www.fluege.de Open in urlscan Pro
18.185.0.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.flugticket24.de/
Effective URL:
https://www.fluege.de/
Submission: On March 15 via automatic, source certstream-suspicious (March 15th 2022, 6:37:31 am UTC) — Scanned from DE

Summary HTTP 117 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 39 domains to perform 117 HTTP transactions. The main IP is 18.185.0.220, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.fluege.de. The Cisco Umbrella rank of the primary domain is 741090.
TLS certificate: Issued by Amazon on February 1st 2022. Valid for: a year.

This is the only time www.fluege.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.158.180.156 18.158.180.156	16509 (AMAZON-02) (AMAZON-02)
1	18.185.0.220 18.185.0.220	16509 (AMAZON-02) (AMAZON-02)
35	13.32.121.48 13.32.121.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	52.29.94.184 52.29.94.184	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:679a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
24	34.120.198.77 34.120.198.77	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:803::2008	15169 (GOOGLE) (GOOGLE)
3	34.120.148.58 34.120.148.58	15169 (GOOGLE) (GOOGLE)
1	185.233.55.49 185.233.55.49	15817 (MITTWALD-...) (MITTWALD-AS Mittwald CM Service GmbH und Co. KG)
1 1	2a00:1450:400... 2a00:1450:400e:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:781::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.64.88.53 3.64.88.53	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
3 4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.72.168.182 54.72.168.182	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2 2	18.158.238.206 18.158.238.206	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:6c00:1b:832b:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	18.195.192.101 18.195.192.101	16509 (AMAZON-02) (AMAZON-02)
2 2	3.67.115.82 3.67.115.82	16509 (AMAZON-02) (AMAZON-02)
1	3.64.136.108 3.64.136.108	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6724 (STRATO ST...) (STRATO STRATO AG)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	3.66.118.189 3.66.118.189	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4232:aad:149d:18a2:a241	14618 (AMAZON-AES) (AMAZON-AES)
117	46

1 18.158.180.156 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-180-156.eu-central-1.compute.amazonaws.com

www.flugticket24.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.0.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-0-220.eu-central-1.compute.amazonaws.com

www.fluege.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 13.32.121.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-48.fra60.r.cloudfront.net

static.fluege.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.94.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-94-184.eu-central-1.compute.amazonaws.com

accounts-v1.postbooking.fluege.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:679a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.120.198.77 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 77.198.120.34.bc.googleusercontent.com

saas-selfservice01.kcenter.usu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.148.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.148.120.34.bc.googleusercontent.com

tr-c.fluege.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.233.55.49 (Germany)

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)

pci.usd.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

tr-s.fluege.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:781::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.88.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-88-53.eu-central-1.compute.amazonaws.com

a.clicktripz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.168.182 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-168-182.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.238.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:6c00:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cotads.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.192.101 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.115.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-115-82.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.136.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-136-108.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6724 (STRATO STRATO AG, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.118.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-118-189.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:aad:149d:18a2:a241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	fluege.de www.fluege.de — Cisco Umbrella Rank: 741090 static.fluege.de — Cisco Umbrella Rank: 929311 accounts-v1.postbooking.fluege.de — Cisco Umbrella Rank: 995143 tr-c.fluege.de — Cisco Umbrella Rank: 923192 tr-s.fluege.de — Cisco Umbrella Rank: 942854	1 MB
24	usu.com saas-selfservice01.kcenter.usu.com	332 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185 sslwidget.criteo.com — Cisco Umbrella Rank: 1650 dis.criteo.com — Cisco Umbrella Rank: 617	15 KB
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 816 ups.analytics.yahoo.com — Cisco Umbrella Rank: 268	919 B
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 359	4 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 338 c.bing.com — Cisco Umbrella Rank: 193	12 KB
4	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	18 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 257	1 KB
3	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4271	2 KB
3	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 4504 cotads.adscale.de — Cisco Umbrella Rank: 12633	1 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4596 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5392	175 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	715 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1730	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 630	854 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 346	740 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2186	183 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 9373	242 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 2120	40 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1233	99 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1452	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 13620	237 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	263 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 469	784 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1775	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1682	172 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 554	342 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 603	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 289	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 720	476 B
1	clicktripz.com a.clicktripz.com — Cisco Umbrella Rank: 19611	427 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	13 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6433	501 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	578 B
1	usd.de pci.usd.de — Cisco Umbrella Rank: 312322	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	84 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	flugticket24.de 1 redirects www.flugticket24.de	84 B
117	39

	Domain	Requested by
35	static.fluege.de	www.fluege.de static.fluege.de
24	saas-selfservice01.kcenter.usu.com	www.fluege.de saas-selfservice01.kcenter.usu.com
4	secure.adnxs.com	3 redirects
3	x.bidswitch.net	1 redirects
3	ad.yieldlab.net
3	ups.analytics.yahoo.com	1 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.fluege.de
3	tr-c.fluege.de	www.fluege.de tr-c.fluege.de
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	r.casalemedia.com	1 redirects
2	ad.360yield.com	1 redirects
2	eb2.3lift.com	1 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	tr-s.fluege.de	www.fluege.de tr-c.fluege.de
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	consent.cookiebot.com	www.fluege.de consent.cookiebot.com
2	stats.g.doubleclick.net	1 redirects www.fluege.de
2	accounts-v1.postbooking.fluege.de	static.fluege.de
1	criteo-partners.tremorhub.com
1	c.bing.com
1	matching.ivitrack.com
1	exchange.mediavine.com
1	sync-t1.taboola.com
1	visitor.omnitagjs.com
1	a.twiago.com
1	match.sharethrough.com
1	contextual.media.net
1	cotads.adscale.de
1	cm.adform.net
1	criteo-sync.teads.tv
1	ads.yahoo.com
1	simage2.pubmatic.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	sslwidget.criteo.com	static.criteo.net
1	a.clicktripz.com
1	mug.criteo.com	www.fluege.de
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	static.criteo.net	www.googletagmanager.com
1	www.google.de	www.fluege.de
1	www.google.com	1 redirects
1	pci.usd.de	www.fluege.de
1	www.googletagmanager.com	www.fluege.de
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.fluege.de
1	www.fluege.de
1	www.flugticket24.de	1 redirects
117	51

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
go.fluege.de
policies.google.com
www.appnexus.com
www.hotjar.com
www.media.net
pubmatic.com
www.scarabresearch.com
yandex.ru
www.facebook.com
www.bidswitch.com
www.casalemedia.com
www.criteo.com
www.cyberagent.co.jp
liveramp.com
privacy.microsoft.com
policies.oath.com
www.oracle.com
www.outbrain.com
intercom.help
supership.jp
www.tapad.com
triplelift.com
www.clicktripz.com
jobs.fluege.de
staedteverbindungen.fluege.de
mein.fluege.de
m.fluege.de
sp.booking.com
car.fluege.de
pci.usd.de
app.adjust.com
presse.fluege.de

Subject Issuer	Validity	Valid
*.fluege.de Amazon	`2022-02-01` - `2023-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.kcenter.usu.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tr-c.fluege.de GTS CA 1D4	`2022-02-17` - `2022-05-18`	3 months	crt.sh
pci.usd.de R3	`2022-02-13` - `2022-05-14`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
tr-s.fluege.de GTS CA 1D4	`2022-01-24` - `2022-04-24`	3 months	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.clicktripz.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-07` - `2022-03-30`	2 months	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
itm.ivitrack.com R3	`2022-02-08` - `2022-05-09`	3 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.fluege.de/
Frame ID: 16CB267262E858C4D1D6CE33E0A0C47E
Requests: 77 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: B47DC4FB2F3E030D4410743183575EA9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.fluege.de&origin=onetag&us_privacy=1YNY
Frame ID: 1E76FDDB44211AC4867F66ED157D1886
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: 42B99EFF27AABE91D63DFD80594D9052
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Günstige Flüge online buchen – Flug-Angebote vergleichen | fluege.dePowered by Cookiebot

Page URL History Show full URLs

https://www.flugticket24.de/ HTTP 301
https://www.fluege.de/ Page URL

Detected technologies

OpenLayers (Maps) Expand

Overall confidence: 100%
Detected patterns

openlayers

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

117
Requests

89 %
HTTPS

30 %
IPv6

39
Domains

51
Subdomains

46
IPs

8
Countries

2060 kB
Transfer

4658 kB
Size

58
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://go.fluege.de/service/privacy/
Title: hier

Search URL Search Domain Scan URL

URL: https://go.fluege.de/service/imprint/
Title: hier

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/en/company/privacy-policy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.media.net/en/privacy-policy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy-policy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.scarabresearch.com/privacy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://yandex.ru/legal/confidential/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.bidswitch.com/privacy-policy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: http://www.casalemedia.com/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/corporate-privacy-policy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.cyberagent.co.jp/en/privacy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://liveramp.com/privacy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us/privacystatement
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://policies.oath.com/us/en/oath/privacy/index.html
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.oracle.com/legal/privacy/addthis-privacy-policy.html
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/legal/privacy#privacy-policy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://intercom.help/revcontent2/en/articles/2290675-revcontent-privacy-policy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://supership.jp/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.tapad.com/privacy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: http://www.clicktripz.com/privacy_policy.php
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://jobs.fluege.de/
Title: jobs.fluege.de

Search URL Search Domain Scan URL

URL: https://staedteverbindungen.fluege.de/
Title: staedteverbindungen.fluege.de

Search URL Search Domain Scan URL

URL: https://mein.fluege.de/
Title: mein.fluege.de

Search URL Search Domain Scan URL

URL: https://go.fluege.de/
Title: go.fluege.de

Search URL Search Domain Scan URL

URL: https://m.fluege.de/
Title: m.fluege.de

Search URL Search Domain Scan URL

URL: https://mein.fluege.de/reset-password
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: https://mein.fluege.de/terms-of-use
Title: Nutzungsbestimmungen

Search URL Search Domain Scan URL

URL: http://sp.booking.com/index.html?aid=1882317&lang=de&label=fluege-navigation-homepage
Title: Hotel

Search URL Search Domain Scan URL

URL: https://car.fluege.de/?aid=fluegecar&afid=multiform
Title: Mietwagen

Search URL Search Domain Scan URL

URL: https://pci.usd.de/compliance/7213-D947-936E-D0ED-B5F9-2274/details_de.html

Search URL Search Domain Scan URL

URL: https://app.adjust.com/9c4ucy

Search URL Search Domain Scan URL

URL: https://app.adjust.com/v3isxq

Search URL Search Domain Scan URL

URL: https://mein.fluege.de/?accountState=registration

Search URL Search Domain Scan URL

URL: http://presse.fluege.de/
Title: Presse

Search URL Search Domain Scan URL

URL: http://jobs.fluege.de/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://app.adjust.com/8d6llu_p0i3qv
Title: App

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.flugticket24.de/ HTTP 301
https://www.fluege.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1292129518&utmhn=www.fluege.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=G%C3%BCnstige%20Fl%C3%BCge%20online%20buchen%20%E2%80%93%20Flug-Angebote%20vergleichen%20%7C%20fluege.de&utmhid=1531765833&utmr=-&utmp=index_index_multiform&utmht=1647326245687&utmac=UA-31842-55&utmcc=__utma%3D227697226.2088430718.1647326246.1647326246.1647326246.1%3B%2B__utmz%3D227697226.1647326246.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1630516360&utmredir=3&utmu=qBSAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31842-55&cid=2088430718.1647326246&jid=1630516360&_v=5.7.2dc&z=1292129518 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31842-55&cid=2088430718.1647326246&jid=1630516360&_v=5.7.2dc&z=1292129518&slf_rd=1&random=2017241200

