tarifladen24.de Open in urlscan Pro
2a02:2350:5:109:80a4:30c1:1202:d9b4 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://tarifladen24.de/
Submission: On March 08 via api (March 8th 2023, 6:19:41 am UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 20 domains to perform 86 HTTP transactions. The main IP is 2a02:2350:5:109:80a4:30c1:1202:d9b4, located in Denmark and belongs to ONECOM, DK. The main domain is tarifladen24.de.

This is the only time tarifladen24.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a02:2350:5:1... 2a02:2350:5:109:80a4:30c1:1202:d9b4	51468 (ONECOM) (ONECOM)
2 2	2.19.44.80 2.19.44.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6	193.227.195.217 193.227.195.217	29037 (TELIKO-AS) (TELIKO-AS)
1 2	193.238.60.41 193.238.60.41	34624 (MEGASPACE-AS) (MEGASPACE-AS)
1 4	2a01:488:42:1... 2a01:488:42:1000:b24d:7590:ff6e:e399	20773 (GODADDY) (GODADDY)
1	193.238.62.106 193.238.62.106	34624 (MEGASPACE-AS) (MEGASPACE-AS)
1	2600:9000:223... 2600:9000:223f:3200:11:19ae:9580:93a1	16509 (AMAZON-02) (AMAZON-02)
3	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6813:a860	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.137.49 18.66.137.49	16509 (AMAZON-02) (AMAZON-02)
3	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:a960	13335 (CLOUDFLAR...) (CLOUDFLARENET)
86	17

20 2a02:2350:5:109:80a4:30c1:1202:d9b4 (Denmark)

ASN51468 (ONECOM, DK)

tarifladen24.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.44.80 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-80.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.227.195.217 (Germany)

ASN29037 (TELIKO-AS, DE)
PTR: h.deutschlandsim.de

h.handyvertrag.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.premiumsim.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.winsim.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.simplytel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.sim.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.smartmobil.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.238.60.41 (Germany) 1 redirects

ASN34624 (MEGASPACE-AS, DE)
PTR: m1.tarifvergleich.rapidhost.de

a.check24.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.check24.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:488:42:1000:b24d:7590:ff6e:e399 (Germany) 1 redirects

ASN20773 (GODADDY, DE)

www.communicationads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.238.62.106 (Germany)

ASN34624 (MEGASPACE-AS, DE)

a.partner-versicherung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3200:11:19ae:9580:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2a54pfih9ionq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a860 (United States)

ASN13335 (CLOUDFLARENET, US)

js.srvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-49.fra60.r.cloudfront.net

dnlgm0m0r44nl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:a960 (United States)

ASN13335 (CLOUDFLARENET, US)

hades.srvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.srvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	tarifladen24.de tarifladen24.de	127 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	137 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	301 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	186 KB
7	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 171 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	55 KB
6	srvtrck.com js.srvtrck.com — Cisco Umbrella Rank: 494189 hades.srvtrck.com — Cisco Umbrella Rank: 549764 i.srvtrck.com — Cisco Umbrella Rank: 232146	25 KB
4	communicationads.net 1 redirects www.communicationads.net — Cisco Umbrella Rank: 338143	2 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 79815	2 KB
2	cloudfront.net d2a54pfih9ionq.cloudfront.net dnlgm0m0r44nl.cloudfront.net	1003 B
2	check24.net 1 redirects a.check24.net files.check24.net	42 KB
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16123	940 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 113467	853 B
1	partner-versicherung.de a.partner-versicherung.de	6 KB
1	smartmobil.de h.smartmobil.de	5 KB
1	sim.de h.sim.de	2 KB
1	simplytel.de h.simplytel.de	4 KB
1	winsim.de h.winsim.de	3 KB
1	premiumsim.de h.premiumsim.de	2 KB
1	handyvertrag.de h.handyvertrag.de	22 KB
1	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 17484	233 KB
86	20

	Domain	Requested by
20	tarifladen24.de	tarifladen24.de
12	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com tarifladen24.de s0.2mdn.net www.googletagservices.com
10	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
8	www.googletagservices.com	partner.o2online.de partner.blau.de www.googletagservices.com ad.doubleclick.net s0.2mdn.net
6	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
4	hades.srvtrck.com	js.srvtrck.com hades.srvtrck.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	www.communicationads.net	1 redirects tarifladen24.de
3	ad.doubleclick.net	www.googletagservices.com
2	partner.o2online.de	tarifladen24.de www.communicationads.net
2	www.awin1.com	2 redirects
1	i.srvtrck.com
1	dnlgm0m0r44nl.cloudfront.net	js.srvtrck.com
1	js.srvtrck.com	tarifladen24.de
1	partner.blau.de	www.communicationads.net
1	d2a54pfih9ionq.cloudfront.net	tarifladen24.de
1	a.partner-versicherung.de	tarifladen24.de
1	h.smartmobil.de	tarifladen24.de
1	h.sim.de	tarifladen24.de
1	h.simplytel.de	tarifladen24.de
1	h.winsim.de	tarifladen24.de
1	h.premiumsim.de	tarifladen24.de
1	files.check24.net	tarifladen24.de
1	a.check24.net	1 redirects
1	h.handyvertrag.de	tarifladen24.de
1	imagesrv.adition.com	tarifladen24.de
86	26

This site contains links to these domains. Also see Links.

Domain
www.awin1.com
h.handyvertrag.de
a.check24.net
www.communicationads.net
h.premiumsim.de
h.winsim.de
h.simplytel.de
h.sim.de
h.smartmobil.de
a.partner-versicherung.de

Subject Issuer	Validity	Valid
*.handyvertrag.de Sectigo ECC Domain Validation Secure Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
*.communicationads.net Starfield Secure Certificate Authority - G2	`2022-08-19` - `2023-08-19`	a year	crt.sh
*.premiumsim.de Sectigo ECC Domain Validation Secure Server CA	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.winsim.de Sectigo ECC Domain Validation Secure Server CA	`2023-01-24` - `2024-02-24`	a year	crt.sh
*.simplytel.de Sectigo ECC Domain Validation Secure Server CA	`2022-04-05` - `2023-05-06`	a year	crt.sh
*.sim.de Sectigo ECC Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.smartmobil.de Sectigo ECC Domain Validation Secure Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
partner-versicherung.de R3	`2023-02-05` - `2023-05-06`	3 months	crt.sh
partner.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2023-01-16` - `2024-01-23`	a year	crt.sh
partner.blau.de DigiCert TLS RSA SHA256 2020 CA1	`2023-01-16` - `2024-01-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://tarifladen24.de/
Frame ID: 8EAA455F2FC587C65E7D620F92F99ED6
Requests: 36 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D
Frame ID: 2F444CFCB0A5BABFD64F92C02272D5F7
Requests: 3 HTTP requests in this frame

