urlscan.io logo urlscan.io
SecurityTrails logo

www.ptaheute.de Open in urlscan Pro
2001:1a50:13::8b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kddigi.pta.online/index.html
Effective URL: https://www.ptaheute.de/index.html
Submission Tags: phishtake
Submission: On February 13 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 43 HTTP transactions. The main IP is 2001:1a50:13::8b, located in Germany and belongs to RHTEC-AS http://www.rh-tec.de, DE. The main domain is www.ptaheute.de.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 21st 2019. Valid for: 2 years.
This is the only time www.ptaheute.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 89.31.143.1 15598 (IPX-AS15598)
1 16 2001:1a50:13::8b 25560 (RHTEC-AS ...)
1 91.215.100.39 43407 (INFONLINE-AS)
16 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
1 2 91.215.100.40 ()
1 2a00:1450:400... 15169 (GOOGLE)
6 85.215.2.53 ()
1 2606:4700:e0:... ()
2 2a00:1450:400... 15169 (GOOGLE)
43 8
1    89.31.143.1 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: www.udag.de
kddigi.pta.online
16    2001:1a50:13::8b (Germany)

ASN25560 (RHTEC-AS http://www.rh-tec.de, DE)
www.ptaheute.de
1    91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de
script.ioam.de
16    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
cdn.adspirit.de
2    91.215.100.40 (Germany)

ASN- ()
PTR: de4.ioam.de
de.ioam.de
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    85.215.2.53 (Germany)

ASN- ()
PTR: www.adspirit.sbs.stratoserver.net
apoverlag.adspirit.de
1    2606:4700:e0::ac40:6a24 (United States)

ASN- ()
browser-update.org
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
16 cdn.adspirit.de www.ptaheute.de
cdn.adspirit.de
apoverlag.adspirit.de
16 www.ptaheute.de 1 redirects www.ptaheute.de
6 apoverlag.adspirit.de cdn.adspirit.de
www.ptaheute.de
apoverlag.adspirit.de
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 de.ioam.de 1 redirects www.ptaheute.de
1 browser-update.org www.ptaheute.de
1 www.googletagmanager.com www.ptaheute.de
1 script.ioam.de www.ptaheute.de
1 kddigi.pta.online 1 redirects
43 9

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
Subject Issuer Validity Valid
*.ptaheute.de
AlphaSSL CA - SHA256 - G2		 2019-05-21 -
2021-05-25		 2 years crt.sh
*.ioam.de
Thawte TLS RSA CA G1		 2019-09-18 -
2021-12-17		 2 years crt.sh
*.adspirit.de
Sectigo RSA Organization Validation Secure Server CA		 2019-03-12 -
2021-06-09		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.ptaheute.de/index.html
Frame ID: D6C212118120FA8D1C400938E8A2DAA5
Requests: 27 HTTP requests in this frame

Frame: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
Frame ID: 269801DC232023B8FC9E15EDFF5A6BC6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
Frame ID: 862E6F9745894D67A423F1D4E8393EB1
Requests: 6 HTTP requests in this frame

Frame: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
Frame ID: 93211438A2E8D6E633CF0C267D20DAB0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kddigi.pta.online/index.html HTTP 301
    http://www.ptaheute.de/index.html HTTP 301
    https://www.ptaheute.de/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

43
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

515 kB
Transfer

1195 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kddigi.pta.online/index.html HTTP 301
    http://www.ptaheute.de/index.html HTTP 301
    https://www.ptaheute.de/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=AT%2FNiederosterreich&cb=0013&i2=001359f92cab6a1f6602726a3&ep=1639007824&vr=422&id=b3ypd5&i3=001359f92cab6a1f6602726a3%3A1642813732040%3A1613178532040%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613178532040&n1=1&dntt=0&lt=1613178532041&ev=&cs=90frls&mo=1 HTTP 302
  • https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=AT%2FNiederosterreich&cb=0013&i2=001359f92cab6a1f6602726a3&ep=1639007824&vr=422&id=b3ypd5&i3=001359f92cab6a1f6602726a3%3A1642813732040%3A1613178532040%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613178532040&n1=1&dntt=0&lt=1613178532041&ev=&cs=90frls&mo=1&sr=71

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
www.ptaheute.de/
Redirect Chain
  • http://kddigi.pta.online/index.html
  • http://www.ptaheute.de/index.html
  • https://www.ptaheute.de/index.html
34 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache / PHP/5.4.45-0+deb7u14
Resource Hash
0ac438ffacf50b9849e1d371243e3c7a826b67034182b1bf2e799aed6018b397