Request Chain 76

https://gum.criteo.com/sid/json?origin=onetag&domain=fluege.de&sn=ChromeSyncframe&so=0&topUrl=www.fluege.de&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=vAcrpXxrV2VtU0pUNVdyTERxU3lrV2VhVW1NakVCWXJPUm5DZEtCVi8xMTZqVUxZWDM0VkVDVGZuVGRvaXJFYSt6TnBqVWZzOXlrKzgwRnNmYjhHZ0QxZ0EvMEVsWDZKMzRQdVJyNk1td2hmajV0MzdVazRMZ2EzUFEzMkF5MVROUUgrTE8wamxDMnNJTHN3bEE2M3owQkYvenhjdWhxazdUZEZ4N2d2Rk1zWng1ZEtTdnIyNEZTK2Q4cXhGVkNPM3FKVGx2SUY3dlhKWEw4amFlVUpKdHNFOFhOSlNMV3JmSmxTRWlVTFpLU1kxYnhjRWhISGpRYUI2T0xobXFVMUZaZEczTHYrNDlHM3FJZXdJV09SbGxqOEk0QT09fA&cppv=2

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1WSWg3bm56Wk90a3JPWU1saGhvNVQ5eVhYdGJOUzVIaHZNZXN1Zw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay1WSWg3bm56Wk90a3JPWU1saGhvNVQ5eVhYdGJOUzVIaHZNZXN1Zw&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 90

https://eb2.3lift.com/xuid?mid=2711&xuid=k-kVxdrHzZOtkrOYMlhho5T9yXXtZoO7ygnt6APw&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-kVxdrHzZOtkrOYMlhho5T9yXXtZoO7ygnt6APw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 92

https://secure.adnxs.com/setuid?entity=52&code=k-YUP1BHzZOtkrOYMlhho5T9yXXtYV4vwzV2bF5g&seg=130915 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YUP1BHzZOtkrOYMlhho5T9yXXtYV4vwzV2bF5g%26seg%3D130915

Request Chain 93

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ksrt5nzZOtkrOYMlhho5T9yXXtb7HkPu8mRSOQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ksrt5nzZOtkrOYMlhho5T9yXXtb7HkPu8mRSOQ

Request Chain 95

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qNzHAnzZOtkrOYMlhho5T9yXXta-VBxLxjTgRA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qNzHAnzZOtkrOYMlhho5T9yXXta-VBxLxjTgRA&C=1

Request Chain 97

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-I0LqCnzZOtkrOYMlhho5T9yXXtYWgnhSSEHfvA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-I0LqCnzZOtkrOYMlhho5T9yXXtYWgnhSSEHfvA&verify=true

Request Chain 100

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-IBOQ33zZOtkrOYMlhho5T9yXXtbZ9g2TAyAS5Q&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-IBOQ33zZOtkrOYMlhho5T9yXXtbZ9g2TAyAS5Q&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=b46b11e35c66462d9df5162e905aebc4 HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=e03e9925d171c0d1feb93f7fc73119bc89d7aa742d0ae20566dd0b79b1bb6eca

Request Chain 103

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-JNl0Y3zZOtkrOYMlhho5T9yXXta_fLLpco4CHw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JNl0Y3zZOtkrOYMlhho5T9yXXta_fLLpco4CHw&expires=30

Request Chain 104

https://pixel.advertising.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1&apid=UP61194394-a42a-11ec-ac17-06467f305b00

Request Chain 113

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3915424270626771188

117 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.fluege.de/
Redirect Chain

https://www.flugticket24.de/
https://www.fluege.de/

134 KB
32 KB

104ms
55ms

Document
text/html

18.185.0.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.0.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-0-220.eu-central-1.compute.amazonaws.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 03bf5bea0fbc2f40be81063aca284afa78c394b8105ba6823a8bdf7809287965

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-type: text/html; charset=UTF-8
server: Apache/2.2.22 (Debian)
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires: Tue, 15 Mar 2022 06:42:10 +0000
cache-control: public, max-age=285
pragma
x-we-want-you: If you're reading this, you should be working at Invia! Check out https://www.invia.de/karriere/stellen/
x-age: Tue, 15 Mar 2022 06:37:10 +0000
x-app-cache: Apc
etag: "e45a672e8789d6c09dcaad377b501323"
content-encoding: gzip
vary: Accept-Encoding
provided-host: slave01-a

Redirect headers

server: awselb/2.0
date: Tue, 15 Mar 2022 06:37:25 GMT
content-type: text/html
content-length: 134
location: https://www.fluege.de:443/

GET
H2 200 kingfisher__64d096a8.woff
static.fluege.de/fonts/icon-fonts/kingfisher/font/ 12 KB
13 KB 87ms
20ms Font
application/x-font-woff 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/fonts/icon-fonts/kingfisher/font/kingfisher__64d096a8.woff
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 9883d461703b2fa66f7dfaac5402cb9bfb0148ee55092ac68683176617604d72

Request headers

Referer: https://www.fluege.de/
Origin: https://www.fluege.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:31 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
age: 671394
etag: "31ec-5d99e961b8780;5d99e961b8780"
provided-host: slave31-a
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 12780
x-amz-cf-id: t1wFqad64g8w0uSh20F0oo8Q7dfveSlRf51saou9zaZEVKw7H71_hg==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 82ms
30ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700&display=swap

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa603fff87f7332bc3b0462d2111717bf36cd738fb5690e8aa0db63f8bb36a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:35:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 06:37:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 06:37:25 GMT

GET
H2 200 fluege_de_kingfisher_desktop_index___64d096a8.css
static.fluege.de/css/ 119 KB
22 KB 89ms
22ms Stylesheet
text/css 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/css/fluege_de_kingfisher_desktop_index___64d096a8.css
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 0d28b942c0db85dd07ee511a1514daea799427fef4dab0622fcffaa7560e60e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:02:56 +0000
server: Apache/2.2.22 (Debian)
age: 671395
etag: "1ccc475d735f8b61c6baa2c40be3aeac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
provided-host: slave31-a
x-amz-cf-pop: FRA60-P1
content-length: 22007
x-amz-cf-id: aF5WJI7UiIJpKLA-uj3n0eIC_ZZTEQHcObK5d56NAJ3ew3j9Cg5qYQ==

GET
H2 200 loader___64d096a8.js Show response
static.fluege.de/js/ 3 KB
2 KB 88ms
22ms Script
text/javascript 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/js/loader___64d096a8.js
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 121aab709a068bb6255216be9e5954ca3c2bb5950a76549eaee0485d92448a59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:02:23 +0000
server: Apache/2.2.22 (Debian)
age: 671395
etag: "5481c8cf0b32339fa1d1ca18b8d546a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
provided-host: slave20-a
x-amz-cf-pop: FRA60-P1
content-length: 1390
x-amz-cf-id: wxiAeudeUEPNF7DKI4ImucYURhkaqq4_WoRrYgOCLncaE5BUOK16_g==

GET
H2 200 form-background__64d096a8.jpg
static.fluege.de/img/kingfisher/ 63 KB
63 KB 37ms
35ms Image
image/jpg 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/kingfisher/form-background__64d096a8.jpg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 223fb2503f0f3a83d1ec7516b07423c0cb730cc97b62ae93fec1e4e6261221e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave24-a
server: Apache/2.2.22 (Debian)
age: 671395
etag: aed3d1a8c92e8aa2a7370a28a2b97f21
x-cache: Hit from cloudfront
content-type: image/jpg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 64136
x-amz-cf-id: 7T7DL0JVdzHaLW5h4kERooHxqTzDK7GnpTHOB9JNTE0i-ohUVESmqg==

GET
H2 200 fluege.de_white_xs.svg
static.fluege.de/img/logo/ 8 KB
8 KB 43ms
41ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/logo/fluege.de_white_xs.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: ed06b7366a512f6a29aeedec7b8b19bece1b81e67fa757ba4cce4a3622b0fda4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave06-a
age: 2459967
x-cache: Hit from cloudfront
content-length: 8002
last-modified: Mon, 14 Feb 2022 18:56:27 GMT
server: Apache/2.2.22 (Debian)
etag: "1f42-5d7fef940ecc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: 8pXc-kOZPG_i-3L0k2Zh3LTI46yA07Npguacmst2Bc9MO7cL4WMRxA==

GET
H2 200 google_round.svg
static.fluege.de/img/svg/ 2 KB
2 KB 43ms
41ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/google_round.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 151f5a011d4daa6d001ea57b54e92f2290cb17a407bbcb2779b60929cef78726

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave27-a
age: 2459967
x-cache: Hit from cloudfront
content-length: 1540
last-modified: Mon, 14 Feb 2022 18:56:27 GMT
server: Apache/2.2.22 (Debian)
etag: "604-5d7fef940ecc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: UgFrkwXMIO1oJs4ECz72xUCZ29YsvO_7UqnJ_bxmVaaxV6OFKMjv_A==

GET
H2 200 facebook_round.svg
static.fluege.de/img/svg/ 885 B
1 KB 53ms
51ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/facebook_round.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 0bdec86eeb5f86f7c2d4fb39aa4eccabcccb1fdc9105624ecd0981048881fd6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave02-a
age: 2459967
x-cache: Hit from cloudfront
content-length: 885
last-modified: Mon, 14 Feb 2022 18:56:27 GMT
server: Apache/2.2.22 (Debian)
etag: "375-5d7fef940ecc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: PMhAQqS2tZkBhlInf3nxZ2B4XBJkZtmkSyXP2VEWTuYetPfNNvxJzA==

GET
H2 200 apple.svg
static.fluege.de/img/svg/ 549 B
980 B 53ms
52ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/apple.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 754dc7b046cff38dfc1b4bc3526b21f1a940b4c79fa0ba53f087b7cc71d180f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave18-a
age: 2459967
x-cache: Hit from cloudfront
content-length: 549
last-modified: Mon, 14 Feb 2022 18:56:27 GMT
server: Apache/2.2.22 (Debian)
etag: "225-5d7fef940ecc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: LYvwQSVu15XeM9K53d9KG52Q024rFFZnxfOszDUIACrWPt_-Sd4l5w==

GET
H2 200 pixel.gif
static.fluege.de/img/ 43 B
409 B 52ms
51ms Image
image/gif 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/pixel.gif
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 17b653428e5c492ce3cd0776fb4b461ec7d69819685a7977c5154c872e3b1f9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave27-a
server: Apache/2.2.22 (Debian)
age: 2459967
etag: c926c92101fba43630294018ad615692
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: vgyEAhffalyOdHVYmH2yAUs2SiGhGTkgVSwUFONn6_39x9GNR2Qn9A==

GET
H2 200 main___64d096a8.js Show response
static.fluege.de/js/ 492 KB
139 KB 23ms
23ms Script
text/javascript 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/js/main___64d096a8.js
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 62a99603fb2603e3418052f3d2dbb91b5f3be9a9161e1b477abaf92e25ee1536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:02:24 +0000
server: Apache/2.2.22 (Debian)
age: 671395
etag: "db4f1c2db0f81e00d9ab4cc4d1673935"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
provided-host: slave27-a
x-amz-cf-pop: FRA60-P1
content-length: 142040
x-amz-cf-id: PBen0_95b5wfUi6tWdk4TVUoSlGQibMAd7eKqQrWKyWUQXwgJkK4Sg==

GET
H2 200 kingfisher_index___64d096a8.js Show response
static.fluege.de/js/ 32 KB
8 KB 44ms
43ms Script
text/javascript 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/js/kingfisher_index___64d096a8.js
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6d63bb19f8d5cc15f1b25352337d755df04385f8e35af4b8e4b2c31febd728ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:03:12 +0000
server: Apache/2.2.22 (Debian)
age: 671395
etag: "5d358af7ced41bd71b6be914309f1fd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
provided-host: slave03-a
x-amz-cf-pop: FRA60-P1
content-length: 8146
x-amz-cf-id: qS-ovnZR-LOn9Yc6_VleZw5U-fnV2Fit_-ePmlgolFnEld53wkVfiw==

