length
501
content-type
image/png
slika2_wallpaper.jpg
imagesrv.adition.com/banners/268/01/1f/e3/2b/images/ Frame BEA5 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/images/slika2_wallpaper.jpg?1700737690438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
05e3dd25bbebda4c3486323e471d9e3fbdfcb36c867697499b592804abf5158b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Fri, 24 Nov 2023 12:45:02 GMT
accept-ranges
bytes
etag
"551097926"
content-length
40325
content-type
image/jpeg
product1_300x600.png
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/product1_300x600.png?1695277876634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
ecdeda3adb73289ac6d20cf22ac48df608e6b2cc880aff63bd13d53ef18752de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:48 GMT
accept-ranges
bytes
etag
"734282066"
content-length
6944
content-type
image/png
product2_300x600.png
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/product2_300x600.png?1695277876634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
4915607c49f556732729dcdbfb36dbe3af243bacfe18b543c4ec8370d03f2831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:48 GMT
accept-ranges
bytes
etag
"292045783"
content-length
2873
content-type
image/png
product3_300x600.png
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/product3_300x600.png?1695277876634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
f636dd69df317a08d995495ee8feb57278ed2147abf0bfc4d1d461432eb2a20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:48 GMT
accept-ranges
bytes
etag
"2974892891"
content-length
3952
content-type
image/png
VW_Icon_VB100functionsallfloors.png
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		653 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/VW_Icon_VB100functionsallfloors.png?1695277876634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
772e08691be2940af51092906e0e7e56aa927312fae7f9777de2381255d5e1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:51 GMT
accept-ranges
bytes
etag
"2689210924"
content-length
653
content-type
image/png
VW_Icon_VK7.png
imagesrv.adition.com/banners/268/01/1a/41/24/images/ Frame 27FA 		646 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/1a/41/24/images/VW_Icon_VK7.png?1695277876634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
96ba2ec2389eb8053b4506ee4e5132297127b327c4cc1bf86225c609c2997ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/1a/41/24/vorwerk_K7_set_winter_300x600_x_230918_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstsWrSVFJmUWZyLVseoUAoMigMotUu3y2R4XFsWh%2DTpb3w6%5FiiWPZRYvE0RR6M96kGu8OjgvU7LqQ7%5Fxw8dJMNRTWJabqbKhvdQmayFKG7sB4%2DwBbq4Ikn2korF34awTvn4GVpK%2Dsc4VYkCI%2DIf0yhOHga3DLZcmDeC0wTy4vw2PYWR1DuhfBKajl7lf5BI7%5FAIKxx3QniZN%5FKk%2DsBKhZ1nHIchyAS98mqxqEz%5Fh01MdTgPXiKvuWnb5xb1bDmDV9QhnZopxExDUtRHv1Edl91MCX6%5FcuMK339bEVMX24KalAjFMS7yf19Jd%2Dj50EMKkshFJPeNHgIVi%2DtuXOoEDKkDpWkMaz5XMSLJm1H3JX2iOMW4C69fY0IVHF6aiM8kPy2FqpNcdwZcO10LqUrvJQyXSrDmWlBc%2526sai%253DAMfl%2DYQrwHPhONKjO%5FV1nrTA4AIrke%2DKIp9KyFy%5F%2DEBYrkKItxrcXG4pDMm4fD1m4UEP7YkPF98gZDRL3jCgfC3b%2DX6VPFUTR5OfPwYNQBb%5F35cbAZaX2KIHaqUJQWA%5FehGhFb7Iqo0ebG59%5FyfPdqbDHr0KR%5FcqUgRW0DBJMir4ANfPepI%2526sig%253DCg0ArKJSzCzQ1iCVbP%5FxEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778361173206%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4694994%2526kid%253D6109303%2526bid%253D18497828%2526c%253D64908%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Mon, 25 Sep 2023 12:55:51 GMT
accept-ranges
bytes
etag
"1013063554"
content-length
646
content-type
image/png
csi
csi.gstatic.com/ Frame EF39 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq38hud6&c=8634022183268&slotId=4317011091634&qqid=CNe0opfBi4MDFZ0qVQgdOp8BzA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2175&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.kf~vil.sf&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:817::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 03:50:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2x2
ad.yieldlab.net/d/6846326/766/ Frame DDD8 		61 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/d/6846326/766/2x2?ts=1702439454022&type=h
