www.ptaheute.de Open in urlscan Pro
2001:1a50:13::8b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kddigi.pta.online/login.php
Effective URL:
https://www.ptaheute.de/login.php
Submission Tags: phishtake
Submission: On February 14 via api (February 14th 2021, 12:05:12 am UTC) from JP

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 48 HTTP transactions. The main IP is 2001:1a50:13::8b, located in Germany and belongs to RHTEC-AS http://www.rh-tec.de, DE. The main domain is www.ptaheute.de.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 21st 2019. Valid for: 2 years.

This is the only time www.ptaheute.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	89.31.143.1 89.31.143.1	15598 (IPX-AS15598) (IPX-AS15598)
1 16	2001:1a50:13::8b 2001:1a50:13::8b	25560 (RHTEC-AS ...) (RHTEC-AS http://www.rh-tec.de)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
20	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
7	85.215.2.53 85.215.2.53	6724 (STRATO ST...) (STRATO STRATO AG)
1	2606:4700:e0:... 2606:4700:e0::ac40:6a24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
48	8

1 89.31.143.1 (Germany) 1 redirects

ASN15598 (IPX-AS15598, DE)
PTR: www.udag.de

kddigi.pta.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2001:1a50:13::8b (Germany) 1 redirects

ASN25560 (RHTEC-AS http://www.rh-tec.de, DE)

www.ptaheute.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 85.215.2.53 (Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: www.adspirit.sbs.stratoserver.net

apoverlag.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6a24 (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	adspirit.de cdn.adspirit.de apoverlag.adspirit.de	149 KB
16	ptaheute.de 1 redirects www.ptaheute.de	314 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	16 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	browser-update.org browser-update.org	4 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
1	pta.online 1 redirects kddigi.pta.online	209 B
48	7

	Domain	Requested by
20	cdn.adspirit.de	www.ptaheute.de cdn.adspirit.de apoverlag.adspirit.de
16	www.ptaheute.de	1 redirects www.ptaheute.de
7	apoverlag.adspirit.de	cdn.adspirit.de apoverlag.adspirit.de www.ptaheute.de
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	de.ioam.de	1 redirects www.ptaheute.de
1	browser-update.org	www.ptaheute.de
1	www.googletagmanager.com	www.ptaheute.de
1	script.ioam.de	www.ptaheute.de
1	kddigi.pta.online	1 redirects
48	9

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.ptaheute.de AlphaSSL CA - SHA256 - G2	`2019-05-21` - `2021-05-25`	2 years	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
*.adspirit.de Sectigo RSA Organization Validation Secure Server CA	`2019-03-12` - `2021-06-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.ptaheute.de/login.php
Frame ID: AB8B7D18BEF54197AF71C1E6670E50D9
Requests: 26 HTTP requests in this frame

Frame: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610
Frame ID: ACDA619AE45355D8570F487F658D9F49
Requests: 3 HTTP requests in this frame

Frame: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
Frame ID: 5F73D7DC3CCCB3E57664B4F148BB9778
Requests: 4 HTTP requests in this frame

Frame: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
Frame ID: 6A83F80A8646FEC9CC3EFD925644EBC5
Requests: 7 HTTP requests in this frame

Frame: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
Frame ID: 4ED0F5AC852657E0EEB60B27AA3ACA2A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kddigi.pta.online/login.php HTTP 301
http://www.ptaheute.de/login.php HTTP 301
https://www.ptaheute.de/login.php Page URL

Detected technologies

TYPO3 CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

48
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

530 kB
Transfer

1249 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/PTAheute

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PTAheute

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kddigi.pta.online/login.php HTTP 301
http://www.ptaheute.de/login.php HTTP 301
https://www.ptaheute.de/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=CH%2FZurich&cb=000f&i2=000f5932022058ce460286928&ep=1638941143&vr=422&id=b3ypd5&i3=000f5932022058ce460286928%3A1643414696152%3A1613261096152%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613261096152&n1=1&dntt=0&lt=1613261096153&ev=&cs=yhkhmt&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=CH%2FZurich&cb=000f&i2=000f5932022058ce460286928&ep=1638941143&vr=422&id=b3ypd5&i3=000f5932022058ce460286928%3A1643414696152%3A1613261096152%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613261096152&n1=1&dntt=0&lt=1613261096153&ev=&cs=yhkhmt&mo=1&sr=71

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request login.php Show response
www.ptaheute.de/
Redirect Chain

http://kddigi.pta.online/login.php
http://www.ptaheute.de/login.php
https://www.ptaheute.de/login.php

34 KB
10 KB

256ms
226ms

Document
text/html

2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache / PHP/5.4.45-0+deb7u14
Resource Hash: 0ac438ffacf50b9849e1d371243e3c7a826b67034182b1bf2e799aed6018b397

Request headers

Host: www.ptaheute.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u14
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Server: Apache
Location: https://www.ptaheute.de/login.php
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 235
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK stylesheet_1fe7b53d0d.css
www.ptaheute.de/typo3temp/ 9 KB
2 KB 8ms
7ms Stylesheet
text/css 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3temp/stylesheet_1fe7b53d0d.css?1602687342
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4d0cdec9e49043c7977856f33236918f9f25629fe29fd105bc004c93cd2acce3