GET
H2 200 fluege_de_desktop_index___64d096a8.js Show response
static.fluege.de/js/ 170 KB
49 KB 38ms
35ms Script
text/javascript 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/js/fluege_de_desktop_index___64d096a8.js
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: f987331e2360278ce316a3a44bb2ecca5bde155f707d9c7039b327d1932dff0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:02:24 +0000
server: Apache/2.2.22 (Debian)
age: 671395
etag: "3292fd3c2b286d28a0e08526a0e3dc21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
provided-host: slave01-a
x-amz-cf-pop: FRA60-P1
content-length: 49624
x-amz-cf-id: ZDYi2h_5CnJqF-AsV1l68nxkGn8sd2T-FS-y-P8fzBcXn61mqlcLyA==

GET
H2 200 multiForm___64d096a8.js Show response
static.fluege.de/js/ 31 KB
7 KB 38ms
36ms Script
text/javascript 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/js/multiForm___64d096a8.js
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 578b28634df2edf3f17f28c4f8897a8ff1d3330028fdc834c82e8fae6aa85297

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:02:25 +0000
server: Apache/2.2.22 (Debian)
age: 671395
etag: "9146081112b54658c48e06e9681e2fa9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
provided-host: slave02-a
x-amz-cf-pop: FRA60-P1
content-length: 7213
x-amz-cf-id: UZ3iOZhdFTQ8wFFkElcCpNgx9Dt772Tpg9Abwiy7ZZPi4-Bmiyyqzg==

GET service-worker.js
www.fluege.de/ Frame 0
0

GET
H2 200 postscribe___64d096a8.js Show response
static.fluege.de/js/ 16 KB
6 KB 53ms
52ms Script
text/javascript 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fluege.de/js/postscribe___64d096a8.js
Requested by: Host: static.fluege.de
URL: https://static.fluege.de/js/loader___64d096a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6e31f4f1f4b645d344853dcfef123ecad2e7b1f80b4464074e26acc686110557

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:30 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:02:20 +0000
server: Apache/2.2.22 (Debian)
age: 671395
etag: "b3d2440e3f96e79ce992bf2afbfb7ed5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
provided-host: slave07-a
x-amz-cf-pop: FRA60-P1
content-length: 5368
x-amz-cf-id: xKIPr1TKsdScfKJpuwR9dPikTjudd7_LWtroK9z91ywlJUZKOsK24Q==

GET
H2 200 google_round.svg
static.fluege.de/img/svg/ 2 KB
2 KB 57ms
56ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/google_round.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 151f5a011d4daa6d001ea57b54e92f2290cb17a407bbcb2779b60929cef78726

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave27-a
age: 2459967
x-cache: Hit from cloudfront
content-length: 1540
last-modified: Mon, 14 Feb 2022 18:56:27 GMT
server: Apache/2.2.22 (Debian)
etag: "604-5d7fef940ecc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: pfUxAVSykHFelzyWPlm-Swlc7N7PqDUWf7oB9xXm_HGx0Lv-mGZuyg==

GET
H2 200 facebook_round.svg
static.fluege.de/img/svg/ 885 B
1 KB 56ms
55ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/facebook_round.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 0bdec86eeb5f86f7c2d4fb39aa4eccabcccb1fdc9105624ecd0981048881fd6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave02-a
age: 2459967
x-cache: Hit from cloudfront
content-length: 885
last-modified: Mon, 14 Feb 2022 18:56:27 GMT
server: Apache/2.2.22 (Debian)
etag: "375-5d7fef940ecc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: XCdHVciccnR_qkhTTXGd-lm_YfelVExxu-mMtAvNp7s0iFJugfh1PQ==

GET
H2 200 apple.svg
static.fluege.de/img/svg/ 549 B
980 B 57ms
56ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/apple.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 754dc7b046cff38dfc1b4bc3526b21f1a940b4c79fa0ba53f087b7cc71d180f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave18-a
age: 2459967
x-cache: Hit from cloudfront
content-length: 549
last-modified: Mon, 14 Feb 2022 18:56:27 GMT
server: Apache/2.2.22 (Debian)
etag: "225-5d7fef940ecc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: HxoBOZAhOklkQ6mSPbEpkldFaRAoMJZQkccsJGEnKfqmMfhmJNQ1og==

GET
H2 200 pixel.gif
static.fluege.de/img/ 43 B
409 B 41ms
40ms Image
image/gif 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/pixel.gif
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 17b653428e5c492ce3cd0776fb4b461ec7d69819685a7977c5154c872e3b1f9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:17:58 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave27-a
server: Apache/2.2.22 (Debian)
age: 2459967
etag: c926c92101fba43630294018ad615692
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: XPjGWyqzDnt6gee5nC2WgkVhDD2eu4TsqNem7d_CblWZIHcGrC65dw==

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
47 KB 67ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fluege.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 18:48:55 GMT
x-content-type-options: nosniff
age: 560910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 18:48:55 GMT

OPTIONS
H/1.1 200
OK account
accounts-v1.postbooking.fluege.de/api/ Frame 0
0 100ms
21ms Preflight
text/html 52.29.94.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-v1.postbooking.fluege.de/api/account

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.94.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-94-184.eu-central-1.compute.amazonaws.com

Software

nginx/1.15.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-name,x-client-version
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, cookie, accept, origin, x-client-name, x-client-version, last-modified-since, if-none-match
Access-Control-Allow-Origin: https://www.fluege.de
Access-Control-Max-Age: 3600
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 06:37:25 GMT
Server: nginx/1.15.1
Strict-Transport-Security: max-age=315360000
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Content-Length: 0
Connection: keep-alive

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 90ms
24ms Script
text/javascript 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3766
date: Tue, 15 Mar 2022 05:34:39 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 15 Mar 2022 07:34:39 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 91 KB
28 KB 249ms
20ms Script
application/javascript 2a02:26f0:1700:11::b856:679a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:679a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc5ca9718cb3f43eb653e6176b3e8dce55b792e06f7bdd80388f0889dc447b15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 16:15:27 GMT
etag: "d3e5ead9a34d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=326
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 27964
expires: Tue, 15 Mar 2022 06:42:51 GMT

GET
H2 200 loader.js Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/js/ 465 B
747 B 81ms
23ms Script
text/javascript 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/js/loader.js?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

288b4382c321c56595ce6a22c359ab069d0f92a0ee86f7215dae764bcf4a90d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 27 Feb 2022 08:16:29 GMT
etag: "bc9579d6e90624ab01c6b2ad1a454194"
x-frame-options: ALLOWALL
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 465
x-xss-protection: 1;mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
84 KB 89ms
32ms Script
application/javascript 2a00:1450:400e:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJCPC76

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed99ad128c6cb66d7d00bae23898f1f47a70dffeb605130c8a6f176d2bc369ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85079
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Mar 2022 06:37:25 GMT

GET
H2 200 salty-dove.js Show response
tr-c.fluege.de/ 167 KB
50 KB 91ms
44ms Script
text/javascript 34.120.148.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr-c.fluege.de/salty-dove.js?id=GTM-56L6RSX
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.148.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.148.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dcfc243ed1e0f78af2ac254a0a1315250c8c8ab0e545e823ab00a322ade1f8be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtcfaIECGcOvIx_w5HyXuSxd38bQAX7z_QB_e5JnAuLHngyiEOXGlVhsq7afz3fhMHTFzA8iw2TpG-ez7qbq4ei5O7rEA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 51087
last-modified: Fri, 11 Mar 2022 14:00:07 GMT
server: UploadServer
etag: "1b1706a6a74390144ae3a7300bef01bf"
vary: Accept-Encoding
x-goog-hash: crc32c=8xLHLA==, md5=GxcGpqdDkBRK46cwC+8Bvw==
x-goog-generation: 1647007207490130
cache-control: private, max-age=900
x-goog-stored-content-length: 51087
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 15 Mar 2022 06:52:25 GMT

GET
H2 200 index__64d096a8.png
static.fluege.de/img/sprites/kingfisher/index/ 46 KB
46 KB 20ms
19ms Image
image/png 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/sprites/kingfisher/index/index__64d096a8.png
Requested by: Host: static.fluege.de
URL: https://static.fluege.de/css/fluege_de_kingfisher_desktop_index___64d096a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: d6bcfee413f2992faaf0b36ca7b312a21413935dc83370caeb612dbfc0ff5c28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.fluege.de/css/fluege_de_kingfisher_desktop_index___64d096a8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:08:09 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave20-a
server: Apache/2.2.22 (Debian)
age: 671356
etag: 72208813f80d1365a3e614af6b5b6a11
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 46902
x-amz-cf-id: q3B57zuXAFZIRZTnea7v3PupMQwfoSHCXrFfpkK5pBRWSahqGCRW8Q==

GET
H/1.1 401
Unauthorized account Show response
accounts-v1.postbooking.fluege.de/api/ 0
370 B 99ms
46ms XHR
text/html 52.29.94.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-v1.postbooking.fluege.de/api/account

Requested by

Host: static.fluege.de
URL: https://static.fluege.de/js/main___64d096a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.94.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-94-184.eu-central-1.compute.amazonaws.com

Software

nginx/1.15.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

Accept: */*
Referer: https://www.fluege.de/
Accept-Language: de-DE,de;q=0.9
X-Client-Name: portal-fluege-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Client-Version: 2.174.0

Response headers

Date: Tue, 15 Mar 2022 06:37:25 GMT
Strict-Transport-Security: max-age=315360000
Server: nginx/1.15.1
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.fluege.de
Access-Control-Expose-Headers: etag, location
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 rounded_bc_fluege.de__64d096a8.svg
static.fluege.de/img/svg/ 7 KB
8 KB 20ms
17ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/rounded_bc_fluege.de__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 3d4a60c9ee753561d280bc5d7ae427bc6fcd88410eba87474c8d457e39edf0fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:31 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave01-a
age: 671394
x-cache: Hit from cloudfront
content-length: 7273
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "1c69-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-language: de
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: I5kKq3FPHbl8d4L_NuYrZADWSPy-c_ZS_9SSwXhC1haHsfaDJePLDg==

GET
H2 200 rounded_debit__64d096a8.svg
static.fluege.de/img/svg/ 5 KB
6 KB 24ms
19ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/rounded_debit__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 87ff30b673b9d4a5853fbeb668a62a32f4a92eff79720a28a2f68e38391e5d86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:31 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave03-a
age: 671394
x-cache: Hit from cloudfront
content-length: 5445
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "1545-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: rKvx1At3XOkE8oIfLVdbikHO1r4GGDAoAM9xb_MB7gChVC5IHRoCiw==

GET
H2 200 rounded_ca__64d096a8.svg
static.fluege.de/img/svg/ 4 KB
4 KB 24ms
19ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/rounded_ca__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 312fe6b8b9ee608133cf7516ce034dea78b7afb2c123699c2261d011b6ab9eb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:31 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave36-a
age: 671394
x-cache: Hit from cloudfront
content-length: 3816
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "ee8-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: DHQsx1hXiCmuS86qwE8NCs63oG22YslczsKscA8uyKZn42x1A29oFw==

GET
H2 200 rounded_ax__64d096a8.svg
static.fluege.de/img/svg/ 4 KB
4 KB 24ms
20ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/rounded_ax__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: f17573d03d9f4b2714c193cff8226caf38cee2d44821b4f4a9d67c104d127dc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:31 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave24-a
age: 671394
x-cache: Hit from cloudfront
content-length: 3826
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "ef2-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: syk-zjy_2odG7It62yywFIjVwwkWw54s4zYf2TCRVZaUOEjTP-s8FA==