Frame: https://partner.blau.de/blau/?nw=coad&affiliate=12264&s_id=12264C15227067F&dcm_placement=N773418.3163536BLAU_AFFILIATE/B20640314.219853399&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C15227067F%2526subid%253D%2526deepurl%253D
Frame ID: 112A86059DEF457F4B05B4F82CE223BD
Requests: 3 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16027754F&camp=logo&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16027754F%2526subid%253D%2526deepurl%253D
Frame ID: 0D680B7E2D56E9117AF02DB25E564D31
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Frame ID: 754970DB2595FB8A9D8BFCE141E8937C
Requests: 10 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Frame ID: 3DA16900A0E909354D7968FEC55A19E1
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B20640314.219853399;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=BLU_AFF_CTA_EXA_35012;dc_adk=2036841227;ord=z34b68;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C15227067F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.blau.de%2Fa%2F%3Fi%3Dclick%26client%3Dblau%26camp%3Dlpurl%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C15227067F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=!c.JgCk-S5;stc=1;sttr=73;prcl=s
Frame ID: 8A74146ECD1B96DB992F6F4F95E25E22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6DB8CF9CB0F66CE211D32C3EFDDADCC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5A8B90F3D0293C72A85D2E7476D410EB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Frame ID: 041EF33151FC98504D14EEED24A0BCF1
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: F0D22A69A74CE7CFAEED5D193EDB48BF
Requests: 1 HTTP requests in this frame

Frame: http://hades.srvtrck.com/v2/uuid.html
Frame ID: F162D4AF5A3D8BC9B1DB226D7AF75142
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: F5A3CF3B03E6995A7C8277C344596059
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kostenloser KFZ-Versicherungsvergleich – Kostenlos KFZ-Versicherung vergleichen und beim Wechsel bares Geld sparen

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

86
Requests

65 %
HTTPS

50 %
IPv6

20
Domains

26
Subdomains

17
IPs

4
Countries

1154 kB
Transfer

2090 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.awin1.com/cread.php?s=2259291&v=12554&q=347929&r=397277

Search URL Search Domain Scan URL

URL: https://h.handyvertrag.de/?promotion_partner_id=30384&promotion_product_id=7036&promotion_channel_id=22217

Search URL Search Domain Scan URL

URL: https://a.check24.net/misc/click.php?aid=18&pid=118979&target_url=https%3A%2F%2Fwww.check24.net%3Fpid%3D118979
Title: أفضل عروض الانترنت فقط تجدوها هنا

Search URL Search Domain Scan URL

URL: https://a.check24.net/misc/click.php?pid=118979&aid=82&deep=dsl-anbieterwechsel&cat=4

Search URL Search Domain Scan URL

URL: https://www.communicationads.net/tc.php?t=12264C24930820B

Search URL Search Domain Scan URL

URL: https://h.premiumsim.de/?promotion_partner_id=30384&promotion_product_id=125&promotion_channel_id=22217

Search URL Search Domain Scan URL

URL: https://h.winsim.de/?promotion_partner_id=30384&promotion_product_id=1&promotion_channel_id=22217

Search URL Search Domain Scan URL

URL: https://h.simplytel.de/?promotion_partner_id=30384&promotion_product_id=6799&promotion_channel_id=22217

Search URL Search Domain Scan URL

URL: https://h.sim.de/?promotion_partner_id=30384&promotion_product_id=3640&promotion_channel_id=22217

Search URL Search Domain Scan URL

URL: https://h.smartmobil.de/?promotion_partner_id=30384&promotion_product_id=67&promotion_channel_id=22217

Search URL Search Domain Scan URL

URL: https://a.partner-versicherung.de/click.php?partner_id=92080&ad_id=1167

Search URL Search Domain Scan URL

URL: https://www.awin1.com/cread.php?s=2274463&v=11704&q=349552&r=397277

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.awin1.com/cshow.php?s=2259291&v=12554&q=347929&r=397277 HTTP 302
https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif

Request Chain 5

https://a.check24.net/misc/view.php?pid=118979&aid=82&cat=4 HTTP 302
https://files.check24.net/ads/82

Request Chain 18

https://www.awin1.com/cshow.php?s=2274463&v=11704&q=349552&r=397277 HTTP 302
https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60

Request Chain 19

https://www.communicationads.net/tb.php?t=12264V16024479F HTTP 302
https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tarifladen24.de/ 13 KB
4 KB 271ms
217ms Document
text/html 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to

Full URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache / PHP/8.0.28
Resource Hash: 7a3f53998c0240b1a7f8f6ce20da5feb2c35fd303c7070c520e3a5217d2c9871

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3582
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Mar 2023 06:19:35 GMT
Server: Apache
Vary: Accept-Encoding
Via: 1.1 webcache2 (Varnish/trunk)
X-Powered-By: PHP/8.0.28
X-Varnish: 313921373

GET
H/1.1 200
OK layout.css
tarifladen24.de/css/ 9 KB
2 KB 41ms
40ms Stylesheet
text/css 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to

Full URL: http://tarifladen24.de/css/layout.css
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 8d1fd49e0ec09384c82edcbb42a70783e49cd37b0f740862be93ba1194087720

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:35 GMT
Content-Encoding: gzip
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:24 GMT
Server: Apache
Age: 0
ETag: "22e2-542ec3223a79d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
X-Varnish: 313921375
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1745

GET
H/1.1 200
OK button_onlinevergleich_big.gif
tarifladen24.de/images/ 4 KB
4 KB 67ms
36ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/button_onlinevergleich_big.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: d4b484f84ef0081a1ce31561b14adfac4efe2d74a22c3bef8b7b4680a3285d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:35 GMT
Server: Apache
Age: 0
ETag: "ec1-542ec32cfa604"
X-Varnish: 174120358
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3777