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Language
de-DE
Content-Length
61
Content-Type
text/html;charset=UTF-8
Date
Wed, 13 Dec 2023 03:50:57 GMT
Expires
Tue, 12 Dec 2023 03:50:57 GMT
Pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8A5B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.vielfliegertreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Dec 2023 03:50:57 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 8A5B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
76070df611804934210bcda9d3437432186cf0729e5eb8e7e4a41b91e67af0a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 03:50:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Dec 2023 16:52:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46843
Connection
keep-alive
Content-Length
13232
Expires
Wed, 13 Dec 2023 16:51:40 GMT
khaos.json
token.rubiconproject.com/ Frame 8A5B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.vielfliegertreff.de/forum/threads/wuplus-kostenloses-konto-von-western-union.151255/page-9
Domain
imagesrv.adition.com
URL
https://imagesrv.adition.com/banners/268/01/1f/e3/2b/Brot_fuer_die_Welt_End_Of_Year_2023_B_WP_160x600_x_231114_vdj.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssmk%5FtFtdLNqi3LaNVNLgUNoQH8JWYmy9ELZL1LXT5rfc8e7d%5FOAFH%5F9C3sMxb7fpEebR7wpq19PEZDzfYWmGfYjx2T%5FQwjPVZvtA%5FMHmENzAAmRivCV5J%5F7wenpp3oKbCRZereVfmq3GVAPKaOMUJRZBjC5RviKxte6dg5t1kc8NPFrAqhpwFZntGf55FPyVsFPD%2DxG%5FqNJaw6t3eWeIpaLeqX6ZjdHAvhVFEK3vSH2TjYbQayEesGpl16zr6FsiBKCxbMlLh54Lp%2DQDn0cDn70sXCeC3flUx1U8i6Ekgvy%5F5cIcypnEtr442z363juSy2U0dTvZYzvnk5EpixAFHOqO4myIKk7DoIXjxt0nE%2DT5oCeFDpqh%2Dr84TKQ8erFg%2526sai%253DAMfl%2DYSfiyHkKHx6GgJ6plm0rTDSnooUaLGdrVIqE4Bi1s%5F%2DDRppMwLmlb6KZwJhHiGV4nJBwL3FHKTF59mXafJw7ijuyTejQjlFe29ESgEP6253ii6OxL15qD3JR%5F2om8Sf7YgU8kb8F0l%2D60IXTpjC9z2YOhsPc47bX1zcaYi32HDocJ8%2526sig%253DCg0ArKJSzKWlrf8p5CfFEAE%2526fbs%5Faeid%253D%25255Bgw%5Ffbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7311921778363796490%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D5151143%2526kid%253D6224710%2526bid%253D18870081%2526c%253D44348%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7311921778364581078%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7311921778360452310%2526sid%253D4853113%2526kid%253D6204576%2526bid%253D18866987%2526c%253D7591%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture object| XF object| _paq object| ADNPM object| themehouse function| $ function| jQuery object| Mustache function| Pikaday function| autosize object| $jscomp undefined| npjs object| googletag object| nps object| NpAdDiagnoseArray number| w object| pbjsnp string| myPropertyId object| clientSettings object| npe undefined| dealtestparam undefined| ylt undefined| ylb object| npm_cmp_vendor object| urban object| geb object| assertive string| npDevice object| t object| t2 object| confiant function| $jscomp$lookupPolyfilledValue number| audienzzCheck object| __adnz__ object| audienzz_internal_do_not_call_directly object| semantiq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| adsmtag object| _EQLService object| _EQPScript object| assertiveQueue boolean| _assertiveInitialized object| ntv object| adsbygoogle object| _taboola object| OBREvents object| ihowpbjsChunk object| ihowpbjs object| _pbjsGlobals object| IHPWT string| partnerName string| key function| xDomainCookie object| audienzz object| adsm boolean| alignOnScroll object| skinOptions object| sideskinOptions object| pbjsnpChunk object| ADAGIO object| invibes object| mnet object| ggeac object| google_tag_data object| google_js_reporting_queue object| _EQPService undefined| google_measure_js_timing string| tg object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal object| sas object| apntag object| _ADAGIO object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| GoogleGcLKhOms object| r number| NpAdDiagnoseStart number| NpAdDiagnoseStartN string| s object| ADNPMTP object| google_image_requests object| checkPlacements

24 Cookies

Domain/Path Name / Value
www.vielfliegertreff.de/ Name: xf_csrf
Value: RgKVHKRpEqpESlmY
www.vielfliegertreff.de/ Name: _pk_id.1.8a30
Value: bbe26ee6620ba1b1.1702439454.