GET
H2 200 rounded_vi__64d096a8.svg
static.fluege.de/img/svg/ 1 KB
2 KB 26ms
22ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/rounded_vi__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 034a96bbda14455d616185fb29722464779fd8d2f9ec02236db477ee2fcd6476

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:31 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave03-a
age: 671394
x-cache: Hit from cloudfront
content-length: 1158
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "486-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: FmNBG6oRIIaaR7ILx-vzPva3ZI-HF-f7z-xyi5J5z61fwI8E7bRzGQ==

GET
H2 200 rounded_vie__64d096a8.svg
static.fluege.de/img/svg/ 3 KB
3 KB 26ms
23ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/svg/rounded_vie__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 9f905f0d4f0029f7a04e9edc4434072be091e0f19f2b59f77656f78860828d60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:07:31 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave02-a
age: 671394
x-cache: Hit from cloudfront
content-length: 2803
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "af3-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: u4_6c8_7KwjaDwpE33noDRKuqz73FVWj9LD00mOZhfA6CVZtK0aaXg==

GET
H2 200 seal_ctv_80.png
pci.usd.de/compliance/7213-D947-936E-D0ED-B5F9-2274/ 14 KB
14 KB 201ms
25ms Image
image/png 185.233.55.49
MITTWALD-AS Mittw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pci.usd.de/compliance/7213-D947-936E-D0ED-B5F9-2274/seal_ctv_80.png

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.233.55.49 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),

Reverse DNS

Software

Apache /

Resource Hash

45cf07d71bb278348988791d891218dba2aa5f5ad8bea86912e7ad923118318f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
last-modified: Mon, 10 Jan 2022 13:40:57 GMT
server: Apache
x-frame-options: sameorigin
date: Tue, 15 Mar 2022 06:37:25 GMT
vary: Accept-Encoding
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000, public, public
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 14306
x-content-type-options: nosniff
expires: Thu, 14 Apr 2022 06:37:25 GMT

GET
H2 200 endlich_reisen__64d096a8.jpg
static.fluege.de/img/kingfisher/contest/ 57 KB
57 KB 23ms
20ms Image
image/jpg 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/kingfisher/contest/endlich_reisen__64d096a8.jpg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: b863ead4b432ac15c9eb56728fb91eb461efce3e4bc9fdffe78adad897806aaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:37:41 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave31-a
server: Apache/2.2.22 (Debian)
age: 655184
etag: b0f9860473a94ae31ee1af420849ea2e
x-cache: Hit from cloudfront
content-type: image/jpg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 58102
x-amz-cf-id: e0Hn7rToUdJ4iW9sW8J5m83hBePSSXFyQmu52bvE_fVFfMdTcWZPpg==

GET
H2 200 smartphones__64d096a8.png
static.fluege.de/img/kingfisher/ 109 KB
110 KB 26ms
23ms Image
image/png 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/kingfisher/smartphones__64d096a8.png
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6bab36facb9f03513de838eb6f4e615d2c953f16c416fd9b612ce4133018645b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:37:41 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave07-a
server: Apache/2.2.22 (Debian)
age: 655184
etag: e1afde1f7c504b1acb8452f8cb948bb5
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 111975
x-amz-cf-id: GMSZ4jwTSvqN-EOG7fdOzvR170vpIhQmoISr3QT1t1w-Sg1i1qCeHA==

GET
H2 200 app_store__64d096a8.svg
static.fluege.de/img/storebadges/ 6 KB
6 KB 30ms
27ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/storebadges/app_store__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 410fe78313cee6cbd99ae09565aa3a0100779fafeea1d4d1d677fd4ecb2c411d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:08:49 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave01-a
age: 671316
x-cache: Hit from cloudfront
content-length: 6183
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "1827-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: hEpxMTnujmR9JQeRldvq_YzHcSxy_qBTjinDfxsdShU-mw4RsnMnyQ==

GET
H2 200 google_play_store__64d096a8.svg
static.fluege.de/img/storebadges/ 7 KB
7 KB 54ms
51ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/storebadges/google_play_store__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 23185fbc1344dd5a7dbb33c53eecfcb00ef60aecfc84d6a83f826239d84c47c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:08:49 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave04-a
age: 671316
x-cache: Hit from cloudfront
content-length: 6829
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "1aad-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: Ll4NzCF5vweFtNit4rsz2wD8r59ectOp3N4UMnACrQJgRUFAOA1O7A==

GET
H2 200 promo_slider__64d096a8.jpg
static.fluege.de/img/kingfisher/login/ 44 KB
44 KB 30ms
27ms Image
image/jpg 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/kingfisher/login/promo_slider__64d096a8.jpg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 8bc7a9fdaaca230888e7f929afd2c1533ddf0da2de0461cea180f9af24d29215

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:06:24 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave21-a
server: Apache/2.2.22 (Debian)
age: 667861
etag: 7f3ca7a91a4e3ed9c8722d06eb4f85d0
x-cache: Hit from cloudfront
content-type: image/jpg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 45143
x-amz-cf-id: NeRGmw0ZUhCJ8iGy5o54m-AlbOn-eGPFMa-bYWVI4fKtVv7HZhnR6g==

GET
H2 200 travel-insights__64d096a8.jpg
static.fluege.de/img/kingfisher/contest/ 64 KB
64 KB 42ms
39ms Image
image/jpg 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/kingfisher/contest/travel-insights__64d096a8.jpg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 4595d280485b537760e8e0e336f815f6d95496c9a88351af42ec643f0342fed9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:06:24 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave21-a
server: Apache/2.2.22 (Debian)
age: 667861
etag: 2343bf0727c59fd9f9d62809992e04c4
x-cache: Hit from cloudfront
content-type: image/jpg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 65029
x-amz-cf-id: RtfelsndX20ApLLwegRjs6BT1x4faxKNq9wREO2r4ZYiNn4NelCItw==

GET
H2 200 1.jpg
static.fluege.de/img/teaser/NYC/x380/x265/ 107 KB
107 KB 36ms
33ms Image
image/jpg 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/teaser/NYC/x380/x265/1.jpg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 478c2a42a006d0a829caf9d4f77f37189b1f77ac664f52090b73edbab6bcc01a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:15:35 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave12-a
server: Apache/2.2.22 (Debian)
age: 2442110
etag: 96a3498785108b3799eceaf167742918
x-cache: Hit from cloudfront
content-type: image/jpg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 109568
x-amz-cf-id: ABPS22QwFq_ZtlE8woNAAuDJOcMOg-dfXoAsZtI1SLyqC2UzWakvGA==

GET
H2 200 1__64d096a8.jpg
static.fluege.de/img/teaser/PMI/x380/x265/ 150 KB
150 KB 47ms
44ms Image
image/jpg 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/teaser/PMI/x380/x265/1__64d096a8.jpg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 8e1fe1737f11ace0c2bd514e8e0224df9bd99e447fe19919915f5f3341a908bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:08:49 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave18-a
server: Apache/2.2.22 (Debian)
age: 671316
etag: 15b2649d09731c70b34a901cfd185d02
x-cache: Hit from cloudfront
content-type: image/jpg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 153368
x-amz-cf-id: skfhMreLZv4jgY8lhOw1W08qGTYsvTW7znyiKskSm4ZJAVYRth2yPg==

GET
H2 200 1__64d096a8.jpg
static.fluege.de/img/teaser/LIS/x380/x552/ 210 KB
211 KB 38ms
35ms Image
image/jpg 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/teaser/LIS/x380/x552/1__64d096a8.jpg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: fd5706766694e1d90b196eec12a5d4501686c2f3c9f89d41fdeca4f0c968a743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:08:49 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave03-a
server: Apache/2.2.22 (Debian)
age: 671316
etag: 55e7cf2275a69625c6a7da5d802cdcb7
x-cache: Hit from cloudfront
content-type: image/jpg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
content-length: 215416
x-amz-cf-id: lDuaIW9r-op9Hqm4gxvUyaNhDywUASY-XGL0Yz_S-za6p8FB1l2S3w==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1292129518&utmhn=www.fluege.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=G%C3%...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31842-55&cid=2088430718.1647326246&jid=1630516360&_v=5.7.2dc&z=1292129518
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31842-55&cid=2088430718.1647326246&jid=1630516360&_v=5.7.2dc&z=1292129518&slf_rd=1&random=2017241200

42 B
501 B

81ms
35ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31842-55&cid=2088430718.1647326246&jid=1630516360&_v=5.7.2dc&z=1292129518&slf_rd=1&random=2017241200

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31842-55&cid=2088430718.1647326246&jid=1630516360&_v=5.7.2dc&z=1292129518&slf_rd=1&random=2017241200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 endlich_reisen_badge__64d096a8.svg
static.fluege.de/img/kingfisher/contest/ 9 KB
9 KB 21ms
21ms Image
image/svg+xml 13.32.121.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fluege.de/img/kingfisher/contest/endlich_reisen_badge__64d096a8.svg
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-48.fra60.r.cloudfront.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: f8356332cfc3cf4186cbd469b2a1cc87bd0d4b62e14a7d57edd57e1527571d7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 12:08:49 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
provided-host: slave03-a
age: 671316
x-cache: Hit from cloudfront
content-length: 9231
last-modified: Mon, 07 Mar 2022 10:47:10 GMT
server: Apache/2.2.22 (Debian)
etag: "240f-5d99e961b8780;5d99e961b8780"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: uyyDEE6bzmiK-kw9J47EDYb9-eWeqDiwwljKNLQ1jbzDemfSfP78vw==

GET
H2 200 widget.js Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/js/ 125 KB
26 KB 40ms
39ms Script
text/javascript 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/js/widget.js?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=&referer=https%3A%2F%2Fwww.fluege.de%2F

Requested by

Host: saas-selfservice01.kcenter.usu.com
URL: https://saas-selfservice01.kcenter.usu.com/kfirst-widget/js/loader.js?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

6e3741edc204407346e286ecac1ea2b078c0e7009972c9d45f1cc3db34f06b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Mar 2022 06:37:25 GMT
etag: "2fdb0ade81f6bea2aba080b27e3df9b2"
x-frame-options: ALLOWALL
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1;mode=block

GET
H2 200 charming-llama.js Show response
tr-c.fluege.de/ 136 KB
51 KB 46ms
46ms Script
text/javascript 34.120.148.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr-c.fluege.de/charming-llama.js?id=G-WT5M3VBBGY&l=dataLayer&cx=c
Requested by: Host: tr-c.fluege.de
URL: https://tr-c.fluege.de/salty-dove.js?id=GTM-56L6RSX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.148.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.148.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fca8cc25b66172b77e909066ce7c1e5dec037676b0cc276865b97da31d798b8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds5EAZSwbrbb0j_Z3Nww-nPJPGJQq-xEAitFMw_7m--DzPaL2uycc_d5xu6N9ky1Vr4TxtzQBXbp68I1iQdE74
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 51815
last-modified: Tue, 09 Feb 2021 12:49:36 GMT
server: UploadServer
etag: "3fecb024a3a836ef62fbe7308a7fb42d"
vary: Accept-Encoding
x-goog-hash: crc32c=GgzN6w==, md5=P+ywJKOoNu9i++cwin+0LQ==
x-goog-generation: 1612874976742955
cache-control: private, max-age=900
x-goog-stored-content-length: 51815
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 15 Mar 2022 06:52:25 GMT