Request headers

Host
www.ptaheute.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:48 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-0+deb7u14
Content-Encoding
gzip
Vary
Accept-Encoding
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Sat, 13 Feb 2021 01:08:48 GMT
Server
Apache
Location
https://www.ptaheute.de/index.html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
235
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
stylesheet_1fe7b53d0d.css
www.ptaheute.de/typo3temp/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3temp/stylesheet_1fe7b53d0d.css?1602687342
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
4d0cdec9e49043c7977856f33236918f9f25629fe29fd105bc004c93cd2acce3

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 14:55:42 GMT
Server
Apache
ETag
"2314-5b1a2b9c2480d"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2161
Expires
Sat, 20 Feb 2021 01:08:49 GMT
main.min.css
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/ 		221 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
1ea112aed57723d8f0dc9e3a49c27694ead211c496fe49ae3de0826b827d1b2f

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 14:55:04 GMT
Server
Apache
ETag
"37586-5b1a2b77b283b"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
41560
Expires
Sat, 20 Feb 2021 01:08:49 GMT
iam.js
script.ioam.de/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script4.ioam.de
Software
nginx / BLACKBIRD-SRC v0.13 0013
Resource Hash
064592b8b50e94d9b41f51c2d1aa7019b03067f2b8dbdc4788857db036b9db5b

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Feb 2021 01:08:51 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.13 0013
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Sat, 13 Feb 2021 03:08:51 GMT
modernizr.js
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/js/modernizr.js?1602687300
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 14:55:00 GMT
Server
Apache
ETag
"2bf4-5b1a2b741c8df"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4624
Expires
Sat, 20 Feb 2021 01:08:49 GMT
javascript_dd82474708.js
www.ptaheute.de/typo3temp/ 		929 B
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3temp/javascript_dd82474708.js?1602687325
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
cbc4c14ce6da0654e8d95ef7cfc2f773b58b4cef36c38f5048fa2b96e54fbf87

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 14:55:25 GMT
Server
Apache
ETag
"3a1-5b1a2b8bdf811"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
406
Expires
Sat, 20 Feb 2021 01:08:49 GMT
adasync.min.js
cdn.adspirit.de/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adspirit.de/adasync.min.js
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
337d2d56253175bb5fbab5893a82368ed44eb8cb07d58d74332cb9ad4e34cce9

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:51 GMT
content-encoding
gzip
x-77-nzt-ray
nuRwYUri9+s=
x-77-cache
HIT
x-cache
HIT
x-age
40694
x-77-nzt
AcO1ry/pEwHv9p4AAA==
last-modified
Thu, 21 Jan 2021 13:49:23 GMT
server
CDN77-Turbo
etag
W/"2411400843"
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-headers
range
expires
Fri, 22 Jan 2021 13:50:15 GMT
main.min.js
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/JavaScript/ 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/JavaScript/main.min.js?1602687305
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
c4958755310b74bb2c4668deb5827ffa6cdf7f9c3f44dc82c83c1036c4113df9

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 14:55:05 GMT
Server
Apache
ETag
"32adb-5b1a2b7856935"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Sat, 20 Feb 2021 01:08:49 GMT
print.css
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/css/ 		851 B
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Private/Layout/css/print.css?1602687300
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
505202a35714c6bcbfea6efae69e6085979f96597e447f887d510ea5f82b1d8f

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 14:55:00 GMT
Server
Apache
ETag
"353-5b1a2b73aa4c4"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
362
Expires
Sat, 20 Feb 2021 01:08:49 GMT
3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
f08e70626ae1cc87844b612d3c90fe60bfc4eb42708c19bb279efb046011eb27

Request headers

Origin
https://www.ptaheute.de
Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:04 GMT
Server
Apache
ETag
"2a0724-b4f3-5b1a2b77e4519"
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
46323
tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=AT%2FNiederosterreich&cb=0013&i2=001...
  • https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=AT%2FNiederosterreich&cb=0013&i2=001...
0
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.ioam.de/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=AT%2FNiederosterreich&cb=0013&i2=001359f92cab6a1f6602726a3&ep=1639007824&vr=422&id=b3ypd5&i3=001359f92cab6a1f6602726a3%3A1642813732040%3A1613178532040%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613178532040&n1=1&dntt=0&lt=1613178532041&ev=&cs=90frls&mo=1&sr=71
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.40 , Germany, ASN (),
Reverse DNS
de4.ioam.de
Software
nginx / BLACKBIRD-RCV v1.06.2 003d
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:52 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.06.2 003d
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Sat, 13 Feb 2021 01:08:52 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.06.2 003d
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Sat, 13 Feb 2021 01:08:52 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=ptaheu&cp=v2_freier_inhalt&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.ptaheute.de&xy=1600x1200x24&lo=AT%2FNiederosterreich&cb=0013&i2=001359f92cab6a1f6602726a3&ep=1639007824&vr=422&id=b3ypd5&i3=001359f92cab6a1f6602726a3%3A1642813732040%3A1613178532040%3A.ptaheute.de%3A1%3Aptaheu%3Av2_freier_inhalt%3Anoevent%3A1613178532040&n1=1&dntt=0&lt=1613178532041&ev=&cs=90frls&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Thu, 13 Feb 2020 01:08:52 GMT
gtm.js
www.googletagmanager.com/ 		74 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSLFT9
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecca6ba8369f8b16676973a99743b5146027b2e65d868d0f45b1b7231c965540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 01:08:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30121
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Feb 2021 01:08:52 GMT
slidemask-right.png
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/slidemask-right.png
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
d8cfb70614791b3e490a6d576c72eb85906038c1c9b7b43b8b92c059eb5e9e29