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 14:55:42 GMT
Server: Apache
ETag: "2314-5b1a2b9c2480d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2161
Expires: Sun, 21 Feb 2021 00:04:53 GMT

GET
H/1.1 200
OK main.min.css
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/ 221 KB
41 KB 42ms
33ms Stylesheet
text/css 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1ea112aed57723d8f0dc9e3a49c27694ead211c496fe49ae3de0826b827d1b2f

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 14:55:04 GMT
Server: Apache
ETag: "37586-5b1a2b77b283b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 41560
Expires: Sun, 21 Feb 2021 00:04:53 GMT

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 47 KB
14 KB 92ms
35ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 000f
Resource Hash: 98be6a8271ae92cd7e664342a135523c8b63abf21c434b0b7454c9881bef9bdf

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Feb 2021 00:04:56 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 000f
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Sun, 14 Feb 2021 02:04:56 GMT

GET
H/1.1 200
OK modernizr.js Show response
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/js/ 11 KB
5 KB 20ms
7ms Script
application/javascript 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/js/modernizr.js?1602687300
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 14:55:00 GMT
Server: Apache
ETag: "2bf4-5b1a2b741c8df"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4624
Expires: Sun, 21 Feb 2021 00:04:53 GMT

GET
H/1.1 200
OK javascript_dd82474708.js Show response
www.ptaheute.de/typo3temp/ 929 B
806 B 21ms
8ms Script
application/javascript 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3temp/javascript_dd82474708.js?1602687325
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: cbc4c14ce6da0654e8d95ef7cfc2f773b58b4cef36c38f5048fa2b96e54fbf87

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 14:55:25 GMT
Server: Apache
ETag: "3a1-5b1a2b8bdf811"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 406
Expires: Sun, 21 Feb 2021 00:04:53 GMT

GET
H2 200 adasync.min.js Show response
cdn.adspirit.de/ 32 KB
9 KB 115ms
30ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/adasync.min.js
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 337d2d56253175bb5fbab5893a82368ed44eb8cb07d58d74332cb9ad4e34cce9

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: gzip
x-77-nzt-ray: +IkSzvxvX5s=
x-77-cache: HIT
x-cache: HIT
x-age: 36858
x-77-nzt: AcO1rzVCD3zv+o8AAA==
last-modified: Thu, 21 Jan 2021 13:49:23 GMT
server: CDN77-Turbo
etag: W/"2411400843"
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 22 Jan 2021 13:50:15 GMT

GET
H/1.1 200
OK main.min.js Show response
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/JavaScript/ 203 KB
64 KB 38ms
25ms Script
application/javascript 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/JavaScript/main.min.js?1602687305
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: c4958755310b74bb2c4668deb5827ffa6cdf7f9c3f44dc82c83c1036c4113df9

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 14:55:05 GMT
Server: Apache
ETag: "32adb-5b1a2b7856935"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 21 Feb 2021 00:04:53 GMT

GET
H/1.1 200
OK print.css
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/css/ 851 B
747 B 8ms
8ms Stylesheet
text/css 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/css/print.css?1602687300
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 505202a35714c6bcbfea6efae69e6085979f96597e447f887d510ea5f82b1d8f

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 14:55:00 GMT
Server: Apache
ETag: "353-5b1a2b73aa4c4"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 362
Expires: Sun, 21 Feb 2021 00:04:53 GMT

GET
H/1.1 200
OK 3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 45 KB
46 KB 7ms
7ms Font
application/x-font-woff 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: f08e70626ae1cc87844b612d3c90fe60bfc4eb42708c19bb279efb046011eb27

Request headers

Origin: https://www.ptaheute.de
Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:04 GMT
Server: Apache
ETag: "2a0724-b4f3-5b1a2b77e4519"
Content-Type: application/x-font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 46323

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=CH%2FZurich&cb=000f&i2=000f593202205...
https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=CH%2FZurich&cb=000f&i2=000f593202205...

0
717 B

41ms
41ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=CH%2FZurich&cb=000f&i2=000f5932022058ce460286928&ep=1638941143&vr=422&id=b3ypd5&i3=000f5932022058ce460286928%3A1643414696152%3A1613261096152%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613261096152&n1=1&dntt=0&lt=1613261096153&ev=&cs=yhkhmt&mo=1&sr=71
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0031
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:56 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0031
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Sun, 14 Feb 2021 00:04:56 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 0031
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Sun, 14 Feb 2021 00:04:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=CH%2FZurich&cb=000f&i2=000f5932022058ce460286928&ep=1638941143&vr=422&id=b3ypd5&i3=000f5932022058ce460286928%3A1643414696152%3A1613261096152%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613261096152&n1=1&dntt=0&lt=1613261096153&ev=&cs=yhkhmt&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Fri, 14 Feb 2020 00:04:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
30 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSLFT9