GET
H2 200 alert-guinea-pig.js Show response
tr-c.fluege.de/ 46 KB
19 KB 52ms
52ms Script
text/javascript 34.120.148.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr-c.fluege.de/alert-guinea-pig.js
Requested by: Host: tr-c.fluege.de
URL: https://tr-c.fluege.de/salty-dove.js?id=GTM-56L6RSX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.148.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.148.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fde5cf4446608106a60198cc87d08a1f5fc2ad1e3e19a95e97fe9fd35e4fd561

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvenGhtX0Ivc5w3OAD_AZPQQmKLhqYqAlkAGKiwqnz0rvEY7zi1Xz9Me62bDfeuD_u3cm3qsF6PAGxYlkwRvnQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 18875
last-modified: Tue, 26 Jan 2021 13:48:58 GMT
server: UploadServer
etag: "b67caff55f66e588b66adc900ffeb30c"
vary: Accept-Encoding
x-goog-hash: crc32c=AvjcOA==, md5=tnyv9V9m5Yi2atyQD/6zDA==
x-goog-generation: 1611668938068264
cache-control: private, max-age=900
x-goog-stored-content-length: 18875
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 15 Mar 2022 06:52:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJCPC76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1959
date: Tue, 15 Mar 2022 06:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Mar 2022 08:04:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 88ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJCPC76
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A8FBEEECF1554B429B7B4DC1E7DECF6B Ref B: FRAEDGE1221 Ref C: 2022-03-15T06:37:25Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 131ms
66ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJCPC76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Mar 2022 06:37:25 GMT

OPTIONS
H2 200 languagesettings
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/ Frame 0
0 58ms
19ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/languagesettings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

GET
H2 200 languagesettings Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/ 271 B
456 B 18ms
18ms XHR
application/json 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/languagesettings

Requested by

Host: saas-selfservice01.kcenter.usu.com
URL: https://saas-selfservice01.kcenter.usu.com/kfirst-widget/js/widget.js?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=&referer=https%3A%2F%2Fwww.fluege.de%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

5e11a92b5c9a980e997f618e516cc3bda3aae9e25e740826ff87df8b5410dce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: main
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: ALLOWALL
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
expires: 0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 collect
tr-s.fluege.de/ 35 B
240 B 109ms
57ms Image
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr-s.fluege.de/collect?v=1&_v=j87&aip=1&a=1531765833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fluege.de%2F&dp=index&ul=en-us&de=UTF-8&dt=G%C3%BCnstige%20Fl%C3%BCge%20online%20buchen%20%E2%80%93%20Flug-Angebote%20vergleichen%20%7C%20fluege.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=227697226.2088430718.1647326246.1647326246.1647326246.1&_utmz=227697226.1647326246.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1647326245826&_u=YSBCCEABB~&cid=2088430718.1647326246&tid=UA-120028753-1&_gid=850577779.1647326246&_fplc=0&gtm=2wg37056L6RSX&cd1=2022-03-15%2006%3A37%3A25&cd15=&cd21=https%3A%2F%2Fwww.fluege.de%2F&cd32=.&cd33=.&cd34=FLEBO2_0&cd36=.&cd39=.&cd41=.&cd44=.&z=1334160061
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif

POST
H2 200 collect
tr-s.fluege.de/g/ 35 B
295 B 86ms
48ms Ping
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr-s.fluege.de/g/collect?v=2&tid=G-WT5M3VBBGY&gtm=2oe1r0&_p=1531765833&sr=1600x1200&ul=en-us&cid=2088430718.1647326246&_s=1&dl=https%3A%2F%2Fwww.fluege.de%2F&dr=&dt=G%C3%BCnstige%20Fl%C3%BCge%20online%20buchen%20%E2%80%93%20Flug-Angebote%20vergleichen%20%7C%20fluege.de&sid=1647326245&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.page_path=index&ep.timestamp=2022-03-15%2006%3A37%3A25&ep.page_url=https%3A%2F%2Fwww.fluege.de%2F
Requested by: Host: tr-c.fluege.de
URL: https://tr-c.fluege.de/charming-llama.js?id=G-WT5M3VBBGY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: https://www.fluege.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 53ms
25ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1531765833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fluege.de%2F&dp=index&ul=en-us&de=UTF-8&dt=G%C3%BCnstige%20Fl%C3%BCge%20online%20buchen%20%E2%80%93%20Flug-Angebote%20vergleichen%20%7C%20fluege.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=227697226.2088430718.1647326246.1647326246.1647326246.1&_utmz=227697226.1647326246.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1647326245857&_u=QCCCCEABBAAAAC~&jid=2117161957&gjid=143725307&cid=2088430718.1647326246&tid=UA-120028753-5&_gid=850577779.1647326246&_r=1&gtm=2wg370WJCPC76&cd1=2022-03-15%2006%3A37%3A25&cd15=&cd21=https%3A%2F%2Fwww.fluege.de%2F&z=819734499

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fluege.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fluege.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bc-v3.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame B47D 2 KB
1 KB 75ms
18ms Document
text/html 2a02:26f0:1700:781::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:781::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=20224992
expires: Fri, 04 Nov 2022 08:40:37 GMT
date: Tue, 15 Mar 2022 06:37:25 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 global Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/pagesettings/ 719 B
295 B 21ms
20ms XHR
application/json 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/pagesettings/global?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

a420639592af85db73f683f4145cee263e8c3b9cf853690692f7fa8427fc9308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: en
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: ALLOWALL
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
expires: 0

OPTIONS
H2 200 global
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/pagesettings/ Frame 0
0 26ms
26ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/pagesettings/global?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

GET
H2 204 5067107.js Show response
bat.bing.com/p/action/ 0
112 B 193ms
193ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5067107.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 06:37:25 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 473BC94F3C914DD8A7EC2D5EB03DBEA9 Ref B: FRAEDGE1221 Ref C: 2022-03-15T06:37:25Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 41ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5067107&tm=gtm002&Ver=2&mid=7322ec7b-895e-4d16-a322-c42fbedbdd69&sid=60ac5600a42a11ec9deb451a82e691b0&vid=60acbd00a42a11eca40e156db4758b69&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=G%C3%BCnstige%20Fl%C3%BCge%20online%20buchen%20%E2%80%93%20Flug-Angebote%20vergleichen%20%7C%20fluege.de&kw=G%C3%BCnstige%20Fl%C3%BCge%20online%20buchen%20%E2%80%93%20Flug-Angebote%20vergleichen%20%7C%20fluege.de,%20Reisen,%20Urlaub,%20Buchen,%20Freizeit,%20Last-Minute,%20Schn%C3%A4ppchen-%20und%20Pauschalreisen,%20Fl%C3%BCge,%20Hotels,%20Mietwagen,%20Lastminute,%20Kreuzfahrten,%20Hotelbewertung,%20Community,%20Magazin&p=https%3A%2F%2Fwww.fluege.de%2F&r=&lt=539&evt=pageLoad&msclkid=N&sv=1&rn=312438
Requested by: Host: www.fluege.de
URL: https://www.fluege.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3EEF50EE4B94B07ADAEAFDDE3DF5D21 Ref B: FRAEDGE1221 Ref C: 2022-03-15T06:37:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1E76 13 KB
5 KB 100ms
33ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.fluege.de&origin=onetag&us_privacy=1YNY

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2275
date: Tue, 15 Mar 2022 06:37:25 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 settings Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/ 526 B
362 B 19ms
19ms XHR
application/json 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/settings?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

76c94f07f9bc85f55b2ba13b69c8ec07b01e7a8af12e7cdd8d2d609d4db6c68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: en
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: ALLOWALL
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
expires: 0

OPTIONS
H2 200 settings
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/ Frame 0
0 21ms
20ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/settings?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

GET
H2 200 iconmap.svg Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/icons/ 12 KB
12 KB 20ms
20ms XHR
text/xml 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/icons/iconmap.svg?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

1d9e0c9f22752af8e828af0ebbf4f337ff828c33dd83da59f029006db80efdf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: en
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Mar 2022 06:20:05 GMT
x-frame-options: ALLOWALL
etag: "dc7f0a0e5bbb0d04e15d26e517aac402"
vary: Accept-Encoding, https://www.fluege.de, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 12524
x-xss-protection: 1;mode=block

OPTIONS
H2 200 iconmap.svg
saas-selfservice01.kcenter.usu.com/kfirst-widget/icons/ Frame 0
0 19ms
19ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/icons/iconmap.svg?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

OPTIONS
H2 200 widget
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/ Frame 0
0 20ms
19ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

GET
H2 200 widget Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/ 557 B
295 B 36ms
36ms XHR
application/json 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

3be4dc76dd461cf635863cdfae5ebe1a16d39a027b0bf74f598fe77de17c9503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: en
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: ALLOWALL
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
expires: 0

GET
H2 200 style.css
saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/usuiconfont/ 1 KB
538 B 23ms
22ms Stylesheet
text/css 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/usuiconfont/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

2d1fd8d540ee46e8dccd3ba887642fd8be3584f16a5681c510a0942762148d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
last-modified: Thu, 03 Dec 2020 16:35:24 GMT
x-frame-options: ALLOWALL
content-type: text/css;charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 widget.css
saas-selfservice01.kcenter.usu.com/kfirst-widget/css/ 108 KB
12 KB 20ms
19ms Stylesheet
text/css 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/css/widget.css?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

676d991a48e6badae41669f5b66cccb8fe6e93f64ed97807a08fff050e9b35ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Mar 2022 06:20:17 GMT
etag: "c94e17cbe127b4087ad1b05b9b7613ce"
x-frame-options: ALLOWALL
content-type: text/css;charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1;mode=block

GET
H2 200 ol.css
saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/openlayers/ 4 KB
1 KB 22ms
21ms Stylesheet
text/css 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/openlayers/ol.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

a21c2bd91b45af13fdab7c45628847a6cff3a9580b06473cf4b843d6a1ccf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
last-modified: Thu, 03 Dec 2020 16:35:24 GMT
x-frame-options: ALLOWALL
content-type: text/css;charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 ol.js Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/openlayers/ 917 KB
225 KB 33ms
32ms Script
application/javascript 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/openlayers/ol.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

7af914d401b1bf5d82e960b9d0ea084af51fb79900c1c520dd58510f3433ab17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
last-modified: Thu, 03 Dec 2020 16:35:24 GMT
x-frame-options: ALLOWALL
content-type: application/javascript;charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 docrenderer.lib.min.js Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/documentrenderer/ 194 KB
49 KB 31ms
31ms Script
application/javascript 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/vendor/documentrenderer/docrenderer.lib.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

42901636d96f1f6620184b38861842382d09333a1061d50318077e3892d152f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
last-modified: Thu, 03 Dec 2020 16:35:24 GMT
x-frame-options: ALLOWALL
content-type: application/javascript;charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1E76
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=fluege.de&sn=ChromeSyncframe&so=0&topUrl=www.fluege.de&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=vAcrpXxrV2VtU0pUNVdyTERxU3lrV2VhVW1NakVCWXJPUm5DZEtCVi8xMTZqVUxZWDM0VkVDVGZuVGRvaXJFYSt6TnBqVWZzOXlrKzgwRnNmYjhHZ0QxZ0EvMEVsWDZKMzRQdVJyNk1td2hmajV0MzdVazRMZ2EzUFEzMk...