Request headers

Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:06 GMT
Server
Apache
ETag
"2a07d4-d1a-5b1a2b79a3948"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3354
2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
c59249bec52a8fe8daa4cb518df92b5962157957901487ba571fc4c7d803e4d4

Request headers

Origin
https://www.ptaheute.de
Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:04 GMT
Server
Apache
ETag
"2a0722-ccfd-5b1a2b77da8da"
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
52477
404_error_280.png
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/404_error_280.png
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
48485e1bda032bd773d060650996a2900fe953039039e826fca525fceb85a847

Request headers

Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:05 GMT
Server
Apache
ETag
"2a0765-1c48-5b1a2b789aef2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
7240
9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
632f30ff405b737d566889cd6aa2faf93fb83959f34793394241ac89c4a415d4

Request headers

Origin
https://www.ptaheute.de
Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:05 GMT
Server
Apache
ETag
"2a072b-98b3-5b1a2b7803918"
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39091
f74530f5-a39c-47e3-97d9-6821fc4df8c0.woff
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/f74530f5-a39c-47e3-97d9-6821fc4df8c0.woff
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
3912291454371fb11b4b8336f60ba1d0501040bfe65e1e5b4bb0c53e1956ecc6

Request headers

Origin
https://www.ptaheute.de
Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:05 GMT
Server
Apache
ETag
"2a0732-991d-5b1a2b7821d77"
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39197
icomoon.woff2
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/fonts/icomoon.woff2?ej957p
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
f2d778511bca67bc19db78d751a98ae8f52a71450b982a94d073d2b0a18fef7c

Request headers

Origin
https://www.ptaheute.de
Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:05 GMT
Server
Apache
ETag
"2a073a-12f4-5b1a2b78355f6"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4852
adscript.php
apoverlag.adspirit.de/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apoverlag.adspirit.de/adscript.php?async=p34459x0&wpcn=asm21389907x1613178532218&ref=https%3A%2F%2Fwww.ptaheute.de%2Findex.html&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=772&vis=-1&tz=1613178532327&pid=127&gdpr_consent=[consentstring]
Requested by
Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.2.53 , Germany, ASN (),
Reverse DNS
www.adspirit.sbs.stratoserver.net
Software
Apache /
Resource Hash
eb130f58295db06f43fcb9a822760f9b5ca7f10a55cb4952d222f79b5d737040
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 01:08:52 GMT
last-modified
Sat, 13 Feb 2021 01:08:52 GMT
server
Apache
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript; charset=utf-8
content-length
2781
x-xss-protection
0
expires
0
adscript.php
apoverlag.adspirit.de/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apoverlag.adspirit.de/adscript.php?async=p71912x1&wpcn=asm21389907x1613178532218&ref=https%3A%2F%2Fwww.ptaheute.de%2Findex.html&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=160&vis=-1&tz=1613178532328&pid=128&gdpr_consent=[consentstring]
Requested by
Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.2.53 , Germany, ASN (),
Reverse DNS
www.adspirit.sbs.stratoserver.net
Software
Apache /
Resource Hash
556819749b8225e73d13f4323a09ae8948da930f05e33b5569a03633acff42ae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 01:08:52 GMT
last-modified
Sat, 13 Feb 2021 01:08:52 GMT
server
Apache
transfer-encoding
chunked
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript; charset=utf-8
x-xss-protection
0
expires
0
arrow-darkblue-up.png
www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/ 		181 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/img/arrow-darkblue-up.png
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1a50:13::8b , Germany, ASN25560 (RHTEC-AS http://www.rh-tec.de, DE),
Reverse DNS
Software
Apache /
Resource Hash
5e923dc8d8cea07685eb2b2f7f6a0a6a46c7ae3171fd634625ced89c05315f1e

Request headers

Referer
https://www.ptaheute.de/typo3conf/ext/cron_layout/Resources/Public/Css/main.min.css?1602687304
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 01:08:49 GMT
Last-Modified
Wed, 14 Oct 2020 14:55:06 GMT
Server
Apache
ETag
"2a0772-b5-5b1a2b790948e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
181
update.js
browser-update.org/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.js
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6332c39396acac22c2c6334dcd3d3c018f7d28b1f3b6f99cd80dc23e31784c5e