GET
H/1.1 200
OK button_onlinevergleich.gif
tarifladen24.de/images/ 2 KB
2 KB 67ms
39ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/button_onlinevergleich.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 3ae81187a4408a563581902cd0fbc3c481cf4a23edafd0fc3173ef49459eda4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:34 GMT
Server: Apache
Age: 0
ETag: "6c0-542ec32bfd961"
X-Varnish: 313921377
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1728

GET
H2

200

dsl_an_728x90.gif
imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/
Redirect Chain

https://www.awin1.com/cshow.php?s=2259291&v=12554&q=347929&r=397277
https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif

233 KB
233 KB

90ms
33ms

Image
image/gif

217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: H2
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 906b52ab53f50275ac2bcbe9dc652a7b93ab7e35790ae108c5794928bf0837f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Mar 2023 06:19:36 GMT
last-modified: Wed, 01 Mar 2023 10:51:46 GMT
accept-ranges: bytes
etag: "39525676"
content-length: 238596
content-type: image/gif

Redirect headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 banner.gif
h.handyvertrag.de/ 21 KB
22 KB 97ms
28ms Image
image/gif 193.227.195.217
TELIKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.handyvertrag.de/banner.gif?promotion_partner_id=30384&promotion_product_id=7036&promotion_channel_id=22217

Requested by

Host: tarifladen24.de
URL: http://tarifladen24.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),

Reverse DNS

h.deutschlandsim.de

Software

nginx /

Resource Hash

7fe8764d9afa653bb315e024180c51d0d1bd7639dff0a6c1526b5a479ba29ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 07 Apr 2023 08:19:36 +0200
pragma: no-cache
date: Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
x-location: wildcard
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by: My Servlet Handler

GET
H2

200

82
files.check24.net/ads/
Redirect Chain

https://a.check24.net/misc/view.php?pid=118979&aid=82&cat=4
https://files.check24.net/ads/82

41 KB
41 KB

64ms
17ms

Image
application/octet-stream

193.238.60.41
MEGASPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.check24.net/ads/82
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: H2
Server: 193.238.60.41 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS: m1.tarifvergleich.rapidhost.de
Software: nginx /
Resource Hash: f0bccccee4d97f367f3bfc561e1536ee159ee43cb4c05fc5b90b215d5a38e51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:36 GMT
last-modified: Thu, 25 Mar 2021 07:53:22 GMT
server: nginx
accept-ranges: bytes
etag: "605c4172-a53c"
content-length: 42300
content-type: application/octet-stream

Redirect headers

location: https://files.check24.net/ads/82
date: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK tb.php
www.communicationads.net/ 0
155 B 128ms
28ms Image
text/html 2a01:488:42:1000:b24d:7590:ff6e:e399
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.communicationads.net/tb.php?t=12264V24930820B
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:488:42:1000:b24d:7590:ff6e:e399 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Server: Apache
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK box_top_302px_left.gif
tarifladen24.de/images/ 19 KB
19 KB 63ms
31ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_top_302px_left.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: b8ca00327e7965b1e6aa199e0bf3adf8574ff42a30e0ed6987675607c680f06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:32 GMT
Server: Apache
Age: 0
ETag: "4ab6-542ec329c0b13"
X-Varnish: 271106702
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19126

GET
H/1.1 200
OK button_weiterlesen.gif
tarifladen24.de/images/ 2 KB
2 KB 87ms
41ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/button_weiterlesen.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 0f00cb4377fe0792751cb1c7d42dddd470c7d20073ca38106a7a298e59f269d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:35 GMT
Server: Apache
Age: 0
ETag: "658-542ec32d2e367"
X-Varnish: 280736311
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1624

GET
H/1.1 200
OK box_top_302px_right.gif
tarifladen24.de/images/ 21 KB
22 KB 62ms
41ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_top_302px_right.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 0572717e3aa5113a454b7797dd5e350ce10507db60362b34098665121c830c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:33 GMT
Server: Apache
Age: 0
ETag: "5582-542ec32aae04b"
X-Varnish: 321095339
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21890

GET
H2 200 banner.png
h.premiumsim.de/ 2 KB
2 KB 115ms
45ms Image
image/png 193.227.195.217
TELIKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.premiumsim.de/banner.png?promotion_partner_id=30384&promotion_product_id=125&promotion_channel_id=22217

Requested by

Host: tarifladen24.de
URL: http://tarifladen24.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),

Reverse DNS

h.deutschlandsim.de

Software

nginx /

Resource Hash

04068b22e97b7b69e191260979d1bc91d4a9d9d8c4ef6f10fafa0c56891dcf01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 07 Apr 2023 08:19:36 +0200
pragma: no-cache
date: Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
x-location: wildcard
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by: My Servlet Handler

GET
H2 200 banner.png
h.winsim.de/ 3 KB
3 KB 113ms
42ms Image
image/png 193.227.195.217
TELIKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.winsim.de/banner.png?promotion_partner_id=30384&promotion_product_id=1&promotion_channel_id=22217

Requested by

Host: tarifladen24.de
URL: http://tarifladen24.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),

Reverse DNS

h.deutschlandsim.de

Software

nginx /

Resource Hash

57145153f81324ae965b6c5472578ebb2ade275a84d5203b2d10e25db82f8077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 07 Apr 2023 08:19:36 +0200
pragma: no-cache
date: Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
x-location: wildcard
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by: My Servlet Handler

GET
H2 200 banner.png
h.simplytel.de/ 3 KB
4 KB 109ms
57ms Image
image/png 193.227.195.217
TELIKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.simplytel.de/banner.png?promotion_partner_id=30384&promotion_product_id=6799&promotion_channel_id=22217

Requested by

Host: tarifladen24.de
URL: http://tarifladen24.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),

Reverse DNS

h.deutschlandsim.de

Software

nginx /

Resource Hash

81ada7101073041b1352ea5a4dc1783f745d371ec0b884d7cfd92982cb899e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 07 Apr 2023 08:19:36 +0200
pragma: no-cache
date: Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
x-location: wildcard
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by: My Servlet Handler

GET
H2 200 banner.png
h.sim.de/ 2 KB
2 KB 114ms
44ms Image
image/png 193.227.195.217
TELIKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.sim.de/banner.png?promotion_partner_id=30384&promotion_product_id=3640&promotion_channel_id=22217

Requested by

Host: tarifladen24.de
URL: http://tarifladen24.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),