430 B
633 B

95ms
29ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vAcrpXxrV2VtU0pUNVdyTERxU3lrV2VhVW1NakVCWXJPUm5DZEtCVi8xMTZqVUxZWDM0VkVDVGZuVGRvaXJFYSt6TnBqVWZzOXlrKzgwRnNmYjhHZ0QxZ0EvMEVsWDZKMzRQdVJyNk1td2hmajV0MzdVazRMZ2EzUFEzMkF5MVROUUgrTE8wamxDMnNJTHN3bEE2M3owQkYvenhjdWhxazdUZEZ4N2d2Rk1zWng1ZEtTdnIyNEZTK2Q4cXhGVkNPM3FKVGx2SUY3dlhKWEw4amFlVUpKdHNFOFhOSlNMV3JmSmxTRWlVTFpLU1kxYnhjRWhISGpRYUI2T0xobXFVMUZaZEczTHYrNDlHM3FJZXdJV09SbGxqOEk0QT09fA&cppv=2

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d7deab019389025021dea4913ef3b5752449d4f672aceffbae5d0dbcbf240556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4912
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=vAcrpXxrV2VtU0pUNVdyTERxU3lrV2VhVW1NakVCWXJPUm5DZEtCVi8xMTZqVUxZWDM0VkVDVGZuVGRvaXJFYSt6TnBqVWZzOXlrKzgwRnNmYjhHZ0QxZ0EvMEVsWDZKMzRQdVJyNk1td2hmajV0MzdVazRMZ2EzUFEzMkF5MVROUUgrTE8wamxDMnNJTHN3bEE2M3owQkYvenhjdWhxazdUZEZ4N2d2Rk1zWng1ZEtTdnIyNEZTK2Q4cXhGVkNPM3FKVGx2SUY3dlhKWEw4amFlVUpKdHNFOFhOSlNMV3JmSmxTRWlVTFpLU1kxYnhjRWhISGpRYUI2T0xobXFVMUZaZEczTHYrNDlHM3FJZXdJV09SbGxqOEk0QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2877
content-length: 541
expires: 0

GET
H2 200 labels Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/ 779 B
324 B 21ms
20ms XHR
application/json 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/labels?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

701f0bffcf3281b8717a4d02fe2cccaf0d4c233906cb1a88cf913e842a251de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: en
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: ALLOWALL
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
expires: 0

GET
H2 200 settings Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcfaq/m7/ 139 B
184 B 25ms
24ms XHR
application/json 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcfaq/m7/settings

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

dfc6b7f46d1dc12cb366d8c9be6ac4fe9ae1024df4a4752a291de4f207b6feaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: en
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: ALLOWALL
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
expires: 0

GET
H2 200 m5 Show response
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcsearch/ 45 B
118 B 24ms
24ms XHR
application/json 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcsearch/m5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

bb384331114b58d70aa77ea3a3168d4b669bfe9f02f122cf777cf97c807c300b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

lang: en
Referer: https://www.fluege.de/
x-kfirst-token: d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4=
Accept-Language: de-DE,de;q=0.9
x-referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: ALLOWALL
vary: Accept-Encoding, accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
expires: 0

OPTIONS
H2 200 labels
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/ Frame 0
0 22ms
21ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/labels?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

OPTIONS
H2 200 settings
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcfaq/m7/ Frame 0
0 21ms
20ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcfaq/m7/settings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

OPTIONS
H2 200 m5
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcsearch/ Frame 0
0 21ms
21ms Preflight 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/data/kcsearch/m5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang,x-kfirst-token,x-referer
Origin: https://www.fluege.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-captchasession,content-type,authorization,access-control-request-method,x-referer,accept,forwarded,x-requested-with,origin,x-filename,xsrf-token,x-forwarded-proto,x-forwarded-for,x-kfirst-token,lang,access-control-request-headers,x-forwarded-host
access-control-allow-methods: POST,OPTIONS,DELETE,PUT,GET,PATCH
access-control-allow-origin: https://www.fluege.de
access-control-expose-headers: x-referer,x-captchasession,xsrf-token
access-control-max-age: 1800
date: Tue, 15 Mar 2022 06:37:25 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,https://www.fluege.de
x-frame-options: ALLOWALL
content-length: 0

GET
H2 200 mpe2
saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/mediapool/ 4 KB
5 KB 21ms
21ms Image
image/png 34.120.198.77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saas-selfservice01.kcenter.usu.com/kfirst-widget/api/widget/mediapool/mpe2?apikey=d1KACVM_tZn0o8ZLEs55pm6EvrBR6l08Ve1hbDy9mh4%3D

Requested by

Host: www.fluege.de
URL: https://www.fluege.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.198.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.198.120.34.bc.googleusercontent.com

Software

Resource Hash

60eb78fc50779944081a22bdd71e1d86b8e3c12935b8a7e9218a221cbb6bf6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Jun 2020 10:27:58 GMT
etag: "E99079B5B3926E1BBDFC589903A7E78C"
x-frame-options: ALLOWALL
content-type: image/png;charset=UTF-8
cache-control: no-cache
content-disposition: inline;filename=faq_2.png
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 4472
x-xss-protection: 1;mode=block
x-filename: faq_2.png

GET
H2 200 prof
a.clicktripz.com/api/advertisers/v1/ 43 B
427 B 123ms
39ms Image
image/gif 3.64.88.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clicktripz.com/api/advertisers/v1/prof?advertiserID=455&format=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.88.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-88-53.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:26 GMT
server: openresty/1.19.9.1
content-type: image/gif
access-control-allow-origin
cache-control: private
access-control-allow-credentials: true
content-length: 43
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 7 KB
8 KB 120ms
44ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=2072&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=n11PmV9KOTJEazhaVXFybDVCMlR0MlhRcDRMM2JZWks5TUhJSnFkMFNTMHZWQXdGMmdYamZHY1pzQ1olMkZVNDlVUWoyOXBHJTJGN0ZtamhJcEJmcXRzWWdHZ1doYm5lc2E2QWJqbyUyRnklMkIyeWVsekppQyUyRjhlZjhNRHd4Uk9WQ1VLamhPJTJGSEM5V2NjNU9aSjdJYWtXUlQ3aDdJYzRFa3clM0QlM0Q&tld=fluege.de&dtycbr=69835&cs=1YNY&cv=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aa2b32b981cafa3e255b8e3902b558a4905e80403f338f4103c66b9a4ff4fae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13689546
timing-allow-origin: *
expires: 0

GET
H2 200 cc.js Show response
consent.cookiebot.com/106ad5f9-eafa-4bd3-80ea-786198344865/ 347 KB
146 KB 154ms
154ms Script
application/x-javascript 2a02:26f0:1700:11::b856:679a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/106ad5f9-eafa-4bd3-80ea-786198344865/cc.js?renew=false&referer=www.fluege.de&dnt=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:679a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e1f124c65493d8f53301b83d8ac91d1481ae61351b4026e8608e48d785407687

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fluege.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 06:37:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
content-length: 148822
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 42B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1WSWg3bm56Wk90a3JPWU1saGhvNVQ5eVhYdGJOUzVIaHZNZXN1Zw
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay1WSWg3bm56Wk90a3JPWU1saGhvNVQ5eVhYdGJOUzVIaHZNZXN1Zw&google_tc=
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
369 B

87ms
25ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:26 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 294346
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 42B9 0
476 B 416ms
99ms Image
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-e3nc53zZOtkrOYMlhho5T9yXXtZJpOZChPFeGg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 06:37:26 GMT
Cache-Control: no-cache
X-TraceId: ada0dc17692a4893447b0420abf6e18d
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 42B9 0
239 B 80ms
18ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-F2tHg3zZOtkrOYMlhho5T9yXXta_i47hI7qCEg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 42B9
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-kVxdrHzZOtkrOYMlhho5T9yXXtZoO7ygnt6APw&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-kVxdrHzZOtkrOYMlhho5T9yXXtZoO7ygnt6APw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
355 B

20ms
19ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-kVxdrHzZOtkrOYMlhho5T9yXXtZoO7ygnt6APw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-kVxdrHzZOtkrOYMlhho5T9yXXtZoO7ygnt6APw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 15 Mar 2022 06:37:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 42B9 43 B
163 B 88ms
25ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-At_RInzZOtkrOYMlhho5T9yXXtY-727WMQPDhQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 42B9
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-YUP1BHzZOtkrOYMlhho5T9yXXtYV4vwzV2bF5g&seg=130915
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YUP1BHzZOtkrOYMlhho5T9yXXtYV4vwzV2bF5g%26seg%3D130915

43 B
1 KB

35ms
35ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YUP1BHzZOtkrOYMlhho5T9yXXtYV4vwzV2bF5g%26seg%3D130915

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1b871e3e-38de-4782-bb28-2fcef84d52a2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 90298d57-c33a-4184-b32e-e8ac4580a916
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YUP1BHzZOtkrOYMlhho5T9yXXtYV4vwzV2bF5g%26seg%3D130915
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 42B9
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ksrt5nzZOtkrOYMlhho5T9yXXtb7HkPu8mRSOQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ksrt5nzZOtkrOYMlhho5T9yXXtb7HkPu8mRSOQ

43 B
448 B

43ms
43ms

Image
image/gif

54.72.168.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ksrt5nzZOtkrOYMlhho5T9yXXtb7HkPu8mRSOQ
Protocol: H2
Server: 54.72.168.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-168-182.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 06:37:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ksrt5nzZOtkrOYMlhho5T9yXXtb7HkPu8mRSOQ
date: Tue, 15 Mar 2022 06:37:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 42B9 42 B
342 B 105ms
30ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NTEmdGw9NDMyMDA=&piggybackCookie=uid:k-ENCMcXzZOtkrOYMlhho5T9yXXtZo-3on7DwdZg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:375
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 42B9
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qNzHAnzZOtkrOYMlhho5T9yXXta-VBxLxjTgRA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qNzHAnzZOtkrOYMlhho5T9yXXta-VBxLxjTgRA&C=1

43 B
1 KB

43ms
43ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qNzHAnzZOtkrOYMlhho5T9yXXta-VBxLxjTgRA&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 15 Mar 2022 06:37:26 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qNzHAnzZOtkrOYMlhho5T9yXXta-VBxLxjTgRA&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Tue, 15 Mar 2022 06:37:26 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 42B9 0
194 B 67ms
19ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 42B9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-I0LqCnzZOtkrOYMlhho5T9yXXtYWgnhSSEHfvA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-I0LqCnzZOtkrOYMlhho5T9yXXtYWgnhSSEHfvA&verify=true

0
122 B

20ms
19ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-I0LqCnzZOtkrOYMlhho5T9yXXtYWgnhSSEHfvA&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-I0LqCnzZOtkrOYMlhho5T9yXXtYWgnhSSEHfvA&verify=true
date: Tue, 15 Mar 2022 06:37:26 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 um
criteo-sync.teads.tv/ Frame 42B9 23 B
172 B 132ms
55ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-jApr2nzZOtkrOYMlhho5T9yXXtZDlc8vJvOR4w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 15 Mar 2022 06:37:26 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 pixel
cm.adform.net/ Frame 42B9 43 B
163 B 119ms
38ms Image
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-pI_WhXzZOtkrOYMlhho5T9yXXtaLuhMObv1YEA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
last-modified: Wed, 20 Jul 2016 07:18:22 GMT
server: nginx
accept-ranges: bytes
etag: "578f25be-2b"
content-length: 43
content-type: image/gif

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame 42B9
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-IBOQ33zZOtkrOYMlhho5T9yXXtbZ9g2TAyAS5Q&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-IBOQ33zZOtkrOYMlhho5T9yXXtbZ9g2TAyAS5Q&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=b46b11...
https://cotads.adscale.de/ads/pixel/1by1.png?uid=e03e9925d171c0d1feb93f7fc73119bc89d7aa742d0ae20566dd0b79b1bb6eca