www.vielfliegertreff.de/ Name: _pk_ses.1.8a30
Value: 1
.api.adnz.co/ Name: adnzVisitorId
Value: -2032845478930561875
m.exactag.com/ Name: exactag_new_gk
Value: f0399a810c1749e6bc9ddc350f18723f%7C11.02.2024%2003%3A50%3A53
m.exactag.com/ Name: exactag_new_uk
Value: 2632379d01cd496caf2f920a1c6b825d%7C
m.exactag.com/ Name: session_session
Value: 006ebd3850324c03858144ec
www.vielfliegertreff.de/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-13T03%3A50%3A53%22%7D
www.vielfliegertreff.de/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D
.vielfliegertreff.de/ Name: lotame_domain_check
Value: vielfliegertreff.de
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 99163807-61db-4eae-8800-d0e1fa7e3456
.vielfliegertreff.de/ Name: cto_bundle
Value: L2rHCV94ZGE5Y0R1JTJGVXJyY2habUJDTW0yWTJVbkZrYWREJTJGb01Lb09sc0JiSm1CQmg1Y3owZDFER2lISDFDJTJGZmF2Z2FORzZybUZ1TkpzR2QyeGV2U01uVFBPUm0lMkI3UHVHS0Y1aGI1ZjVWcnRqVHd2cFhTY2hNS0M5MElGZ04lMkJ0dzN4ODN0b05MaFRISTRDTEslMkZxZTJqNnhXSm5SR3pVbm9rdmRaVmpOdENVSGpXTlUlM0Q
.openx.net/ Name: i
Value: 92d00c10-dd36-431a-b7e7-9f2f6d8a368c|1702439454
.rubiconproject.com/ Name: khaos
Value: LQ38HTTV-7-GVRY
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpu/iKVOLNdYF4C1LCtWBX9mfsNIvv6QtqRoUZOq/XfJqoc/bh0kxDGcXl3EIXaRsXS9Vuyb1Vst+1/nhfE74kt4HEYI5ehIrXtqJFHDzJEtiKPLRELhl3xGLmP30iNJH4=
.vielfliegertreff.de/ Name: __gads
Value: ID=6d9f279209e3e36c:T=1702439454:RT=1702439454:S=ALNI_MYL5m5AalDbuvq6tZtMOkBhTbsR4A
.vielfliegertreff.de/ Name: __gpi
Value: UID=00000d1918ecc132:T=1702439454:RT=1702439454:S=ALNI_MZd4FCjsIR3p3Nu6pPNYo25yfVXAg
.doubleclick.net/ Name: IDE
Value: AHWqTUkCPGutY8OY7Xd9mnn625QTvjDrFT9L_FKmljl5_ay-_kzp0l_4cKteGYPpNIM
.doubleclick.net/ Name: APC
Value: AfxxVi6hY0WZd-3tK3kfp9yh2FTfX6OQqVkBKbDfsQfUaFVOVBo3jQ
.adfarm1.adition.com/ Name: UserID1
Value: 7311921778360452310
.adfarm1.adition.com/ Name: lv_6109303
Value: w=4694994|t=1702439454
.adfarm1.adition.com/ Name: lv_6224710
Value: w=5151143|t=1702439454
.adfarm1.adition.com/ Name: lv_6204576
Value: w=4853113|t=1702439454

1 Console Messages

Source Level URL
Text
network error URL: https://ads.rubiconproject.com/header/9623.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.yieldlab.net
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
adnz.co
ads.pubmatic.com
ads.rubiconproject.com
api.adnz.co
api.assertcom.de
at.teads.tv
banner.bluesummit.de
bcp.crwdcntrl.net
bid.g.doubleclick.net
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.jsdelivr.net
cdn.netpoint-media.de
cdn.xplosion.de
code.createjs.com
csi.gstatic.com
edd17aec772b3feb6894d75c4985765f.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
financeads.net
fonts.googleapis.com
functions.adnami.io
gcdn.2mdn.net
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
id.a-mx.com
imagesrv.adition.com
imasdk.googleapis.com
invstatic101.creativecdn.com
m.exactag.com
macro.adnami.io
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
r3---sn-4g5e6nzl.c.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
stats.vielfliegertreff.de
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
u21277559.ct.sendgrid.net
ubn3k2x9bfd2yw3n3.ay.delivery
ups.xplosion.de
www.financeads.net
www.google.com
www.googletagservices.com
www.justice.gov
www.vielfliegertreff.de
xd.adnz.co
id.a-mx.com
imagesrv.adition.com
104.18.35.167
167.233.10.157
167.89.115.54
184.30.16.195
184.30.17.243
185.152.233.4
185.89.211.12
212.237.244.233
217.79.188.21
217.79.188.46
217.79.188.59
23.32.185.35
23.56.202.187
2600:9000:206f:d200:1c:9c14:f240:93a1