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 01:08:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
161776
cf-polished
origSize=13870
cf-bgj
minify
cf-request-id
083a880a3100004a860d2ea000000001
last-modified
Thu, 26 Nov 2020 18:43:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZXRA10jx39jU0fr7vrQ499a1Fie9xsJq913ORiCV%2BjpzHARMGYOhj%2FDRL4fnof65Rhrn6G%2BSKKh6kAODJ%2Bi8%2FvhaxhNJ4F8QUZDXSbHwsfzzd%2BrjTe8Haz0zIUraJ9s%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
cf-ray
620aa92388274a86-FRA
expires
Fri, 12 Feb 2021 04:12:36 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSLFT9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6225
date
Fri, 12 Feb 2021 23:25:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 13 Feb 2021 01:25:07 GMT
collect
www.google-analytics.com/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1139271842&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ptaheute.de%2Findex.html&ul=en-us&de=UTF-8&dt=Fehler%20-%20404%20%7C%20PTAheute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1685523446&gjid=9167438&cid=1311696350.1613178532&tid=UA-54839387-1&_gid=1557685615.1613178532&_r=1&gtm=2wg230NSLFT9&z=938107847
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 01:08:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ptaheute.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
adframe.php
apoverlag.adspirit.de/ Frame 2698 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
Requested by
Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.2.53 , Germany, ASN (),
Reverse DNS
www.adspirit.sbs.stratoserver.net
Software
Apache /
Resource Hash
0d3a1d9afec0a44515bb98ce3d6daf8515544b744702def46e8924dd52034357
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
apoverlag.adspirit.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ptaheute.de/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ptaheute.de/index.html

Response headers

date
Sat, 13 Feb 2021 01:08:52 GMT
server
Apache
last-modified
Sat, 13 Feb 2021 01:08:52 GMT
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
access-control-allow-origin
*
x-xss-protection
0
content-length
1874
content-type
text/html; charset=UTF-8
asm_pageview.min.js
cdn.adspirit.de/banner/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adspirit.de/banner/asm_pageview.min.js
Requested by
Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
content-encoding
gzip
x-77-nzt-ray
54fdeV/2S/Q=
x-77-cache
HIT
x-cache
HIT
x-age
33160
x-77-nzt
AcO1ry/N/y7viIEAAA==
last-modified
Tue, 11 Jun 2019 08:31:43 GMT
server
CDN77-Turbo
etag
W/"3762381252"
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-headers
range
expires
Sat, 08 Feb 2020 15:50:00 GMT
adpageview.php
apoverlag.adspirit.de/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apoverlag.adspirit.de/adpageview.php?&wsid=19&sid=6&sid2=0&sid3=0&gdpr_consent=[consentstring]&tz=1613178532862
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.2.53 , Germany, ASN (),
Reverse DNS
www.adspirit.sbs.stratoserver.net
Software
Apache /
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 01:08:52 GMT
last-modified
Sat, 13 Feb 2021 01:08:52 GMT
server
Apache
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
43
x-xss-protection
0
expires
0
adasync.min.js
cdn.adspirit.de/ Frame 2698 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adspirit.de/adasync.min.js
Requested by
Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
337d2d56253175bb5fbab5893a82368ed44eb8cb07d58d74332cb9ad4e34cce9

Request headers

Referer
https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
content-encoding
gzip
x-77-nzt-ray
5zKazJaA8Y8=
x-77-cache
HIT
x-cache
HIT
x-age
40695
x-77-nzt
AcO1ry8jqW7v954AAA==
last-modified
Thu, 21 Jan 2021 13:49:23 GMT
server
CDN77-Turbo
etag
W/"2411400843"
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-headers
range
expires
Fri, 22 Jan 2021 13:50:15 GMT
adview.php
apoverlag.adspirit.de/ Frame 2698 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apoverlag.adspirit.de/adview.php?tz=16131785329837303127tzmacro&&pid=127&kid=1545&wmid=6858&gdpr_consent=[consentstring]&sid=6&nvc=1&target1=-
Requested by
Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.2.53 , Germany, ASN (),
Reverse DNS
www.adspirit.sbs.stratoserver.net
Software
Apache /
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 01:08:52 GMT
last-modified
Sat, 13 Feb 2021 01:08:52 GMT
server
Apache
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
43
x-xss-protection
0
expires
0
index.html
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/ Frame 862E 		146 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
Requested by
Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
49f556f950d307ae9195cf39b3541e13d5180ecaf8291c431fd449c8762d0b25

Request headers

:method
GET
:authority
cdn.adspirit.de
:scheme
https
:path
/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptaheute.de/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ptaheute.de/index.html