321 B
702 B

65ms
17ms

Image
image/png

2600:9000:225e:6c00:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=e03e9925d171c0d1feb93f7fc73119bc89d7aa742d0ae20566dd0b79b1bb6eca
Protocol: H2
Server: 2600:9000:225e:6c00:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:20:02 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 537445
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
cache-control: max-age=604800
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: image/png
content-length: 321
x-amz-cf-id: OY0fYOyrulAGG-UBFqdUTFUmHQqm7PzzF6DbvnwBbrQJTAIpvh-5_A==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=e03e9925d171c0d1feb93f7fc73119bc89d7aa742d0ae20566dd0b79b1bb6eca
date: Tue, 15 Mar 2022 06:37:26 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 200 cksync.php
contextual.media.net/ Frame 42B9 45 B
784 B 103ms
58ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-CM0uKnzZOtkrOYMlhho5T9yXXtZBUldITwh9tQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 15 Mar 2022 06:37:26 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 15 Mar 2022 06:37:26 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 42B9 0
522 B 80ms
30ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-e4tptHzZOtkrOYMlhho5T9yXXtagEXhoc8_EWQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 14 Mar 2022 06:37:26 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 42B9
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-JNl0Y3zZOtkrOYMlhho5T9yXXta_fLLpco4CHw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JNl0Y3zZOtkrOYMlhho5T9yXXta_fLLpco4CHw&expires=30

43 B
495 B

19ms
19ms

Image
image/gif

18.195.192.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JNl0Y3zZOtkrOYMlhho5T9yXXta_fLLpco4CHw&expires=30
Protocol: HTTP/1.1
Server: 18.195.192.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 06:37:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JNl0Y3zZOtkrOYMlhho5T9yXXta_fLLpco4CHw&expires=30
Date: Tue, 15 Mar 2022 06:37:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 42B9
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1&apid=UP61194394-a42a-11ec-ac17-06467f305b00

0
133 B

25ms
25ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1&apid=UP61194394-a42a-11ec-ac17-06467f305b00

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3C-pAHzZOtkrOYMlhho5T9yXXta9fWgZOE3fsA&_origin=1&apid=UP61194394-a42a-11ec-ac17-06467f305b00
date: Tue, 15 Mar 2022 06:37:26 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 42B9 68 B
263 B 65ms
17ms Image
image/png 3.64.136.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8LcYf3zZOtkrOYMlhho5T9yXXtbbWJSoyT_M0g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.136.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-136-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
content-length: 68
content-type: image/png

GET
H/1.1 200
OK getusermatch.php
a.twiago.com/rtb/ Frame 42B9 43 B
237 B 114ms
37ms Image
image/gif 85.215.5.31
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-vm8ChHzZOtkrOYMlhho5T9yXXtaB5PA6BFkRhg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 06:37:26 GMT
server: Apache
connection: close
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 42B9 49 B
235 B 90ms
30ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-4OAW63zZOtkrOYMlhho5T9yXXtaRkZdz1SzEbA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:26 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 49
expires: 0

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 42B9 0
99 B 96ms
24ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-1zmaCHzZOtkrOYMlhho5T9yXXtZFLCIJxjR_0Q
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22927

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 42B9 40 B
40 B 63ms
19ms Image
text/html 3.66.118.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-maQN8nzZOtkrOYMlhho5T9yXXtbkGpsBdWkWDg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.118.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-118-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 sync
matching.ivitrack.com/ Frame 42B9 42 B
242 B 72ms
27ms Image
image/gif 34.117.157.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-f1gJLXzZOtkrOYMlhho5T9yXXta6uuigPR-PQw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
via: 1.1 google
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 42

GET
H2 200 c.gif
c.bing.com/ Frame 42B9 42 B
288 B 47ms
46ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-Zt2UI3zZOtkrOYMlhho5T9yXXtY7MMx0ndJhQg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:25 GMT
etag: "7c5ed6a6f22cd81:0"
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D206107379004644BCC019BAB6205B1F Ref B: FRAEDGE1221 Ref C: 2022-03-15T06:37:26Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 42B9 43 B
183 B 321ms
102ms Image
image/gif 2600:1f18:612b:4232:aad:149d:18a2:a241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-nP8Ri3zZOtkrOYMlhho5T9yXXtb8vYXlQHsLUg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:aad:149d:18a2:a241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:37:26 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 42B9
Redirect Chain

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3915424270626771188

43 B
370 B

28ms
27ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3915424270626771188

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 06:37:26 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3374935
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 836ff472-cb74-4d2a-936a-a83830a93673
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3915424270626771188
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 61 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2576a10ea5fc76cb027ecb0db15cfa38fa4ef1c358b92d0b35298e7ba826f77f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 42B9 0
522 B 29ms
28ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=12438557&ext_id=k-e4tptHzZOtkrOYMlhho5T9yXXtagEXhoc8_EWQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 14 Mar 2022 06:37:26 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 42B9 43 B
220 B 18ms
18ms Image
image/gif 18.195.192.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=117&user_id=k-JNl0Y3zZOtkrOYMlhho5T9yXXta_fLLpco4CHw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.192.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 06:37:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 42B9 0
522 B 25ms
25ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-e4tptHzZOtkrOYMlhho5T9yXXtagEXhoc8_EWQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 06:37:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 14 Mar 2022 06:37:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.fluege.de
URL: https://www.fluege.de/service-worker.js