Requested by

Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25a9daca2f398631af11f25cba71c70c7f7d260da2ae39670a3d9e13999ef78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30166
x-xss-protection: 0
expires: Sun, 14 Feb 2021 00:04:56 GMT

GET
H/1.1 200
OK slidemask-right.png
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/ 3 KB
4 KB 7ms
6ms Image
image/png 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/slidemask-right.png
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: d8cfb70614791b3e490a6d576c72eb85906038c1c9b7b43b8b92c059eb5e9e29

Request headers

Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:06 GMT
Server: Apache
ETag: "2a07d4-d1a-5b1a2b79a3948"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3354

GET
H/1.1 200
OK 2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 51 KB
52 KB 7ms
6ms Font
application/x-font-woff 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: c59249bec52a8fe8daa4cb518df92b5962157957901487ba571fc4c7d803e4d4

Request headers

Origin: https://www.ptaheute.de
Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:04 GMT
Server: Apache
ETag: "2a0722-ccfd-5b1a2b77da8da"
Content-Type: application/x-font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 52477

GET
H/1.1 200
OK 404_error_280.png
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/ 7 KB
7 KB 7ms
6ms Image
image/png 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/404_error_280.png
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 48485e1bda032bd773d060650996a2900fe953039039e826fca525fceb85a847

Request headers

Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:05 GMT
Server: Apache
ETag: "2a0765-1c48-5b1a2b789aef2"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7240

GET
H/1.1 200
OK 9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 38 KB
38 KB 7ms
7ms Font
application/x-font-woff 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 632f30ff405b737d566889cd6aa2faf93fb83959f34793394241ac89c4a415d4

Request headers

Origin: https://www.ptaheute.de
Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:05 GMT
Server: Apache
ETag: "2a072b-98b3-5b1a2b7803918"
Content-Type: application/x-font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 39091

GET
H/1.1 200
OK f74530f5-a39c-47e3-97d9-6821fc4df8c0.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 38 KB
39 KB 8ms
7ms Font
application/x-font-woff 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/f74530f5-a39c-47e3-97d9-6821fc4df8c0.woff
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3912291454371fb11b4b8336f60ba1d0501040bfe65e1e5b4bb0c53e1956ecc6

Request headers

Origin: https://www.ptaheute.de
Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:05 GMT
Server: Apache
ETag: "2a0732-991d-5b1a2b7821d77"
Content-Type: application/x-font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 39197

GET
H/1.1 200
OK icomoon.woff2
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 5 KB
5 KB 8ms
8ms Font
application/octet-stream 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/icomoon.woff2?ej957p
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: f2d778511bca67bc19db78d751a98ae8f52a71450b982a94d073d2b0a18fef7c

Request headers

Origin: https://www.ptaheute.de
Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:05 GMT
Server: Apache
ETag: "2a073a-12f4-5b1a2b78355f6"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4852

GET
H/1.1 200
OK adscript.php Show response
apoverlag.adspirit.de/ 3 KB
3 KB 260ms
134ms Script
text/javascript 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://apoverlag.adspirit.de/adscript.php?async=p45015x0&wpcn=asm48405030x1613261096321&ref=https%3A%2F%2Fwww.ptaheute.de%2Flogin.php&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=772&vis=-1&tz=1613261096441&pid=127&gdpr_consent=[consentstring]

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

www.adspirit.sbs.stratoserver.net

Software

Apache /

Resource Hash

510c3ac1ffc7860b3ef80c7c8ad29636d5394f594eca06f42d3db5d1ae6ef474

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 00:04:56 GMT
last-modified: Sun, 14 Feb 2021 00:04:56 GMT
server: Apache
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 2783
x-xss-protection: 0
expires: 0

GET
H/1.1 200
OK adscript.php Show response
apoverlag.adspirit.de/ 15 KB
15 KB 255ms
129ms Script
text/javascript 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://apoverlag.adspirit.de/adscript.php?async=p89314x1&wpcn=asm48405030x1613261096321&ref=https%3A%2F%2Fwww.ptaheute.de%2Flogin.php&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=160&vis=-1&tz=1613261096442&pid=128&gdpr_consent=[consentstring]

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

www.adspirit.sbs.stratoserver.net

Software

Apache /

Resource Hash

5af6ec94e76edc7cbdaf7cd26a0f01d058dbb342b5195d0cc8b373abf7aadc77

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 00:04:56 GMT
last-modified: Sun, 14 Feb 2021 00:04:56 GMT
server: Apache
transfer-encoding: chunked
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
x-xss-protection: 0
expires: 0

GET
H/1.1 200
OK arrow-darkblue-up.png
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/ 181 B
455 B 6ms
6ms Image
image/png 2001:1a50:13::8b
RHTEC-AS http://w...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/arrow-darkblue-up.png
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5e923dc8d8cea07685eb2b2f7f6a0a6a46c7ae3171fd634625ced89c05315f1e

Request headers

Referer: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 00:04:53 GMT
Last-Modified: Wed, 14 Oct 2020 14:55:06 GMT
Server: Apache
ETag: "2a0772-b5-5b1a2b790948e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 181