Response headers

date
Sat, 13 Feb 2021 01:08:52 GMT
content-type
text/html
access-control-allow-origin
*
access-control-allow-headers
range
access-control-allow-methods
GET, POST, HEAD
vary
Accept-Encoding
expires
Fri, 12 Feb 2021 17:20:40 GMT
cache-control
max-age=86400
etag
W/"1660378877"
last-modified
Thu, 11 Feb 2021 17:05:33 GMT
server
CDN77-Turbo
x-77-nzt
AcO1ry9iE0Xvq20AAA==
x-77-nzt-ray
nK2/e2zssTY=
x-cache
HIT
x-age
28075
x-77-cache
HIT
x-77-pop
frankfurtDE
content-encoding
gzip
adview.php
apoverlag.adspirit.de/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apoverlag.adspirit.de/adview.php?tz=1613178532759866128tzmacro&&pid=128&kid=1608&wmid=7201&gdpr_consent=[consentstring]&sid=6&nvc=1&target1=-
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.2.53 , Germany, ASN (),
Reverse DNS
www.adspirit.sbs.stratoserver.net
Software
Apache /
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptaheute.de/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 01:08:52 GMT
last-modified
Sat, 13 Feb 2021 01:08:52 GMT
server
Apache
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
43
x-xss-protection
0
expires
0
index.html
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/ Frame 9321 		69 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
Requested by
Host: apoverlag.adspirit.de
URL: https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e7c90175254b3fd8032fcdb129c9d541dc2676c7d49376b88de8340ddd785bba

Request headers

:method
GET
:authority
cdn.adspirit.de
:scheme
https
:path
/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://apoverlag.adspirit.de/adframe.php?tcid=xzwrap1613178532x51239y919131&&wmid=6858&pid=127&gdpr=0&gdpr_consent=%5Bconsentstring%5D&pmrz=asm_72890x1170410

Response headers

date
Sat, 13 Feb 2021 01:08:52 GMT
content-type
text/html
access-control-allow-origin
*
access-control-allow-headers
range
access-control-allow-methods
GET, POST, HEAD
vary
Accept-Encoding
expires
Tue, 12 Jan 2021 23:22:12 GMT
cache-control
max-age=86400
etag
W/"1488952776"
last-modified
Mon, 07 Dec 2020 16:49:58 GMT
server
CDN77-Turbo
x-77-nzt
AcO1ry94xCvvNwgAAA==
x-77-nzt-ray
i77jeMIAS1c=
x-cache
HIT
x-age
2103
x-77-cache
HIT
x-77-pop
frankfurtDE
content-encoding
gzip
asm_html5.js
cdn.adspirit.de/banner/ Frame 862E 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adspirit.de/banner/asm_html5.js
Requested by
Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
67b153f2dba06590b31459b684b1faf911c7aaa18181c59ea16d892c7539ae19

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
content-encoding
gzip
x-77-nzt-ray
ZJLZnA6Fe6I=
x-77-cache
HIT
x-cache
HIT
x-age
32824
x-77-nzt
AcO1ry8L0cHvOIAAAA==
last-modified
Fri, 12 Jan 2018 12:47:18 GMT
server
CDN77-Turbo
etag
W/"2854636962"
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-headers
range
expires
Sat, 08 Feb 2020 15:50:05 GMT
asm_html5.js
cdn.adspirit.de/banner/ Frame 9321 		1 KB
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adspirit.de/banner/asm_html5.js
Requested by
Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
67b153f2dba06590b31459b684b1faf911c7aaa18181c59ea16d892c7539ae19

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
content-encoding
gzip
x-77-nzt-ray
E7eXvDy1G+c=
x-77-cache
HIT
x-cache
HIT
x-age
32824
x-77-nzt
AcO1ry/nx6DvOIAAAA==
last-modified
Fri, 12 Jan 2018 12:47:18 GMT
server
CDN77-Turbo
etag
W/"2854636962"
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-headers
range
expires
Sat, 08 Feb 2020 15:50:05 GMT
leer.gif
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/ Frame 862E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/leer.gif
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
18ffd620a4a300de0e843169aeb55ec13ed12ba364ffbdfdbb6284885d81ac76

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
kMeHAj902Lc=
x-77-cache
HIT
x-cache
HIT
x-age
27939
content-length
1211
x-77-nzt
AcO1ry+AHd7vI20AAA==
last-modified
Thu, 11 Feb 2021 17:05:34 GMT
server
CDN77-Turbo
etag
"3901184734"
access-control-allow-methods
GET, POST, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Fri, 12 Feb 2021 17:22:08 GMT
txt2.png
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/ Frame 862E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/txt2.png
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1900794a031e84804ec2a2a5ab9ad89372d672e33696bf597e1ba20556e6128a

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
Evhnsg1VqAI=
x-77-cache
HIT
x-cache
HIT
x-age
27939
content-length
4202
x-77-nzt
AcO1ry8FZKDvI20AAA==
last-modified
Thu, 11 Feb 2021 17:05:34 GMT
server
CDN77-Turbo
etag
"4177877918"
access-control-allow-methods
GET, POST, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Fri, 12 Feb 2021 17:22:08 GMT
txt1_1.png
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/ Frame 862E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/txt1_1.png
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6699675fbe7ee7d3087f6506183c40b7cffd91f2bc77bd8e003a92cd992cb149