Reverse DNS

h.deutschlandsim.de

Software

nginx /

Resource Hash

0afc605c841dba9b7301501168a2b7739bb0c6a909f08a2467f7039fa7fb0af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 07 Apr 2023 08:19:36 +0200
pragma: no-cache
date: Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
x-location: wildcard
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by: My Servlet Handler

GET
H2 200 banner.jpeg
h.smartmobil.de/ 5 KB
5 KB 129ms
31ms Image
image/png 193.227.195.217
TELIKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.smartmobil.de/banner.jpeg?promotion_partner_id=30384&promotion_product_id=67&promotion_channel_id=22217

Requested by

Host: tarifladen24.de
URL: http://tarifladen24.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),

Reverse DNS

h.deutschlandsim.de

Software

nginx /

Resource Hash

6491a23884c5fe854fed22b5c3009971932fda9e052036aaea34a6abb800e466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 07 Apr 2023 08:19:36 +0200
pragma: no-cache
date: Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
x-location: wildcard
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by: My Servlet Handler

GET
H/1.1 200
OK tb.php Show response
www.communicationads.net/ 469 B
626 B 115ms
32ms Script
text/html 2a01:488:42:1000:b24d:7590:ff6e:e399
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.communicationads.net/tb.php?t=12264V15227067F&js=1
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:488:42:1000:b24d:7590:ff6e:e399 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: Apache /
Resource Hash: f2af67735eaba377798b2d8a2e6a2dd6cceccb1bcdaf4c4c3d25120c7dc7b3b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Server: Apache
Connection: keep-alive
Content-Length: 469
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tb.php Show response
www.communicationads.net/ 417 B
574 B 121ms
27ms Script
text/html 2a01:488:42:1000:b24d:7590:ff6e:e399
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.communicationads.net/tb.php?t=12264V16027754F&js=1
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:488:42:1000:b24d:7590:ff6e:e399 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: Apache /
Resource Hash: 06a0713e77e4e88fc42ae00d6e240af2480445da2894071b3e781acbedde93db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Server: Apache
Connection: keep-alive
Content-Length: 417
Content-Type: text/html; charset=UTF-8

GET
H2 200 view.php
a.partner-versicherung.de/ 6 KB
6 KB 108ms
18ms Image
image/jpeg 193.238.62.106
MEGASPACE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.partner-versicherung.de/view.php?partner_id=92080&ad_id=1167
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.238.62.106 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 243c68000933eb03b6c36edb700a4f675ae811b68ba51136462d89d936347711

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-server-identity: vpp-new
pragma: no-cache
date: Wed, 08 Mar 2023 06:19:36 GMT
server: nginx
content-length: 5790
content-type: image/jpeg

GET
H2

200

60
d2a54pfih9ionq.cloudfront.net/blank/gif/120/
Redirect Chain

https://www.awin1.com/cshow.php?s=2274463&v=11704&q=349552&r=397277
https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60

232 B
516 B

69ms
17ms

Image
image/png

2600:9000:223f:3200:11:19ae:9580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: H2
Server: 2600:9000:223f:3200:11:19ae:9580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2e7a418b9e9f117e5171198899e304b6cd9a413f082f4565af7880bff97de0a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 03:02:03 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 4072653
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
content-length: 232
x-amz-cf-id: PTM2WUdARFWhPugdRbMEw9DcRw7XwIyuSVpeAFWbmt5EVPyCJSI4Iw==

Redirect headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/ Show response
partner.o2online.de/o2/ Frame 2F44
Redirect Chain

https://www.communicationads.net/tb.php?t=12264V16024479F
https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%25...

1011 B
859 B

83ms
19ms

Document
text/html

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2474212dd52c4112a64c29b17b34c51f18a43d374a61379c9c9ae5671937f69f

Request headers

Referer: http://tarifladen24.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Mar 2023 06:19:36 GMT
Keep-Alive: timeout=10
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Mar 2023 06:19:36 GMT
Location: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D
Server: Apache

GET
H/1.1 200
OK body_background.gif
tarifladen24.de/images/ 1 KB
2 KB 42ms
35ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/body_background.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 714cfd35dc25d26520563c8e3b6d812c0554e733e27337ab7b71b2504ec010f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:26 GMT
Server: Apache
Age: 0
ETag: "4ec-542ec3249ae8c"
X-Varnish: 174120360
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1260

GET
H/1.1 200
OK arrow.gif
tarifladen24.de/images/ 48 B
349 B 129ms
37ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/arrow.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: eb83f5acc18b9ecc8591fe3ffe0b9b2c235b957776d14216d230bac55e0bd228

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:26 GMT
Server: Apache
Age: 0
ETag: "30-542ec323dcf59"
X-Varnish: 313038288
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48

GET
H/1.1 200
OK header_background.jpg
tarifladen24.de/images/ 43 KB
43 KB 49ms
36ms Image
image/jpeg 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/header_background.jpg
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 2424c6c57f79cac0e6095f5b086fea628c2263fa67cbf14647d959a0f658ab52

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:37 GMT
Server: Apache
Age: 0
ETag: "aa54-542ec32e4e3d8"
X-Varnish: 297705730
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43604

GET
H/1.1 200
OK kennzeichen.gif
tarifladen24.de/images/ 5 KB
5 KB 85ms
37ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/kennzeichen.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: a2b051092403ea90e2fce266220427915411fa794c72c96f5e00e2c2a80396af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:38 GMT
Server: Apache
Age: 0
ETag: "12d5-542ec32f93f4c"
X-Varnish: 280736313
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4821

GET
H/1.1 200
OK menu_line.gif
tarifladen24.de/images/ 191 B
493 B 109ms
36ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/menu_line.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: d33af8f86752679e915fe8cf12599b0061af4e90cd392dbbacaf811bb1742161

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:38 GMT
Server: Apache
Age: 0
ETag: "bf-542ec32fe21ca"
X-Varnish: 322340762
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191

GET
H/1.1 200
OK box_top_624px.gif
tarifladen24.de/images/ 290 B
593 B 125ms
36ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_top_624px.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 6f722718fdece23485ef5db35aa80256b82537482bf2a9de0834555775829cfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:34 GMT
Server: Apache
Age: 0
ETag: "122-542ec32b71ea3"
X-Varnish: 174120364
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290