GET
H2 200 update.js Show response
browser-update.org/ 9 KB
4 KB 31ms
14ms Script
application/javascript 2606:4700:e0::ac40:6a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.js
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6332c39396acac22c2c6334dcd3d3c018f7d28b1f3b6f99cd80dc23e31784c5e

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 244340
cf-polished: origSize=13870
cf-bgj: minify
cf-request-id: 083f73de420000dfa56f25e000000001
last-modified: Thu, 26 Nov 2020 18:43:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oCVfITsam4k1QR1f%2FI20YRG1ZD2YSRmNKyx15Hz7YjRG%2BvC4qkcSL4grfi42Oab5Tqu4PcfGUZxN9jE1MMiVfRrOvcBx%2BydQlNKZY7CVHe2mV8SPMC4qmWn0MjkfK9E%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 621288dd3e73dfa5-FRA
expires: Fri, 12 Feb 2021 04:12:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSLFT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2389
date: Sat, 13 Feb 2021 23:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 14 Feb 2021 01:25:07 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
387 B 47ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=512511377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ptaheute.de%2Flogin.php&ul=en-us&de=UTF-8&dt=Fehler%20-%20404%20%7C%20PTAheute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1881530944&gjid=1539968106&cid=370284336.1613261097&tid=UA-54839387-1&_gid=1075654838.1613261097&_r=1&gtm=2wg230NSLFT9&z=1620198816

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 00:04:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ptaheute.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adframe.php Show response
apoverlag.adspirit.de/ Frame ACDA 2 KB
2 KB 62ms
62ms Document
text/html 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

www.adspirit.sbs.stratoserver.net

Software

Apache /

Resource Hash

5e76176140b9d98de3b0e809866eab59416a1a107b9b7c3a8ad77668332d44f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: apoverlag.adspirit.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ptaheute.de/login.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ptaheute.de/login.php

Response headers

date: Sun, 14 Feb 2021 00:04:56 GMT
server: Apache
last-modified: Sun, 14 Feb 2021 00:04:56 GMT
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
content-length: 1904
content-type: text/html; charset=UTF-8

GET
H2 200 asm_pageview.min.js Show response
cdn.adspirit.de/banner/ 2 KB
1 KB 30ms
30ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/asm_pageview.min.js
Requested by: Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: gzip
x-77-nzt-ray: 08c7koIEjY0=
x-77-cache: HIT
x-cache: HIT
x-age: 35770
x-77-nzt: AcO1rzXAG7PvuosAAA==
last-modified: Tue, 11 Jun 2019 08:31:43 GMT
server: CDN77-Turbo
etag: W/"3762381252"
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 20 Mar 2020 14:03:13 GMT

GET
H/1.1 200
OK adframe.php Show response
apoverlag.adspirit.de/ Frame 5F73 2 KB
3 KB 57ms
57ms Document
text/html 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

www.adspirit.sbs.stratoserver.net

Software

Apache /

Resource Hash

efff74960a85621a3f8c0424f41fc2524963ecbbeac080431a6fd8abb2b80a4b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: apoverlag.adspirit.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ptaheute.de/login.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ptaheute.de/login.php

Response headers

date: Sun, 14 Feb 2021 00:04:56 GMT
server: Apache
last-modified: Sun, 14 Feb 2021 00:04:56 GMT
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
content-length: 2308
content-type: text/html; charset=UTF-8

GET
H2 200 adasync.min.js Show response
cdn.adspirit.de/ Frame ACDA 32 KB
9 KB 38ms
37ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/adasync.min.js
Requested by: Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 337d2d56253175bb5fbab5893a82368ed44eb8cb07d58d74332cb9ad4e34cce9

Request headers

Referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: gzip
x-77-nzt-ray: w60OB2HEyP0=
x-77-cache: HIT
x-cache: HIT
x-age: 36858
x-77-nzt: AcO1rzU5yjvv+o8AAA==
last-modified: Thu, 21 Jan 2021 13:49:23 GMT
server: CDN77-Turbo
etag: W/"2411400843"
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 22 Jan 2021 13:50:15 GMT

GET
H/1.1 200
OK adview.php
apoverlag.adspirit.de/ Frame ACDA 43 B
467 B 64ms
64ms Image
image/gif 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apoverlag.adspirit.de/adview.php?tz=16132610967806296127tzmacro&&pid=127&kid=1608&wmid=7203&gdpr_consent=[consentstring]&sid=6&nvc=1&target1=-

Requested by

Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

www.adspirit.sbs.stratoserver.net

Software

Apache /

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 00:04:56 GMT
last-modified: Sun, 14 Feb 2021 00:04:56 GMT
server: Apache
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H2 200 adasync.min.js Show response
cdn.adspirit.de/ Frame 5F73 32 KB
9 KB 37ms
36ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/adasync.min.js
Requested by: Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 337d2d56253175bb5fbab5893a82368ed44eb8cb07d58d74332cb9ad4e34cce9