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
YKqPUiqaGyo=
x-77-cache
HIT
x-cache
HIT
x-age
27939
content-length
4344
x-77-nzt
AcO1ry8elQ3vI20AAA==
last-modified
Thu, 11 Feb 2021 17:05:33 GMT
server
CDN77-Turbo
etag
"3123665819"
access-control-allow-methods
GET, POST, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Fri, 12 Feb 2021 17:22:08 GMT
bg.png
cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/ Frame 862E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/bg.png
Requested by
Host: www.ptaheute.de
URL: https://www.ptaheute.de/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
616904d62b664d4eb5d5ef7003aaea578163c91ecd59a996aa79830f69dc26ad

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1608/2021-02-11/0_interpharm-2021_ss_200x600_std_20210211_zip/Interpharm-2021_SS_200x600_StD_20210211/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212872011594854%26pid%3D128%26kid%3D1608%26wmid%3D7201%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash7044177_collapse&expand=asmflash7044177_expand&close=asmflash7044177_close
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
VZ7LmqqgSro=
x-77-cache
HIT
x-cache
HIT
x-age
27939
content-length
7684
x-77-nzt
AcO1ry+WeDvvI20AAA==
last-modified
Thu, 11 Feb 2021 17:05:34 GMT
server
CDN77-Turbo
etag
"2047040342"
access-control-allow-methods
GET, POST, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Fri, 12 Feb 2021 17:22:08 GMT
leer.gif
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/ Frame 9321 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/leer.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2aa6dc24db3dd67072bb48ba3963f5f4652a8fab6f9f49db535a109e6cf9e8f4

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
XlpjYfMFPdo=
x-77-cache
HIT
x-cache
HIT
x-age
1588
content-length
1104
x-77-nzt
AcO1ry8MGZ7vNAYAAA==
last-modified
Mon, 07 Dec 2020 16:49:58 GMT
server
CDN77-Turbo
etag
"1825981341"
access-control-allow-methods
GET, POST, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Tue, 12 Jan 2021 23:22:12 GMT
t3.jpg
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/ Frame 9321 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/t3.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
db3acb2643a249395a9acc4e6eb832489411f7ff82687b9f18d548c444f5dc6f

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
VoJbKxKh4AM=
x-77-cache
HIT
x-cache
HIT
x-age
1588
content-length
3611
x-77-nzt
AcO1ry9qgZrvNAYAAA==
last-modified
Mon, 07 Dec 2020 16:49:58 GMT
server
CDN77-Turbo
etag
"2119320339"
access-control-allow-methods
GET, POST, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Tue, 12 Jan 2021 23:22:12 GMT
t2.jpg
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/ Frame 9321 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/t2.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ed0d8149da4413a1437e7fae6cc9c6375f0e07a5d0275fb0d2f9fd1539859672

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
siS4kiegPZk=
x-77-cache
HIT
x-cache
HIT
x-age
1588
content-length
4849
x-77-nzt
AcO1ry8l3HXvNAYAAA==
last-modified
Mon, 07 Dec 2020 16:49:57 GMT
server
CDN77-Turbo
etag
"716849856"
access-control-allow-methods
GET, POST, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Tue, 12 Jan 2021 23:22:12 GMT
t1.jpg
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/ Frame 9321 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/t1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c14d83cb3db38b794d5c56b2d63df65ea58cfd0921bfc90d87113277cb8e4bc1

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:52 GMT
x-77-nzt-ray
vtwcnBJsWG8=
x-77-cache
HIT
x-cache
HIT
x-age
1588
content-length
5180
x-77-nzt
AcO1ry8k89jvNAYAAA==
last-modified
Mon, 07 Dec 2020 16:49:57 GMT
server
CDN77-Turbo
etag
"3996402322"
access-control-allow-methods
GET, POST, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Tue, 12 Jan 2021 23:22:12 GMT
bg.jpg
cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/ Frame 9321 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/bg.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
33e7c265afe7924dc33362570c869d90f376c8f3169f8423976ffc1492d25ba7