GET
H/1.1 200
OK box_background_money.gif
tarifladen24.de/images/ 15 KB
15 KB 59ms
39ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_background_money.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 19598680e5c40d93d35cd6c8183f0dc593705c8cfea1c05ea8256bc8d649eb7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:30 GMT
Server: Apache
Age: 0
ETag: "3ad8-542ec3280d552"
X-Varnish: 313921379
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15064

GET
H/1.1 200
OK icon_info.gif
tarifladen24.de/images/ 652 B
955 B 84ms
36ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/icon_info.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 52ba6659eb876aa05c5b698833447305c2df665fbbbd94677f26854ade4cf605

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:37 GMT
Server: Apache
Age: 0
ETag: "28c-542ec32e7426c"
X-Varnish: 174120362
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 652

GET
H/1.1 200
OK box_bottom_624px.gif
tarifladen24.de/images/ 231 B
533 B 121ms
32ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_bottom_624px.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: e5ca41da0d597b0c2ae816145658a87571b3c6ae618ccfa93d5eda78b788eb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:31 GMT
Server: Apache
Age: 0
ETag: "e7-542ec32899800"
X-Varnish: 317722218
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231

GET
H/1.1 200
OK box_background_302px.gif
tarifladen24.de/images/ 4 KB
4 KB 44ms
44ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_background_302px.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 2ae2ce4c5f63c1484fe1acbea15541ca8f33d896490ccfc6b260999d4cde480a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:28 GMT
Server: Apache
Age: 0
ETag: "ecf-542ec3260ba3b"
X-Varnish: 322340764
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3791

GET
H/1.1 200
OK box_top_160px.gif
tarifladen24.de/images/ 226 B
528 B 126ms
37ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_top_160px.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 1ff68d043f2fcc6a25ba1db621caa76fef145cf714e8d37476aabce21adcb24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:32 GMT
Server: Apache
Age: 0
ETag: "e2-542ec3296f21d"
X-Varnish: 280736315
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 226

GET
H/1.1 200
OK box_background_160px.gif
tarifladen24.de/images/ 54 B
355 B 80ms
33ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_background_160px.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: a5f73138bb6bed6e9972e398f69ffc47231a43048f71b2d47f932af3f9f3cf53

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:27 GMT
Server: Apache
Age: 0
ETag: "36-542ec32574cf2"
X-Varnish: 317722216
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54

GET
H/1.1 200
OK / Show response
partner.blau.de/blau/ Frame 112A 992 B
853 B 102ms
16ms Document
text/html 167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.blau.de/blau/?nw=coad&affiliate=12264&s_id=12264C15227067F&dcm_placement=N773418.3163536BLAU_AFFILIATE/B20640314.219853399&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C15227067F%2526subid%253D%2526deepurl%253D
Requested by: Host: www.communicationads.net
URL: https://www.communicationads.net/tb.php?t=12264V15227067F&js=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c81e882179c6c3cc0d00eeb02d34d49a9d26909430277a2787715ff92c80dee3

Request headers

Referer: http://tarifladen24.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Mar 2023 06:19:36 GMT
Keep-Alive: timeout=10
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
partner.o2online.de/o2/ Frame 0D68 1006 B
855 B 74ms
18ms Document
text/html 167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16027754F&camp=logo&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16027754F%2526subid%253D%2526deepurl%253D
Requested by: Host: www.communicationads.net
URL: https://www.communicationads.net/tb.php?t=12264V16027754F&js=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fc1f4385c1a3ad166a1443ad717a86783c8d4bb9c750d633e71910fb33c951f5

Request headers

Referer: http://tarifladen24.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Mar 2023 06:19:36 GMT
Keep-Alive: timeout=10
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK box_bottom_160px.gif
tarifladen24.de/images/ 168 B
470 B 42ms
42ms Image
image/gif 2a02:2350:5:109:80a4:30c1:1202:d9b4
ONECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tarifladen24.de/images/box_bottom_160px.gif
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol: HTTP/1.1
Server: 2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software: Apache /
Resource Hash: 34bb20edc2ac928510891e0519111d3a7d0f5e5b04225fa7535a03bbe307b806

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Via: 1.1 webcache2 (Varnish/trunk)
Last-Modified: Mon, 05 Dec 2016 16:58:30 GMT
Server: Apache
Age: 0
ETag: "a8-542ec3284bb54"
X-Varnish: 264781161
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168

GET
H/1.1 200
OK js Show response
js.srvtrck.com/v1/ 59 KB
18 KB 119ms
94ms Script
application/javascript 2606:4700::6813:a860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://js.srvtrck.com/v1/js?api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030
Requested by: Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol: HTTP/1.1
Server: 2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 763604c9b336b676ecacc34cf333f408ed2582f7705978f6d99efddc14ce0544

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:36 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Mar 2023 06:18:15 GMT
Server: cloudflare
Vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
Content-Type: application/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a48f7aede3c2c6f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 18414
Expires: Thu, 09 Mar 2023 06:19:36 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0D68 16 KB
7 KB 137ms
31ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16027754F&camp=logo&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16027754F%2526subid%253D%2526deepurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 08 Mar 2023 06:28:22 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2F44 16 KB
7 KB 128ms
33ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 08 Mar 2023 06:28:22 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 112A 16 KB
7 KB 123ms
37ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.blau.de
URL: https://partner.blau.de/blau/?nw=coad&affiliate=12264&s_id=12264C15227067F&dcm_placement=N773418.3163536BLAU_AFFILIATE/B20640314.219853399&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C15227067F%2526subid%253D%2526deepurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 08 Mar 2023 06:28:22 GMT

GET
H/1.1 200
OK hjdebh67699dwnjldw00.js Show response
dnlgm0m0r44nl.cloudfront.net/abp/ 20 B
487 B 55ms
8ms Script
text/javascript 18.66.137.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dnlgm0m0r44nl.cloudfront.net/abp/hjdebh67699dwnjldw00.js
Requested by: Host: js.srvtrck.com
URL: http://js.srvtrck.com/v1/js?api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030
Protocol: HTTP/1.1
Server: 18.66.137.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 09:06:06 GMT
Via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 Nov 2014 16:56:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4
Age: 85818
ETag: "1db728e2d3216682f555d0c1e5b1127c"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20
X-Amz-Cf-Id: TO5ktZ-_hGn8MLwJ3A5q1u5NcRmTknjJpRrSaxtL7rfwAiIUVVDTVw==