Request headers

Referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: gzip
x-77-nzt-ray: yfXIFK1wFUQ=
x-77-cache: HIT
x-cache: HIT
x-age: 36858
x-77-nzt: AcO1rzUQYCjv+o8AAA==
last-modified: Thu, 21 Jan 2021 13:49:23 GMT
server: CDN77-Turbo
etag: W/"2411400843"
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 22 Jan 2021 13:50:15 GMT

GET
H/1.1 200
OK adview.php
apoverlag.adspirit.de/ Frame 5F73 43 B
467 B 59ms
58ms Image
image/gif 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apoverlag.adspirit.de/adview.php?tz=16132610968014932128tzmacro&&pid=128&kid=1545&wmid=6859&gdpr_consent=[consentstring]&sid=6&nvc=1&target1=-

Requested by

Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

www.adspirit.sbs.stratoserver.net

Software

Apache /

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 00:04:56 GMT
last-modified: Sun, 14 Feb 2021 00:04:56 GMT
server: Apache
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H2 200 1x1.gif
cdn.adspirit.de/ Frame 5F73 49 B
429 B 37ms
37ms Image
image/gif 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/1x1.gif
Requested by: Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d4602dbd79157d7ce5860b75e04b8d48db5249a911fe27456839cf5b5d144c7c

Request headers

Referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: c95bCperwrQ=
x-77-cache: HIT
x-cache: HIT
x-age: 35262
content-length: 49
x-77-nzt: AcO1rzVUF5nvvokAAA==
last-modified: Mon, 26 Jan 2015 09:46:37 GMT
server: CDN77-Turbo
etag: "1839064398"
access-control-allow-methods: GET, POST, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Fri, 20 Mar 2020 14:03:13 GMT

GET
H2 200 index.html Show response
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/ Frame 6A83 158 KB
23 KB 45ms
44ms Document
text/html 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
Requested by: Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 934eb00235ea0652f85797881cef38705fe42a43b7e48f1400f5acdb739f14e9

Request headers

:method: GET
:authority: cdn.adspirit.de
:scheme: https
:path: /banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x664989y388905&&wmid=7203&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x3203610

Response headers

date: Sun, 14 Feb 2021 00:04:56 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-headers: range
access-control-allow-methods: GET, POST, HEAD
vary: Accept-Encoding
expires: Fri, 12 Feb 2021 17:18:04 GMT
cache-control: max-age=86400
etag: W/"3749141583"
last-modified: Thu, 11 Feb 2021 17:12:44 GMT
server: CDN77-Turbo
x-77-nzt: AcO1rzVlimrvQ18AAA==
x-77-nzt-ray: WpqLGpioIO0=
x-cache: HIT
x-age: 24387
x-77-cache: HIT
x-77-pop: frankfurtDE
content-encoding: gzip

GET
H2 200 index.html Show response
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/ Frame 4ED0 72 KB
17 KB 43ms
43ms Document
text/html 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
Requested by: Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8937abed8936052f44c35aa04e196a5de4525537c406df194c928523f91d1535

Request headers

:method: GET
:authority: cdn.adspirit.de
:scheme: https
:path: /banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613261096x840961y666347&&wmid=6859&pid=128&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_200600x823016

Response headers

date: Sun, 14 Feb 2021 00:04:56 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-headers: range
access-control-allow-methods: GET, POST, HEAD
vary: Accept-Encoding
expires: Tue, 12 Jan 2021 23:22:00 GMT
cache-control: max-age=86400
etag: W/"3464471938"
last-modified: Mon, 07 Dec 2020 16:52:16 GMT
server: CDN77-Turbo
x-77-nzt: AcO1rzU8e7zv1U0BAA==
x-77-nzt-ray: XBREfxxx0Fk=
x-cache: HIT
x-age: 85461
x-77-cache: HIT
x-77-pop: frankfurtDE
content-encoding: gzip

GET
H/1.1 200
OK adpageview.php
apoverlag.adspirit.de/ 43 B
467 B 52ms
51ms Image
image/gif 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apoverlag.adspirit.de/adpageview.php?&wsid=19&sid=6&sid2=0&sid3=0&gdpr_consent=[consentstring]&tz=1613261096838

Requested by

Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

www.adspirit.sbs.stratoserver.net

Software

Apache /

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ptaheute.de/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 00:04:56 GMT
last-modified: Sun, 14 Feb 2021 00:04:56 GMT
server: Apache
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H2 200 asm_html5.js Show response
cdn.adspirit.de/banner/ Frame 6A83 1 KB
837 B 30ms
30ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/asm_html5.js
Requested by: Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 67b153f2dba06590b31459b684b1faf911c7aaa18181c59ea16d892c7539ae19

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: gzip
x-77-nzt-ray: zWy6rf+t9vg=
x-77-cache: HIT
x-cache: HIT
x-age: 35422
x-77-nzt: AcO1rzV+ke3vXooAAA==
last-modified: Fri, 12 Jan 2018 12:47:18 GMT
server: CDN77-Turbo
etag: W/"2854636962"
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 20 Mar 2020 14:03:31 GMT