Request headers

Referer
https://cdn.adspirit.de/banner/apoverlag/1545/2020-12-07/0_ptaheute-fortbildung_sb_zip/PTAheute-Fortbildung_sb/index.html?clicktag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTAG=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&clickTag=https%3A%2F%2Fapoverlag.adspirit.de%2Fadclick.php%3Ftz%3D161317853212768583132731%26pid%3D127%26kid%3D1545%26wmid%3D6858%26wsid%3D19%26sid%3D6%26ord%3D1613178532%26vlx%3D585%26target%3D&collapse=asmflash4416282_collapse&expand=asmflash4416282_expand&close=%closefunc%
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Feb 2021 01:08:53 GMT
x-77-nzt-ray
dlaVn3WgEek=
x-77-cache
HIT
x-cache
HIT
x-age
1589
content-length
16850
x-77-nzt
AcO1ry8zuZXvNQYAAA==
last-modified
Mon, 07 Dec 2020 16:49:59 GMT
server
CDN77-Turbo
etag
"2294262877"
access-control-allow-methods
GET, POST, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
range
expires
Tue, 12 Jan 2021 23:22:12 GMT

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| szmvars object| iom object| html5 object| Modernizr function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto object| $buoop function| $buo_f object| iam_data object| dataLayer function| asm_async_obj object| asm_async_data boolean| asm_gdpr_feedback number| asm_gdpr string| asm_gdpr_consent string| asm_gdpr_status object| tcfapi_frame object| cmp_callbacks function| flyoutMobile function| newsbox function| orbitaktivieren function| boxweiten function| resizeReload function| magnifyingglass object| Holder undefined| resizeInterval number| windowSize function| ifIsIEVersion function| foundationStyleSheetFix function| ajaxValidationCallback function| ajaxSubmitCallback function| $ function| jQuery object| Foundation object| jQuery1110008435081956716273 object| audiojs function| audiojsInstance object| cookieHintButton object| cookieHint object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres object| gaplugins object| gaGlobal object| gaData boolean| asm_ex boolean| asm_ex_all number| asm_i string| nx string| pageViewID number| wallpaperIndex object| win object| doc string| inswrapper boolean| scrollAttached object| scrollIntoObjects object| settings function| log function| writeCookie function| readCookie function| hasCookie function| fndwin function| checkFlash number| swf function| checkRef string| ref function| asm_gp function| max function| asm_ds function| checkVisibility function| getVisibilityIndex function| checkInView function| hasAttribute function| getElementsByClassName function| addScrollObject object| scrollTimer object| scrollTimer2 boolean| scrollWaiting function| handleScroll function| handleScroll2 function| initi function| pushScript function| getOffset function| pushScriptGDPR function| findCMPFrame function| callcmp function| copyObject function| write function| fireJS function| writeScript function| writeScript_base function| writeFlash object| pretargetings function| startPretargeting function| getTimeout object| single_pretargetings function| addSingleCallPretargeting function| addPretargeting function| pretargetingDone2 function| pretargetingDone function| hasGDPRFeedback object| gdprCallbacks number| checkInterval boolean| checkIntervalActive boolean| eventRegistered function| fetchGDPRData function| checkGDPRFeedback function| cancelGDPRCheck function| cancelGDPRCheck2 function| callGDPRCallbacks function| setRefresh function| refreshSlot object| asm_pageview function| asm_pageview_object boolean| wasclosedadspiritflash7044177 function| adspiritflash7044177_DoFSCommand undefined| adspiritflash7044177_DoFSCommandY function| closeAd function| asm_adspiritflash7044177rcvclose function| adspiritflash7044177_closeAd function| adspiritflash7044177_layShow function| asm_stopVastObjByPlayer function| asm_playVastObjByPlayer function| asm_getVastObjByPlayer function| adspiritflash7044177_getWindowWidth function| adspiritflash7044177_getWindowHeight function| adspiritflash7044177_getWindowScroll function| adspiritflash7044177_getWindowScrollX function| adspiritflash7044177_getPageRect function| adspiritflash7044177_getElementRect function| adspiritflash7044177_getVertScroll function| adspiritflash7044177_handleWindowResize function| adspiritflash7044177_handleWindowScroll function| adspiritflash7044177_handleWindowResize2

5 Cookies

Domain/Path Name / Value
.ptaheute.de/ Name: _gid
Value: GA1.2.1557685615.1613178532
.ptaheute.de/ Name: _ga
Value: GA1.2.1311696350.1613178532
.ptaheute.de/ Name: _gat_UA-54839387-1
Value: 1
.ptaheute.de/ Name: ioam2018
Value: 001359f92cab6a1f6602726a3:1642813732040:1613178532040:.ptaheute.de:2:ptaheu:v2_freier_inhalt:noevent:1613178532040:7q60n0
.ptaheute.de/ Name: iom_consent
Value: 0000000000&1613178532038