GET
H2 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame 0D68 60 KB
23 KB 42ms
39ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 13:42:01 GMT

GET
H2 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame 2F44 60 KB
23 KB 45ms
43ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 13:42:01 GMT

GET
H2 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame 112A 60 KB
23 KB 46ms
43ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 13:42:01 GMT

GET
H2 200 B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationa... Show response
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 7549 55 KB
26 KB 212ms
92ms Document
text/html 142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

22c610d404ada4ee3fa5c7cce2fca03b1ae119ca721be879474160f67e533af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partner.o2online.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 26500
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 06:19:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communication... Show response
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 3DA1 61 KB
28 KB 196ms
102ms Document
text/html 142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

f474bb6e52c05349e9f30b21f6e17d1c00e38b656dc5f837b46d72222ccca613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partner.o2online.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 28917
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 06:19:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B20640314.219853399;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=BLU_AFF_CTA_EXA_35012;dc_adk=2036841227;ord=z34b68;click=https%3A%2F%2Fwww.communication... Show response
ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/ Frame 8A74 26 B
538 B 153ms
65ms Document
text/html 142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B20640314.219853399;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=BLU_AFF_CTA_EXA_35012;dc_adk=2036841227;ord=z34b68;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C15227067F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.blau.de%2Fa%2F%3Fi%3Dclick%26client%3Dblau%26camp%3Dlpurl%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C15227067F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=!c.JgCk-S5;stc=1;sttr=73;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partner.blau.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 23
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 06:19:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 354937379672003770
s0.2mdn.net/simgad/ Frame 7549 3 KB
3 KB 253ms
117ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/354937379672003770

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196a2877ed3b0dbaf6bd5a8292f2fe0baa135a143b21d3ccc0e7599af497ba4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2575
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 20:30:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 06:19:36 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/ Frame 7549 10 KB
4 KB 159ms
29ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1671892bf155231b5d530edb9e3bf829c3555be03e9f5d895953be65384c46e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4277
x-xss-protection: 0
server: cafe
etag: 10285568641833337380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:44:50 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 3DA1 8 KB
3 KB 144ms
27ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 13:42:01 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3DA1 170 KB
59 KB 147ms
31ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 05:45:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7549 158 KB
48 KB 127ms
127ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 06:19:36 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 7549 8 KB
3 KB 119ms
28ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 13:42:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7549 0
0 241ms
110ms Fetch
image/gif 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp3MQuI0RKNZriBhTNzqfVR65Cpv5Prt_4kX0KloFX5F91MUtamI17XkNI8o218-icRaSHY6d2ebrhOl_EmNthYzPmM0TnMyxA7j-gUhTBTm7rHoovzmyE1DZKH1UVgVjDLx44Eh5O3msO&sai=AMfl-YTqdOFSS-erGYZqJ4oIdG1Jseg_CCPrwhJWaEx9dMSfi-hOrnhQzUAoKyaublJa9DsYh7uPGKNjmiXmDBc&sig=Cg0ArKJSzCUmlnOJRjIgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230302.14237&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 06:19:36 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7549 41 KB
15 KB 167ms
37ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 18:45:14 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3DA1 41 KB
15 KB 177ms
53ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 18:45:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7549 7 KB
6 KB 272ms
73ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d3fc2406d7c2918fc9717d5ef6d4d9973febd526af8a74034cee87ddf49de8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5615
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C6DB 22 KB
8 KB 81ms
79ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:45:14 GMT
expires: Wed, 06 Mar 2024 18:45:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5A8B 22 KB
8 KB 89ms
53ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:45:14 GMT
expires: Wed, 06 Mar 2024 18:45:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7549 0
0 100ms
70ms Fetch
image/gif 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp3MQuI0RKNZriBhTNzqfVR65Cpv5Prt_4kX0KloFX5F91MUtamI17XkNI8o218-icRaSHY6d2ebrhOl_EmNthYzPmM0TnMyxA7j-gUhTBTm7rHoovzmyE1DZKH1UVgVjDLx44Eh5O3msO&sai=AMfl-YTqdOFSS-erGYZqJ4oIdG1Jseg_CCPrwhJWaEx9dMSfi-hOrnhQzUAoKyaublJa9DsYh7uPGKNjmiXmDBc&sig=Cg0ArKJSzCUmlnOJRjIgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&vt=11&dtpt=221&dett=2&cstd=0&cisv=r20230302.14237&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 06:19:36 GMT

GET
H2 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame C6DB 36 KB
14 KB 42ms
31ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 13:42:03 GMT

GET
H2 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A8B 36 KB
14 KB 39ms
37ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 13:42:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7549 17 KB
6 KB 142ms
140ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 06:19:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DA1 158 KB
48 KB 120ms
92ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 06:19:37 GMT