GET
H2 200 asm_html5.js Show response
cdn.adspirit.de/banner/ Frame 4ED0 1 KB
837 B 30ms
30ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/asm_html5.js
Requested by: Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 67b153f2dba06590b31459b684b1faf911c7aaa18181c59ea16d892c7539ae19

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
content-encoding: gzip
x-77-nzt-ray: Cnh6n/KLOaM=
x-77-cache: HIT
x-cache: HIT
x-age: 35422
x-77-nzt: AcO1rzVDnYvvXooAAA==
last-modified: Fri, 12 Jan 2018 12:47:18 GMT
server: CDN77-Turbo
etag: W/"2854636962"
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 20 Mar 2020 14:03:31 GMT

GET
H2 200 leer.gif
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/ Frame 6A83 1 KB
2 KB 31ms
30ms Image
image/gif 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/leer.gif
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 18ffd620a4a300de0e843169aeb55ec13ed12ba364ffbdfdbb6284885d81ac76

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: GtJM/ka9378=
x-77-cache: HIT
x-cache: HIT
x-age: 24305
content-length: 1211
x-77-nzt: AcO1rzX+GJXv8V4AAA==
last-modified: Thu, 11 Feb 2021 17:12:45 GMT
server: CDN77-Turbo
etag: "3897510527"
access-control-allow-methods: GET, POST, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Fri, 12 Feb 2021 17:18:51 GMT

GET
H2 200 logo_1.png
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/ Frame 6A83 2 KB
3 KB 32ms
30ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/logo_1.png
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5de05d240988f02ecb921c9c7c17bd16eb0ae7a6e0400a5fceddc8855f7ee641

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: cX/JKo2qdh4=
x-77-cache: HIT
x-cache: HIT
x-age: 24305
content-length: 2242
x-77-nzt: AcO1rzWnfenv8V4AAA==
last-modified: Thu, 11 Feb 2021 17:12:44 GMT
server: CDN77-Turbo
etag: "3116452542"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Fri, 12 Feb 2021 17:18:57 GMT

GET
H2 200 t3.png
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/ Frame 6A83 4 KB
4 KB 33ms
32ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/t3.png
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 99c1435a7a0b727983772d4882b53064346b6298fae123b9aafdee3e130d440e

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: DvehVo55IVA=
x-77-cache: HIT
x-cache: HIT
x-age: 24305
content-length: 3606
x-77-nzt: AcO1rzVpyaXv8V4AAA==
last-modified: Thu, 11 Feb 2021 17:12:43 GMT
server: CDN77-Turbo
etag: "4224010993"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Fri, 12 Feb 2021 17:18:58 GMT

GET
H2 200 t2.png
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/ Frame 6A83 4 KB
4 KB 34ms
33ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/t2.png
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fa32d4ca38847a3f2e879368a1e5df02eceecb8969816381871f7e1d06d02bea

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: au3Ksj4sNWc=
x-77-cache: HIT
x-cache: HIT
x-age: 24305
content-length: 3973
x-77-nzt: AcO1rzVe+Gvv8V4AAA==
last-modified: Thu, 11 Feb 2021 17:12:43 GMT
server: CDN77-Turbo
etag: "2303150831"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Fri, 12 Feb 2021 17:18:58 GMT

GET
H2 200 t1.png
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/ Frame 6A83 3 KB
3 KB 34ms
34ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/t1.png
Requested by: Host: www.ptaheute.de
URL: https://www.ptaheute.de/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bb9db3492b6d1fdc3c89ebeb1988a2a51a6265e9fc2cdd183cef2f07371c7ed3

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_sb_728x90_std_20210211_zip/Interpharm-2021_SB_728x90_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161326109612772035158951%26pid%3D127%26kid%3D1608%26wmid%3D7203%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash3449892_collapse&expand=asmflash3449892_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: uhSp1wqc2h0=
x-77-cache: HIT
x-cache: HIT
x-age: 24305
content-length: 2867
x-77-nzt: AcO1rzX0JDzv8V4AAA==
last-modified: Thu, 11 Feb 2021 17:12:43 GMT
server: CDN77-Turbo
etag: "2607762093"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Fri, 12 Feb 2021 17:18:58 GMT

GET
H2 200 leer.gif
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/ Frame 4ED0 1 KB
1 KB 31ms
30ms Image
image/gif 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/leer.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2aa6dc24db3dd67072bb48ba3963f5f4652a8fab6f9f49db535a109e6cf9e8f4

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: TAQdKY1+QIw=
x-77-cache: HIT
x-cache: HIT
x-age: 83558
content-length: 1104
x-77-nzt: AcO1rzWnVPnvZkYBAA==
last-modified: Mon, 07 Dec 2020 16:52:18 GMT
server: CDN77-Turbo
etag: "1821539037"
access-control-allow-methods: GET, POST, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Tue, 12 Jan 2021 23:22:00 GMT

GET
H2 200 t4.png
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/ Frame 4ED0 5 KB
5 KB 33ms
31ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/t4.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c840219fbf69a55a17735bb37e304619a55bcedf6ed5ea690c07454f8ba37894