2600:9000:2490:9400:e:29d5:db00:93a1
2602:803:c003:200::44
2606:4700:20::681a:305
2606:4700:20::681a:9a9
2606:4700:20::ac43:44e1
2606:4700:4400::ac40:90a6
2606:4700::6810:5714
2606:4700:e0::ac40:620b
2607:f8b0:4009:817::2003
2a00:1450:4001:3c::8
2a00:1450:4001:806::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:299::1dae
2a02:26f0:480:e::210:f10b
2a02:26f0:480:e::210:f110
2a02:26f0:480:f::213:7edc
34.102.146.192
34.120.135.53
34.96.70.87
35.244.159.8
35.71.131.137
52.211.10.80
52.48.20.196
65.9.66.68
69.173.144.165
74.125.133.154
85.14.248.91
88.99.52.179
95.101.149.233
03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
05e3dd25bbebda4c3486323e471d9e3fbdfcb36c867697499b592804abf5158b
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a
07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a
092ac9fb393995c71dfd03c2b192a45f84abf2c4f433178869dfa5e343c1fe3b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
118e50d67acff5bf3e6d2e1dce3031f7d1e6a46ecf782788c60a1aff0857e869
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c
1481c2a6f6ed59acf6c811b812518083afabbd2c4afece5c65e177acb4e95618
15f4cecefc550f2f99a4b0201530bad5ebb2002288df19a204354a4194177a82
1adfdffde1a54d4f0977518141e50977b6edb2e3259ce219dcec60ac8686c228
1bd4442a90e67df15018b9766aa5028cbd59e976640ce96d6c7735ca3d9c6f54
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ec689cacb4362aca3394a8b58151b8b785465fb9a049303f7728e0937087f1f
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c279b190d2c088609d227ba4afa871c396abca1cc74fb9e4b7ffcf872f8fb6
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e4b29279885fe7563561f27b9da11ac677061a51b27c9dc5cf1a380373a6caf
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3163d8719e25e7c49adc3cad3f3068a2a69184ec083aff846ad3c9b1a06e90ca
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33b95f2e3303aaecddfcedccae317e6d9ebc4f396ea49d076952bd598fb5f1e7
340d111c02568f8711fce10ceb93405c9397e1486b0060afaac1dd142db0557f
34593a1601aedee59f02e83b482233c229c8f60bc097e73239927587003e7ec3
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
38897c7a5f5d90fbe8ff7d127b83c9a6ec4c9a832b8ad9a273c5b3e9f86cfc0c
3abe920b7f4531a9161e92d96ca195d6d57eb86169f88cacdef84e255521437d
3bf683b76110f256c9dcf1116ef1e594e2ad0048c55f1c6c6be24dcb61433a24
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b0355d6212f9f12f2a088df119d929c80bd90e244fbe6dbd6f98df4887b095
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ab8bbed6f2b2d15f0913b7902f32130a3079db2dde908a833364fa2557a0ef
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f696578ecaa8bd188dd7e43707fe4253e6741939eb69d6a491b339379c18d1
4915607c49f556732729dcdbfb36dbe3af243bacfe18b543c4ec8370d03f2831
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57348bb88add7e139e51d3887d2ab8de0724c1974e7f25fcd252624f9e4c3430
57ba54ef56fe10f0c59de1c344320cfe50dcaeacbcee43f49cd49fdac621e19b
58db861b69ddfad0545cde07a28222b95cf7e7d263b745d731f8d4cb9d6ab0fd
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5e5d7f615cd4e185b62f06cab12926e6aabc3541792cd7d793f288893e1b47ac
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6858fad7370e7f7044a2f98fa4fb133a2bac6463beee3c82c799b5961c618
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277
698eef2f800e673dd4c3d80781186a6b1b2dec38d05c4b0cc81c1ac78df6067c
6c167455c2c0630d0b560a2c9e7f747b366174d2e5c52af465147e88b9e5ba2b
72e2f825b405405c758138108ea79748a3a6e0eec698694d1f37c32c88143190
76070df611804934210bcda9d3437432186cf0729e5eb8e7e4a41b91e67af0a3
772e08691be2940af51092906e0e7e56aa927312fae7f9777de2381255d5e1a2