GET
H2 200 120x600.html Show response
s0.2mdn.net/sadbundle/13696017269262385152/ Frame 041E 45 KB
12 KB 115ms
56ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1bfaa55f9c867045db19cbbb3c87608e7ce3f20ffa9db831a3c502001c2d538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 06:19:37 GMT
expires: Thu, 07 Mar 2024 06:19:37 GMT
last-modified: Tue, 27 Sep 2022 11:02:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DA1 0
0 112ms
63ms Fetch
image/gif 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_puEZBP10LQjBTI42whwmetr_fdqKDoQyraPpYuAfajH6ICUqXLj_8qlMwEiIVEt-8bMzH0wWEtGeG-1SI21mWeFbEvJNsB3TgJrQJXE9nAgv_Ed3ZsOEFTjaO4a5w4TrLKyxcZNV3s7V1bFQWLLP30ysg2sP&sai=AMfl-YRMwYCnssmm7M4Kx099XKj9FW3XKWDb62qxZkgPgQWtdW90CLZVC9m2tUxrXG2qyoBRiluY8DCoyL3fj1E&sig=Cg0ArKJSzAl1n5nGWs3_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&cbvp=1&cstd=475&cisv=r20230302.78281&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 06:19:37 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 041E 118 KB
40 KB 62ms
44ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 05:43:10 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 041E 63 KB
25 KB 96ms
83ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Mar 2023 06:19:37 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame F0D2 36 KB
14 KB 51ms
50ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 0
20 B 74ms
65ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO1PE-CgIZNLvIpOp7gO76oi4DwAAAAA4AeAEAg&bg=!oqGlofXNAAbv3-2Ez987ADkAdvg8WsRqQynbzgJpGFu7fVJePB6JSLJftFWCnfY_EV5WBQm1K_L6TuVW03LGgTZuA1Brqlqakh4CAAABNlIAAAADaAEHCgBucP2ZV1mToghG0cabLDn26xCfSS0HYRbkhzIVwdlDhlUwAgma2Z4WRq0_GAf5U-4EszEeHgX1hycAO6dfCslYnaKZuKPv0RDy0bdTnR9TdBM1cUuzfVaGNo1TWu-o9pN_6z6fpecp-rxYLuEDno6ZAtR3cOO4A-uYoS-rxS634qDqt2tK8iBUmhnzxcoFyDN-tBZMSL6M3jrWWjQAdZSJWOPCHiAWbao27EoR3_owVqsFl-9usBombkD0cQCDR9oqWUE_9_0DA7ZxkbO8P9dtoAHnfmfpTKTbivbXFWbHveHarc24XwkRXyCwabR7VVbmn8MbGQmYCaDRxY3AbQ_4pZDCWMufVrObxh4bGjt38LcvwFondYz9qyOJS23WTIht5YhcegLhAGAbWjDxb7_LUKztz1wlNbyBb3eMwfIan_o1pE7nI1qIuID33Qvw9MZ4wczPmotAeJyyN0vKaE3gn5JokZuI_DYrdHj7yix6EyLMMHlHIvhmwrUtJirDfDeKbrdHg81VFjf5Bpdf4Pq9LW_rilAzt1jHFfSn4tqOO_jyGO_OavOy2tHQzdSPnCpkV2KgTQE04DijrG5x82bnjo3XWSscmlE5_BXCvKnrW7rzpXTam2IJVv71SkrGxnxqrq-uq-Mc_7rnmaCahCOymY5S6ghDLUntGo1aB9hlhxoW2U7z8hyuDecTeEFn1kq7ivFYx66JypVxb2pHtUvWEu_GO229RyuBXFIlAGQfvGb7qVpww7Ge0Mcr8voOGHt2ApF1jIy5s0eFz3nbIwP3TvvRExg_NPkE0VpXjEt1aBxccrJUWD2RQAhrETwF2O-Uy0nLGTQFwQ0tPRKU5DrD3CkCs1v1TCxMLEaqypiPq_5Nt0Q-j6Fn_AiqUgr3VI_C5CPqNymznTPNRqZAzJFpURSryGNGJbtBOs0zTZSOukTSFQXnHF-PNfFZZfzsNvhW_9J62jMT3aqeoJhC27U4dmEZCHD1J-REGPu209aPCbHBkFQYga8z9cFio8erjWL7E4F78JKP6tlmR9SRanK4wqp3yZjaVLOj5y_Njro4hYAHYPMX7TFuUgB_lme_AefHlH6_Avx5wKskm_xq7xoNE5A4Jdxl

Requested by

Host: tarifladen24.de
URL: http://tarifladen24.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8B 0
20 B 75ms
66ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOrZ6-CgIZJTrIpOp7gO76oi4DwAAAAA4AeAEAg&bg=!pKelp_PNAAbv3-2Ez987ADkAdvg8Wru2Qjqcgjam3STBAJC87LQ4Qni11ttB3zIq6DPlsfqpFaMR1tYvG2G3lhccKZMoH3uI4i4CAAAA7FIAAAADaAEHmQLOGUfe7Fr4yKd_3u755NRE9g88dsQTd8m-9yDD5wlceobupEoAYnuRA5gBTZ-fzbp_KZgz7MnTMvAeOBUlgWmD7SlEkAJERvhcQRmHBBkIruJ_CRx2_MxGM_J0CKHe98StCrVJNf9RixsxexvzYQXJpRkl4Y0eIv3eU_KbR18h-rynCaE8KGMZgcnxrcKI4GB8rBQixFjW7qfy9adXnZ71MXhMldKdIV9ghxmjOQaPuqetcy6y8JMT1AUV-28-K74aB2wWCbWb7OiW4TBG9HN3Pdu6bmD_uEm1buURUUId0XiUNWrCKaW5rRN-tbDJQOqCROsyNctPXtclG2rcDaP5KPQ1T4Yw8Jd2y4NsjW3UGSNA3WC5kkAVb7wy20Yvub6Gb1POyC6sD5MsA8cOEu8aFypOZJJSm2O_0lika7onxzuNEwBU7Ew12311KR0d0W86o1I6VyCcSjVdsE4fuPug00t-bEp5G50MKzYS-bUifl38Sc-Hr3Iaqz5Qdv-Fnyi-tBcmnMAdhbuIg5ydmPnDzUpGXYq4tcfK-eU2EBphFac980GlFhQdDa6QrykZS97TSVwh9j8wkNiF0Nt4NH1jrbHIcWeE0g8BmMXItfJlSya8S1Lkgh9vyoTteffNgbUIpsHlwtys7egguj1QUPmhCasGBBCQyNnt0Rc7fxnDhWG9i1zn2PyyeZXnEE6PtaWjeIgOZ2XU5WMsccs_r8g2B9VbzG77xeN__N_lBcYMzgIr8QWiOKICxojiID2XYnshnAInHWEd-qN1Cj1H647-VIL0_ng7ntsU03v8OsRvczeu1LvNAGH3oVxsLHEujFqAnn6mwLENuiWtvNP63dQGmZy--NiC8If5uZ6HdxmBqaBH9Gyy1usEP41TTXjXbK7VYJJ80bf3KuFtlP_SsufEtiKYfmK06guI1GBPbVTQAPZ_u_hFq9sUMcRU7_FFag

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DA1 0
0 68ms
65ms Fetch
image/gif 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_puEZBP10LQjBTI42whwmetr_fdqKDoQyraPpYuAfajH6ICUqXLj_8qlMwEiIVEt-8bMzH0wWEtGeG-1SI21mWeFbEvJNsB3TgJrQJXE9nAgv_Ed3ZsOEFTjaO4a5w4TrLKyxcZNV3s7V1bFQWLLP30ysg2sP&sai=AMfl-YRMwYCnssmm7M4Kx099XKj9FW3XKWDb62qxZkgPgQWtdW90CLZVC9m2tUxrXG2qyoBRiluY8DCoyL3fj1E&sig=Cg0ArKJSzAl1n5nGWs3_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=802&vt=11&dtpt=314&dett=3&cstd=475&cisv=r20230302.78281&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 06:19:37 GMT