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: E5ByboFACRI=
x-77-cache: HIT
x-cache: HIT
x-age: 83558
content-length: 4658
x-77-nzt: AcO1rzVNdYjvZkYBAA==
last-modified: Mon, 07 Dec 2020 16:52:17 GMT
server: CDN77-Turbo
etag: "989100956"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Tue, 12 Jan 2021 23:22:00 GMT

GET
H2 200 t3.png
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/ Frame 4ED0 3 KB
3 KB 35ms
33ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/t3.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b18f4afa0ea7cbf7506e222353746b4b886c88e3d13b5ce5f90672208e1a970e

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: 4cX+zH9JAGc=
x-77-cache: HIT
x-cache: HIT
x-age: 85461
content-length: 2994
x-77-nzt: AcO1rzVk94Pv1U0BAA==
last-modified: Mon, 07 Dec 2020 16:52:16 GMT
server: CDN77-Turbo
etag: "4243618307"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Tue, 12 Jan 2021 23:22:00 GMT

GET
H2 200 t2.png
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/ Frame 4ED0 4 KB
4 KB 51ms
50ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/t2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 150e73703e14ec85e2a1819d93a8c6b6f12efbfd450cd604b0b19dfacf1e563b

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: 6W+a8/OEkDY=
x-77-cache: HIT
x-cache: HIT
x-age: 83558
content-length: 4023
x-77-nzt: AcO1rzV3sQHvZkYBAA==
last-modified: Mon, 07 Dec 2020 16:52:15 GMT
server: CDN77-Turbo
etag: "1332902802"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Tue, 12 Jan 2021 23:22:00 GMT

GET
H2 200 t1.png
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/ Frame 4ED0 4 KB
4 KB 52ms
51ms Image
image/png 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/t1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 802a8f24a3f3632901110f99a47cc2e162ac673849f62a26cc7740aea912c585

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: ia7vDZg46zo=
x-77-cache: HIT
x-cache: HIT
x-age: 85461
content-length: 3724
x-77-nzt: AcO1rzV96rrv1U0BAA==
last-modified: Mon, 07 Dec 2020 16:52:15 GMT
server: CDN77-Turbo
etag: "1289386588"
access-control-allow-methods: GET, POST, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Tue, 12 Jan 2021 23:22:00 GMT

GET
H2 200 bg_1.jpg
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/ Frame 4ED0 21 KB
22 KB 59ms
58ms Image
image/jpeg 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/bg_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: db66868232ff7f6b226757b45b95e51d2ee0c078bcf6bd3fc37f6a291bcab2c2

Request headers

Referer: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_ss_zip/PTAheute-Fortbildung_SS/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D16132610961286859302331%26pid%3D128%26kid%3D1545%26wmid%3D6859%26wsid%3D19%26sid%3D6%26ord%3D1613261096%26vlx%3Dad1%26target%3D&collapse=asmflash7814073_collapse&expand=asmflash7814073_expand&close=%closefunc%
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Feb 2021 00:04:56 GMT
x-77-nzt-ray: E2tP1diPtJw=
x-77-cache: HIT
x-cache: HIT
x-age: 85461
content-length: 21616
x-77-nzt: AcO1rzUojQTv1U0BAA==
last-modified: Mon, 07 Dec 2020 16:52:17 GMT
server: CDN77-Turbo
etag: "3464465615"
access-control-allow-methods: GET, POST, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: range
expires: Tue, 12 Jan 2021 23:22:00 GMT

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ptaheute.de/	1970-01-19 16:09:07	Name: _gid Value: GA1.2.1075654838.1613261097
.ptaheute.de/	1970-01-20 09:38:53	Name: _ga Value: GA1.2.370284336.1613261097
.ptaheute.de/	1970-01-19 16:07:41	Name: _gat_UA-54839387-1 Value: 1
.ptaheute.de/	1970-01-20 00:30:14	Name: ioam2018 Value: 000f5932022058ce460286928:1643414696152:1613261096152:.ptaheute.de:2:ptaheu:v2_freier_inhalt:noevent:1613261096152:ewcwm3
.ptaheute.de/	1970-01-19 16:27:50	Name: iom_consent Value: 0000000000&1613261096150