8 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cAdd placement p34459x0 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p34459x0&wpcn=asm21389907x1613178532218&ref=https%3A%2F%2Fwww.ptaheute.de%2Findex.html&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=772&vis=-1&tz=1613178532327&pid=127&gdpr_consent=[consentstring]
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cLoading scriptp34459x0 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p34459x0&wpcn=asm21389907x1613178532218&ref=https%3A%2F%2Fwww.ptaheute.de%2Findex.html&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=772&vis=-1&tz=1613178532327&pid=127&gdpr_consent=[consentstring]
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cAdd placement p71912x1 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p71912x1&wpcn=asm21389907x1613178532218&ref=https%3A%2F%2Fwww.ptaheute.de%2Findex.html&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=160&vis=-1&tz=1613178532328&pid=128&gdpr_consent=[consentstring]
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cLoading scriptp71912x1 color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px; //apoverlag.adspirit.de/adscript.php?async=p71912x1&wpcn=asm21389907x1613178532218&ref=https%3A%2F%2Fwww.ptaheute.de%2Findex.html&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=160&vis=-1&tz=1613178532328&pid=128&gdpr_consent=[consentstring]
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cCaptured JavaScript Error: ReferenceError: command is not defined color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api log URL: https://cdn.adspirit.de/adasync.min.js(Line 1)
Message:
%cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apoverlag.adspirit.de
browser-update.org
cdn.adspirit.de
de.ioam.de
kddigi.pta.online
script.ioam.de
www.google-analytics.com
www.googletagmanager.com
www.ptaheute.de
2001:1a50:13::8b
2606:4700:e0::ac40:6a24
2a00:1450:4001:800::2008
2a00:1450:4001:812::200e
2a02:6ea0:c700::2
85.215.2.53
89.31.143.1
91.215.100.39
91.215.100.40
064592b8b50e94d9b41f51c2d1aa7019b03067f2b8dbdc4788857db036b9db5b
0ac438ffacf50b9849e1d371243e3c7a826b67034182b1bf2e799aed6018b397
0d3a1d9afec0a44515bb98ce3d6daf8515544b744702def46e8924dd52034357
18ffd620a4a300de0e843169aeb55ec13ed12ba364ffbdfdbb6284885d81ac76
1900794a031e84804ec2a2a5ab9ad89372d672e33696bf597e1ba20556e6128a
1ea112aed57723d8f0dc9e3a49c27694ead211c496fe49ae3de0826b827d1b2f
2aa6dc24db3dd67072bb48ba3963f5f4652a8fab6f9f49db535a109e6cf9e8f4
337d2d56253175bb5fbab5893a82368ed44eb8cb07d58d74332cb9ad4e34cce9
33e7c265afe7924dc33362570c869d90f376c8f3169f8423976ffc1492d25ba7
3912291454371fb11b4b8336f60ba1d0501040bfe65e1e5b4bb0c53e1956ecc6
48485e1bda032bd773d060650996a2900fe953039039e826fca525fceb85a847
49f556f950d307ae9195cf39b3541e13d5180ecaf8291c431fd449c8762d0b25
4d0cdec9e49043c7977856f33236918f9f25629fe29fd105bc004c93cd2acce3
505202a35714c6bcbfea6efae69e6085979f96597e447f887d510ea5f82b1d8f
556819749b8225e73d13f4323a09ae8948da930f05e33b5569a03633acff42ae
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5e923dc8d8cea07685eb2b2f7f6a0a6a46c7ae3171fd634625ced89c05315f1e
616904d62b664d4eb5d5ef7003aaea578163c91ecd59a996aa79830f69dc26ad
632f30ff405b737d566889cd6aa2faf93fb83959f34793394241ac89c4a415d4
6332c39396acac22c2c6334dcd3d3c018f7d28b1f3b6f99cd80dc23e31784c5e
6699675fbe7ee7d3087f6506183c40b7cffd91f2bc77bd8e003a92cd992cb149
67b153f2dba06590b31459b684b1faf911c7aaa18181c59ea16d892c7539ae19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46
9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c
c14d83cb3db38b794d5c56b2d63df65ea58cfd0921bfc90d87113277cb8e4bc1
c4958755310b74bb2c4668deb5827ffa6cdf7f9c3f44dc82c83c1036c4113df9
c59249bec52a8fe8daa4cb518df92b5962157957901487ba571fc4c7d803e4d4
cbc4c14ce6da0654e8d95ef7cfc2f773b58b4cef36c38f5048fa2b96e54fbf87
d8cfb70614791b3e490a6d576c72eb85906038c1c9b7b43b8b92c059eb5e9e29
db3acb2643a249395a9acc4e6eb832489411f7ff82687b9f18d548c444f5dc6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7c90175254b3fd8032fcdb129c9d541dc2676c7d49376b88de8340ddd785bba
eb130f58295db06f43fcb9a822760f9b5ca7f10a55cb4952d222f79b5d737040
ecca6ba8369f8b16676973a99743b5146027b2e65d868d0f45b1b7231c965540
ed0d8149da4413a1437e7fae6cc9c6375f0e07a5d0275fb0d2f9fd1539859672
f08e70626ae1cc87844b612d3c90fe60bfc4eb42708c19bb279efb046011eb27
f2d778511bca67bc19db78d751a98ae8f52a71450b982a94d073d2b0a18fef7c