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fluege.de/	1969-12-31 23:59:59	Name: FLUEGESID Value: UOcHgeitHYcER1iL79gMB3
www.fluege.de/	1970-01-20 01:36:52	Name: md9e31101099f Value: cEtXenJUcXZMaj09
.fluege.de/	1970-01-20 02:18:38	Name: fstc Value: cipcmxXRkpIOVBWd2M3Vnp5aHJKdWxWd2JqWVBXYXFhY2xWd2JrQXdEM1ptVjJad0Qxc0Zqdkh5Y1BFMVYzVndjN1Z6eWhySnVsVndiallQV2FxYWNsVndia0F3RDNabVYyWndEMXNGanZJeE1MSkg1U1Z3YzdWenlockp1bFZ3YmpZUFdhcWFjbFZ3YmtBd0QzWm1WMlp3RDFzRmp2RTBJR0pGVjZybFdjb2F5YnB2VjZaUGp2TTNNNnB2VjZaR0wwQW1abEF3VjBBSzBmVnlBTUh4OVBadlY2cmxXY29heWJwdlY2WlBqdk0zTTZwdlY2WkdMMEFtWmxBd1YwQUswZlZ4OVVHdlY2cmxXY29heWJwdlY2WlBqdk0zTTZwdlY2WkdMMEFtWmxBd1YwQUswZlZ4a0JEME1KQUZWNnJsV2NvYXlicHZWNlpQanZNM002cHZWNlpHTDBBbVpsQXdWMEFLMGZWeXlDSDBIbFZ3YzdWenlockp1bFZ3YmtZUFdhcWFjbFZ3YmtBd0QzWm1WMlp3RDFzRmp2SXg1UFpsVjZybFdjb2F5YnB2VjZaRmp2TTNNNnB2VjZaR0wwQW1abEF3VjBBSzBmVnhNQkcxV09FbVpqVndjN1Z6eWhySnVsVndia1lQV2FxYWNsVndia0F3RDNabVYyWndEMXNGanZKSDVRRXlMMFZ3YzdWenlockp1bFZ3YmxZUFdhcWFjbFZ3YmtBd0QzWm1WMlp3RDFzSzA9
.fluege.de/	1970-01-20 19:06:38	Name: __utma Value: 227697226.2088430718.1647326246.1647326246.1647326246.1
.fluege.de/	1969-12-31 23:59:59	Name: __utmc Value: 227697226
.fluege.de/	1970-01-20 05:58:14	Name: __utmz Value: 227697226.1647326246.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.fluege.de/	1970-01-20 01:35:26	Name: __utmt Value: 1
.fluege.de/	1970-01-20 01:35:28	Name: __utmb Value: 227697226.1.10.1647326246
.fluege.de/	1970-01-20 10:13:50	Name: flights_gdpr_pr_optout Value: 0
.fluege.de/	1970-01-20 10:13:50	Name: flights_gdpr_st_optout Value: 0
.fluege.de/	1970-01-20 10:13:50	Name: flights_gdpr_ma_optin Value: 1
.fluege.de/	1970-01-20 10:13:50	Name: flights_gdpr_consent Value: 0
.fluege.de/	1970-01-20 03:45:02	Name: _gcl_mcc_au Value: 1.1.116399124.1647326246
.fluege.de/	1970-01-20 01:36:52	Name: _gid Value: GA1.2.850577779.1647326246
.fluege.de/	1970-01-20 19:06:38	Name: _ga_WT5M3VBBGY Value: GS1.1.1647326245.1.0.1647326245.0
.fluege.de/	1970-01-20 01:35:26	Name: _gat_UA-120028753-5 Value: 1
.bing.com/	1970-01-20 10:57:02	Name: MUID Value: 236121ADAE6068890E9C30C5AFB26941
.fluege.de/	1970-01-20 01:36:52	Name: _uetsid Value: 60ac5600a42a11ec9deb451a82e691b0
.fluege.de/	1970-01-20 10:57:02	Name: _uetvid Value: 60acbd00a42a11eca40e156db4758b69
.fluege.de/	1970-01-20 03:45:02	Name: lnd_source Value: direct
.fluege.de/	1970-01-20 18:52:14	Name: _ga Value: GA1.2.2088430718.1647326246
.criteo.com/	1970-01-20 10:57:02	Name: uid Value: b50627cf-1497-45a7-b411-1051a5013a67
.fluege.de/	1970-01-20 11:04:50	Name: cto_bundle Value: n11PmV9KOTJEazhaVXFybDVCMlR0MlhRcDRMM2JZWks5TUhJSnFkMFNTMHZWQXdGMmdYamZHY1pzQ1olMkZVNDlVUWoyOXBHJTJGN0ZtamhJcEJmcXRzWWdHZ1doYm5lc2E2QWJqbyUyRnklMkIyeWVsekppQyUyRjhlZjhNRHd4Uk9WQ1VLamhPJTJGSEM5V2NjNU9aSjdJYWtXUlQ3aDdJYzRFa3clM0QlM0Q
a.clicktripz.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c53f25e9d925ad1157e61c5ab61a857e
.clicktripz.com/	1970-01-20 03:45:02	Name: _ctuid Value: 7e8d5345-0807-4605-acee-9e69c44cea92
.adnxs.com/	1970-01-20 03:45:02	Name: uuid2 Value: 3915424270626771188
.3lift.com/	1970-01-20 03:45:02	Name: tluid Value: 1853635238334620883867
.casalemedia.com/	1970-01-20 10:21:02	Name: CMID Value: YjA0JvvQYmFinQlAKKOLRwAA
.casalemedia.com/	1970-01-20 03:45:02	Name: CMPS Value: 3192
.pubmatic.com/	1970-01-20 03:45:02	Name: PUBMDCID Value: 3
.360yield.com/	1970-01-20 03:45:02	Name: tuuid Value: ec5a50e3-e017-4368-a229-8cca487aa8fe
.360yield.com/	1970-01-20 03:45:02	Name: tuuid_lu Value: 1647326246
.yahoo.com/	1970-01-20 10:21:23	Name: A3 Value: d=AQABBCY0MGICEE52hGpKVNV9WAGzDrSj8g8FEgEBAQGFMWI6YgAAAAAA_eMAAA&S=AQAAAi7I-o1Av9k5uyH9ur_U3PM
.casalemedia.com/	1970-01-20 03:45:02	Name: CMPRO Value: 1219
.casalemedia.com/	1970-01-20 01:36:52	Name: CMST Value: YjA0JmIwNCYA
.casalemedia.com/	1970-01-20 10:21:02	Name: CMRUM3 Value: 14623034262760k-qNzHAnzZOtkrOYMlhho5T9yXXta-VBxLxjTgRA
.doubleclick.net/	1970-01-20 10:57:02	Name: IDE Value: AHWqTUm6x_tQuSso6nZ66TtdUR1VsvhQosLq-4KaYL9TWAdjiPtcubRFjq90r2n73Qs
.adscale.de/	1970-01-20 10:17:42	Name: uu Value: b46b11e35c66462d9df5162e905aebc4
.adscale.de/	1970-01-20 10:17:42	Name: cct Value: 1647326246515
.yieldlab.net/	1970-01-20 10:21:02	Name: id Value: e8319ae7-0a69-47b1-9179-831f79822144
.media.net/	1970-01-20 10:21:02	Name: visitor-id Value: 2903278468214775000V10
.media.net/	1970-01-20 02:18:38	Name: data-c-ts Value: 1647326246
.media.net/	1970-01-20 02:18:38	Name: data-c Value: k-CM0uKnzZOtkrOYMlhho5T9yXXtZBUldITwh9tQ~~3
.sharethrough.com/	1970-01-20 10:21:02	Name: stx_user_id Value: 42d0e85e-b476-4d48-9e2a-d67cf207b051
.advertising.com/	1970-01-20 10:22:28	Name: APID Value: UP61194394-a42a-11ec-ac17-06467f305b00
.ih.adscale.de/	1970-01-20 10:17:42	Name: tu Value: 4#2364386471#40~k-IBOQ33zZOtkrOYMlhho5T9yXXtbZ9g2TAyAS5Q~457590~0~0
.bidswitch.net/	1970-01-20 10:21:02	Name: tuuid Value: 68f6eeb7-6019-4ab5-bfb0-bc5553498833
.bidswitch.net/	1970-01-20 10:21:02	Name: c Value: 1647326246
.bidswitch.net/	1970-01-20 10:21:02	Name: tuuid_lu Value: 1647326246
.360yield.com/	1970-01-20 03:45:02	Name: um Value: !38,3XRe6KmRTtdRkWAflhoRlHs3-gEXZjktR9ZcrNejvYkBHNy-wgqtvcQuNgWcgYCIyegAunmq,1655102246
.360yield.com/	1970-01-20 03:45:02	Name: umeh Value: !38,0,1709534246,-1
.analytics.yahoo.com/	1970-01-20 10:21:02	Name: IDSYNC Value: "18zh~23ri:1761~23ri"
exchange.mediavine.com/	1970-01-20 01:55:35	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%226123f190-a42a-11ec-9d21-f1b36440e6ad%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 01:55:35	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226123f190-a42a-11ec-9d21-f1b36440e6ad%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 01:55:35	Name: criteo Value: %7B%22id%22%3A%22k-maQN8nzZOtkrOYMlhho5T9yXXtbkGpsBdWkWDg%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 03:45:02	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?c9O?Qw!EKw)0I^OS4<OqA4uZ9O9R`fk7OB1V=@xOV/GSZl4Dj1/24Zvm<l?2Lg3%i'R3?xnikq(R6(%MmNl$]kNya!tNhToV_qTH6
.outbrain.com/	1970-01-20 03:45:02	Name: obuid Value: 38d686a5-f9fe-4eba-aac6-c762d1fc4323
.outbrain.com/	1970-01-20 02:04:14	Name: criteo Value: k-e3nc53zZOtkrOYMlhho5T9yXXtZJpOZChPFeGg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts-v1.postbooking.fluege.de/api/account Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clicktripz.com
a.twiago.com
accounts-v1.postbooking.fluege.de
ad.360yield.com
ad.yieldlab.net
ads.yahoo.com
bat.bing.com
c.bing.com
cm.adform.net
cm.g.doubleclick.net
consent.cookiebot.com
consentcdn.cookiebot.com
contextual.media.net
cotads.adscale.de
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ih.adscale.de
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pci.usd.de
pixel.advertising.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
saas-selfservice01.kcenter.usu.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.fluege.de
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
tr-c.fluege.de
tr-s.fluege.de
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.fluege.de
www.flugticket24.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
www.fluege.de
104.111.218.85
104.111.242.245
13.248.245.213
13.32.121.48
141.226.228.48
172.217.18.98
178.250.0.163
178.250.2.146
178.250.2.151
18.156.0.31
18.158.180.156
18.158.238.206
18.185.0.220
18.195.192.101
185.233.55.49
185.255.84.152
185.64.190.80
185.86.137.110
2.18.234.21
2.18.235.93
216.239.38.21
2600:1f18:612b:4232:aad:149d:18a2:a241
2600:9000:225e:6c00:1b:832b:ac00:93a1
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:400c:c08::9c
2a00:1450:400e:801::2004
2a00:1450:400e:802::200a
2a00:1450:400e:803::2008
2a02:2638::1c
2a02:2638::3
2a02:26f0:1700:11::b856:679a
2a02:26f0:1700:781::f09
3.64.136.108
3.64.88.53
3.66.118.189
3.67.115.82
34.117.157.22
34.120.148.58
34.120.198.77
37.157.4.40
37.252.173.62
52.29.94.184
54.72.168.182
64.202.112.223
69.173.144.138
85.215.5.31
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
034a96bbda14455d616185fb29722464779fd8d2f9ec02236db477ee2fcd6476
03bf5bea0fbc2f40be81063aca284afa78c394b8105ba6823a8bdf7809287965
0bdec86eeb5f86f7c2d4fb39aa4eccabcccb1fdc9105624ecd0981048881fd6b
0d28b942c0db85dd07ee511a1514daea799427fef4dab0622fcffaa7560e60e9
121aab709a068bb6255216be9e5954ca3c2bb5950a76549eaee0485d92448a59
151f5a011d4daa6d001ea57b54e92f2290cb17a407bbcb2779b60929cef78726
17b653428e5c492ce3cd0776fb4b461ec7d69819685a7977c5154c872e3b1f9e
1d9e0c9f22752af8e828af0ebbf4f337ff828c33dd83da59f029006db80efdf7
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
223fb2503f0f3a83d1ec7516b07423c0cb730cc97b62ae93fec1e4e6261221e9
23185fbc1344dd5a7dbb33c53eecfcb00ef60aecfc84d6a83f826239d84c47c5
2576a10ea5fc76cb027ecb0db15cfa38fa4ef1c358b92d0b35298e7ba826f77f
288b4382c321c56595ce6a22c359ab069d0f92a0ee86f7215dae764bcf4a90d4
2d1fd8d540ee46e8dccd3ba887642fd8be3584f16a5681c510a0942762148d1a
312fe6b8b9ee608133cf7516ce034dea78b7afb2c123699c2261d011b6ab9eb4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3be4dc76dd461cf635863cdfae5ebe1a16d39a027b0bf74f598fe77de17c9503
3d4a60c9ee753561d280bc5d7ae427bc6fcd88410eba87474c8d457e39edf0fc
410fe78313cee6cbd99ae09565aa3a0100779fafeea1d4d1d677fd4ecb2c411d
42901636d96f1f6620184b38861842382d09333a1061d50318077e3892d152f7
4595d280485b537760e8e0e336f815f6d95496c9a88351af42ec643f0342fed9
45cf07d71bb278348988791d891218dba2aa5f5ad8bea86912e7ad923118318f
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
478c2a42a006d0a829caf9d4f77f37189b1f77ac664f52090b73edbab6bcc01a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
578b28634df2edf3f17f28c4f8897a8ff1d3330028fdc834c82e8fae6aa85297
5e11a92b5c9a980e997f618e516cc3bda3aae9e25e740826ff87df8b5410dce4
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60eb78fc50779944081a22bdd71e1d86b8e3c12935b8a7e9218a221cbb6bf6a2
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62a99603fb2603e3418052f3d2dbb91b5f3be9a9161e1b477abaf92e25ee1536
676d991a48e6badae41669f5b66cccb8fe6e93f64ed97807a08fff050e9b35ac
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bab36facb9f03513de838eb6f4e615d2c953f16c416fd9b612ce4133018645b
6d63bb19f8d5cc15f1b25352337d755df04385f8e35af4b8e4b2c31febd728ef
6e31f4f1f4b645d344853dcfef123ecad2e7b1f80b4464074e26acc686110557
6e3741edc204407346e286ecac1ea2b078c0e7009972c9d45f1cc3db34f06b49
701f0bffcf3281b8717a4d02fe2cccaf0d4c233906cb1a88cf913e842a251de6
754dc7b046cff38dfc1b4bc3526b21f1a940b4c79fa0ba53f087b7cc71d180f7
76c94f07f9bc85f55b2ba13b69c8ec07b01e7a8af12e7cdd8d2d609d4db6c68b
7af914d401b1bf5d82e960b9d0ea084af51fb79900c1c520dd58510f3433ab17
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
87ff30b673b9d4a5853fbeb668a62a32f4a92eff79720a28a2f68e38391e5d86
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bc7a9fdaaca230888e7f929afd2c1533ddf0da2de0461cea180f9af24d29215
8e1fe1737f11ace0c2bd514e8e0224df9bd99e447fe19919915f5f3341a908bd
9883d461703b2fa66f7dfaac5402cb9bfb0148ee55092ac68683176617604d72
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f905f0d4f0029f7a04e9edc4434072be091e0f19f2b59f77656f78860828d60
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a21c2bd91b45af13fdab7c45628847a6cff3a9580b06473cf4b843d6a1ccf940
a420639592af85db73f683f4145cee263e8c3b9cf853690692f7fa8427fc9308
aa2b32b981cafa3e255b8e3902b558a4905e80403f338f4103c66b9a4ff4fae6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b863ead4b432ac15c9eb56728fb91eb461efce3e4bc9fdffe78adad897806aaa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb384331114b58d70aa77ea3a3168d4b669bfe9f02f122cf777cf97c807c300b
bc5ca9718cb3f43eb653e6176b3e8dce55b792e06f7bdd80388f0889dc447b15
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d6bcfee413f2992faaf0b36ca7b312a21413935dc83370caeb612dbfc0ff5c28
d7deab019389025021dea4913ef3b5752449d4f672aceffbae5d0dbcbf240556
dcfc243ed1e0f78af2ac254a0a1315250c8c8ab0e545e823ab00a322ade1f8be
dfc6b7f46d1dc12cb366d8c9be6ac4fe9ae1024df4a4752a291de4f207b6feaf
e1f124c65493d8f53301b83d8ac91d1481ae61351b4026e8608e48d785407687
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
ed06b7366a512f6a29aeedec7b8b19bece1b81e67fa757ba4cce4a3622b0fda4
ed99ad128c6cb66d7d00bae23898f1f47a70dffeb605130c8a6f176d2bc369ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17573d03d9f4b2714c193cff8226caf38cee2d44821b4f4a9d67c104d127dc4
f8356332cfc3cf4186cbd469b2a1cc87bd0d4b62e14a7d57edd57e1527571d7f
f987331e2360278ce316a3a44bb2ecca5bde155f707d9c7039b327d1932dff0d
fa603fff87f7332bc3b0462d2111717bf36cd738fb5690e8aa0db63f8bb36a0e
fca8cc25b66172b77e909066ce7c1e5dec037676b0cc276865b97da31d798b8e
fd5706766694e1d90b196eec12a5d4501686c2f3c9f89d41fdeca4f0c968a743
fde5cf4446608106a60198cc87d08a1f5fc2ad1e3e19a95e97fe9fd35e4fd561

www.fluege.de Open in urlscan Pro 18.185.0.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

89 %HTTPS

30 %IPv6

39 Domains

51 Subdomains

46 IPs

8 Countries

2060 kBTransfer

4658 kBSize

58 Cookies

42 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fluege.de Open in urlscan Pro
18.185.0.220 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

89 %
HTTPS

30 %
IPv6

39
Domains

51
Subdomains

46
IPs

8
Countries

2060 kB
Transfer

4658 kB
Size

58
Cookies

117 HTTP transactions
3 data transactions