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cAdd placement p45015x0 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p45015x0&wpcn=asm48405030x1613261096321&ref=https%3A%2F%2Fwww.ptaheute.de%2Flogin.php&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=772&vis=-1&tz=1613261096441&pid=127&gdpr_consent=[consentstring]
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cLoading scriptp45015x0 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p45015x0&wpcn=asm48405030x1613261096321&ref=https%3A%2F%2Fwww.ptaheute.de%2Flogin.php&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=772&vis=-1&tz=1613261096441&pid=127&gdpr_consent=[consentstring]
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cAdd placement p89314x1 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p89314x1&wpcn=asm48405030x1613261096321&ref=https%3A%2F%2Fwww.ptaheute.de%2Flogin.php&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=160&vis=-1&tz=1613261096442&pid=128&gdpr_consent=[consentstring]
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cLoading scriptp89314x1 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p89314x1&wpcn=asm48405030x1613261096321&ref=https%3A%2F%2Fwww.ptaheute.de%2Flogin.php&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=160&vis=-1&tz=1613261096442&pid=128&gdpr_consent=[consentstring]
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cCaptured JavaScript Error: ReferenceError: command is not defined color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api	log	URL: https://cdn.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apoverlag.adspirit.de
browser-update.org
cdn.adspirit.de
de.ioam.de
kddigi.pta.online
script.ioam.de
www.google-analytics.com
www.googletagmanager.com
www.ptaheute.de
2001:1a50:13::8b
2606:4700:e0::ac40:6a24
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a02:6ea0:c700::4
85.215.2.53
89.31.143.1
91.215.100.40
91.215.103.64
0ac438ffacf50b9849e1d371243e3c7a826b67034182b1bf2e799aed6018b397
150e73703e14ec85e2a1819d93a8c6b6f12efbfd450cd604b0b19dfacf1e563b
18ffd620a4a300de0e843169aeb55ec13ed12ba364ffbdfdbb6284885d81ac76
1ea112aed57723d8f0dc9e3a49c27694ead211c496fe49ae3de0826b827d1b2f
25a9daca2f398631af11f25cba71c70c7f7d260da2ae39670a3d9e13999ef78f
2aa6dc24db3dd67072bb48ba3963f5f4652a8fab6f9f49db535a109e6cf9e8f4
337d2d56253175bb5fbab5893a82368ed44eb8cb07d58d74332cb9ad4e34cce9
3912291454371fb11b4b8336f60ba1d0501040bfe65e1e5b4bb0c53e1956ecc6
48485e1bda032bd773d060650996a2900fe953039039e826fca525fceb85a847
4d0cdec9e49043c7977856f33236918f9f25629fe29fd105bc004c93cd2acce3
505202a35714c6bcbfea6efae69e6085979f96597e447f887d510ea5f82b1d8f
510c3ac1ffc7860b3ef80c7c8ad29636d5394f594eca06f42d3db5d1ae6ef474
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5af6ec94e76edc7cbdaf7cd26a0f01d058dbb342b5195d0cc8b373abf7aadc77
5de05d240988f02ecb921c9c7c17bd16eb0ae7a6e0400a5fceddc8855f7ee641
5e76176140b9d98de3b0e809866eab59416a1a107b9b7c3a8ad77668332d44f3
5e923dc8d8cea07685eb2b2f7f6a0a6a46c7ae3171fd634625ced89c05315f1e
632f30ff405b737d566889cd6aa2faf93fb83959f34793394241ac89c4a415d4
6332c39396acac22c2c6334dcd3d3c018f7d28b1f3b6f99cd80dc23e31784c5e
67b153f2dba06590b31459b684b1faf911c7aaa18181c59ea16d892c7539ae19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
802a8f24a3f3632901110f99a47cc2e162ac673849f62a26cc7740aea912c585
8937abed8936052f44c35aa04e196a5de4525537c406df194c928523f91d1535
934eb00235ea0652f85797881cef38705fe42a43b7e48f1400f5acdb739f14e9
98be6a8271ae92cd7e664342a135523c8b63abf21c434b0b7454c9881bef9bdf
99c1435a7a0b727983772d4882b53064346b6298fae123b9aafdee3e130d440e
9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46
9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c
b18f4afa0ea7cbf7506e222353746b4b886c88e3d13b5ce5f90672208e1a970e
bb9db3492b6d1fdc3c89ebeb1988a2a51a6265e9fc2cdd183cef2f07371c7ed3
c4958755310b74bb2c4668deb5827ffa6cdf7f9c3f44dc82c83c1036c4113df9
c59249bec52a8fe8daa4cb518df92b5962157957901487ba571fc4c7d803e4d4
c840219fbf69a55a17735bb37e304619a55bcedf6ed5ea690c07454f8ba37894
cbc4c14ce6da0654e8d95ef7cfc2f773b58b4cef36c38f5048fa2b96e54fbf87
d4602dbd79157d7ce5860b75e04b8d48db5249a911fe27456839cf5b5d144c7c
d8cfb70614791b3e490a6d576c72eb85906038c1c9b7b43b8b92c059eb5e9e29
db66868232ff7f6b226757b45b95e51d2ee0c078bcf6bd3fc37f6a291bcab2c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
efff74960a85621a3f8c0424f41fc2524963ecbbeac080431a6fd8abb2b80a4b
f08e70626ae1cc87844b612d3c90fe60bfc4eb42708c19bb279efb046011eb27
f2d778511bca67bc19db78d751a98ae8f52a71450b982a94d073d2b0a18fef7c
fa32d4ca38847a3f2e879368a1e5df02eceecb8969816381871f7e1d06d02bea

www.ptaheute.de Open in urlscan Pro 2001:1a50:13::8b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

56 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

530 kBTransfer

1249 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ptaheute.de Open in urlscan Pro
2001:1a50:13::8b Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

530 kB
Transfer

1249 kB
Size

5
Cookies

48 HTTP transactions
0 data transactions