7a2eed95a3cca45397acd2aa229c588ac2c3f792b70e7fee18eb07c27d704006
7bb087b62af8139de785426da0824076ffb3d97613625d12cbea25281f1690d4
7d5efc1c1d2d1f7b99e8f4643d17f031093fd7bc2eccfda447f184b5c7ee2800
7e317fa633127f189a5104a7469ef0bff17586e8df33327f9434bff17322571a
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e
819f1ea405ba638b9af14d383ee7becca5922102f4e51cc6c7622817f4f44d44
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8221b649320539c076f0327cda840236eecb6533f239cf79d5bbf56344a67dd9
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f192b52f249f5c4fad0cf86aa4cb0cce6b55d6ec72f706eacf8bb5defb6d317
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
92d75626ed8623a9142dcd4e85698452e57eaa23ea880af67818f00212f19e3d
96ba2ec2389eb8053b4506ee4e5132297127b327c4cc1bf86225c609c2997ebe
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9937e85e88bef16a037065270f6c40a72b64c6fcfdc57423d2a893d4b99ceb31
9939ad43158d512c15a08b09dfd32b195ac085a276678d5996c4d2f7264ffd78
9a2b90522db2902fd5c3942ade56a8c692ee449b1f8a4f6dfc2e4efc7eff43ac
9a45759a58d4d6f7105f20ecdf56613a1ddfaba25fc06512823e1cee5c64ea0d
9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9
9e73ad4f0d017e696146c8c254f97a2a0c12a6a667147755b321add63b208551
a5bd4dc6b6ce4b5fd25f90bba75bf8d154c328d2df04fcb6cba0282a89a55187
a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3
a9fd80c2436020272233da05783af9630a074aa5d6cbf1ea4b15d42862544319
ac870c077252563ae60536570f2b3e172e7d28237dcd96243c9bb3c6a200fe96
af1b6d29d22fef555ab63bae6d0d919a1908c65ee489cdc959dc2f8b091f4825
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0ac6ddfe92f83366e26e8468e31c457e559e0071a1ae1301cdb1fbcfa1bf9fd
b1075aabae4bc8e1aabe271d0179dcd7bd09f01566c1d9d58e2189aed155dc77
b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823
bbc4e804089f0cc18437e100e62f907795c3771f7bb0152c36f480c8015ed1c6
bd2717d6c9540ef58d7a2551925e8756b072e2a2efe80e6813b7f0319f5f5df9
bed63ff52bf12e30f9159456a22d07325f2093d907f15d8d646554bd8db64342
c230770973c3a8a476d8a17c8b1db4725f23c633dc1efb6e29752558281d39b0
c51a4bbd141e8c2adb7c2decf8ab41e8954578135c7d1c66b06f7bd31a2788e4
c5c229908cd5b6717ed2f02c697b1e0b3af1862cfb6ce72010f623a7bf49abda
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9c279343f830bf5a6730cc09ed55ec5c9a211c8669bc5fe0e8747994b1ee94a
ce0b4828d46b9a738e00e578337cab2c9340f58101c0a6ad65fef1e7d163d63e
ce959d68ed1d0fdb66bcfd2fabfd1508148877d06f8df8e24c16239903612622
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d
d58ba9391f7f5f46e1f52f7efa9f210f46f2e87b080df6ee872e9fb60c4093b7
da4f904df05d820628611d7b19738510a3eb1779064f82d4136568bafd272009
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dc6b267d43cd574a4d300cc3f95b4af254a5633808a4ef9a32f6e1302486a370
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e516134685437d4763df3dd354652d09576d5f25ab6b34fc468a1325875e71c1
e7279605c59cb41f7476bd08bb1dd25f3088cf74b8a8e47190d6046699d7c94c
e85df7c29bf6287435597c14d5b1db9ad6745c789960710769e2817b0a2ceacf
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec164a14dc2a275fb375b27e591c0dd6cd0995ec277445ade8b83ee5c38e3a61
ecbf1ea6ac52be4174f757b07d71f0fd51347bee8df300450cc884745270f2e5
ecdeda3adb73289ac6d20cf22ac48df608e6b2cc880aff63bd13d53ef18752de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f165ff4946bc02ef9991ecc2cc1722e40007be0c697765a5214ece8b8710becf
f1afabdbc9ffd54173ee5d42ffafe4026965be1c28143570c7d32e6cfa46cdd7
f636dd69df317a08d995495ee8feb57278ed2147abf0bfc4d1d461432eb2a20e
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0