GET
H/1.1 200
OK uuid.html Show response
hades.srvtrck.com/v2/ Frame F162 311 B
666 B 61ms
23ms Document
text/html 2606:4700::6813:a960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hades.srvtrck.com/v2/uuid.html
Requested by: Host: js.srvtrck.com
URL: http://js.srvtrck.com/v1/js?api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030
Protocol: HTTP/1.1
Server: 2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03

Request headers

Referer: http://tarifladen24.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 78055
CF-Cache-Status: HIT
CF-RAY: 7a48f7b7bdb39238-FRA
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 08 Mar 2023 06:19:37 GMT
Expires: Thu, 09 Mar 2023 06:19:37 GMT
Last-Modified: Tue, 07 Mar 2023 01:19:31 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK i
i.srvtrck.com/v1/ 68 B
466 B 99ms
56ms Image
image/png 2606:4700::6813:a960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.srvtrck.com/v1/i?e=pi&api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030&tid=c28ec74a-0f8d-43b2-aef6-d2eec2f50f6a&dch=gaia&tna=gaia&tv=0.147&title=Kostenloser%20KFZ-Versicherungsvergleich%20%E2%80%93%20Kostenlos%20KFZ-Versicherung%20vergleichen%20und%20beim%20Wechsel%20bares%20Geld%20sparen&refr=&page=http%3A%2F%2Ftarifladen24.de%2F&afsrc=1&cache=DAQ5KN7U19MEFCU9T3H886IRRUF1UNJE&vid=null&dnt=0
Protocol: HTTP/1.1
Server: 2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tarifladen24.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:37 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
p3p: CP="CAO PSA OUR"
Content-Type: image/png
Connection: keep-alive
CF-RAY: 7a48f7b7bf5f2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 68

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 041E 47 KB
47 KB 33ms
32ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:27 GMT
x-content-type-options: nosniff
age: 10
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Mar 2023 06:34:27 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 041E 46 KB
46 KB 40ms
39ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:14:13 GMT
x-content-type-options: nosniff
age: 324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Mar 2023 06:29:13 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 041E 7 KB
6 KB 72ms
70ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c6a70a87218a9350ee98e57b650aa85e6501db574926f66e9f46ab0b0a03b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5672
x-xss-protection: 0

GET
H3 200 60005582_20221115025511085_APP_iPhone-13.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 041E 16 KB
16 KB 60ms
59ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221115025511085_APP_iPhone-13.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5121fa7c466a01268b0b05bcac171f3def607f5328cb969acda93ce19f1c8e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:45:47 GMT
x-content-type-options: nosniff
age: 45230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15965
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:55:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Mar 2023 17:45:47 GMT

GET
H3 200 60005582_20220825085126854_120x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 041E 27 KB
27 KB 135ms
135ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085126854_120x600_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f3a45557163486d81b5adb20f21ecdea4246a936cd0b60d0901517213652fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27732
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 06:19:37 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 041E 26 KB
26 KB 59ms
53ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:15:37 GMT
x-content-type-options: nosniff
age: 240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Mar 2023 06:30:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 041E 17 KB
6 KB 90ms
89ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 06:19:37 GMT

GET
H/1.1 200
OK json2.js Show response
hades.srvtrck.com/static/ Frame F162 3 KB
2 KB 21ms
16ms Script
application/javascript 2606:4700::6813:a960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hades.srvtrck.com/static/json2.js
Requested by: Host: hades.srvtrck.com
URL: http://hades.srvtrck.com/v2/uuid.html
Protocol: HTTP/1.1
Server: 2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hades.srvtrck.com/v2/uuid.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 07 Mar 2023 01:31:48 GMT
Server: cloudflare
Age: 72997
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Connection: keep-alive
CF-RAY: 7a48f7b90e789238-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Thu, 09 Mar 2023 06:19:37 GMT

GET
H/1.1 200
OK hades-server2.js Show response
hades.srvtrck.com/static/ Frame F162 5 KB
2 KB 33ms
25ms Script
application/javascript 2606:4700::6813:a960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hades.srvtrck.com/static/hades-server2.js
Requested by: Host: hades.srvtrck.com
URL: http://hades.srvtrck.com/v2/uuid.html
Protocol: HTTP/1.1
Server: 2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hades.srvtrck.com/v2/uuid.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 07 Mar 2023 01:00:28 GMT
Server: cloudflare
Age: 68235
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Connection: keep-alive
CF-RAY: 7a48f7b90c8a2c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Thu, 09 Mar 2023 06:19:37 GMT

GET
H/1.1 200
OK profile
hades.srvtrck.com/v1/ Frame F162 1 KB
2 KB 49ms
49ms Image
image/gif 2606:4700::6813:a960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hades.srvtrck.com/v1/profile?action=create&ykuid=im9p2vhxcfjf5mkzveg8ws
Requested by: Host: hades.srvtrck.com
URL: http://hades.srvtrck.com/v2/uuid.html
Protocol: HTTP/1.1
Server: 2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hades.srvtrck.com/v2/uuid.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 06:19:37 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Mar 2023 06:19:37 GMT
Server: cloudflare
Vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
Content-Type: image/gif
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a48f7b93cc42c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1095
Expires: Thu, 09 Mar 2023 06:19:37 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame F5A3 36 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DA1 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxShWy1U_KA6vsyoOGXEj1uuwqXY_yl82j5098YqqzsUO0eiXtZNjh7GbuWSvXctBUTCI3nM1bu24GJoo-KSg&sig=Cg0ArKJSzLHzjZphQ78MEAE&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2027040027&rs=6&la=0&cr=0&vs=4&r=v&rst=1678256376427&rpt=973&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 06:19:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 347929:2259291
.doubleclick.net/	1970-01-20 10:10:57	Name: test_cookie Value: CheckForPermission
tarifladen24.de/	1970-01-20 18:56:32	Name: vidyk Value: 1
tarifladen24.de/	1970-01-20 10:10:58	Name: svidyk Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 109) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.check24.net
a.partner-versicherung.de
ad.doubleclick.net
d2a54pfih9ionq.cloudfront.net
dnlgm0m0r44nl.cloudfront.net
files.check24.net
googleads4.g.doubleclick.net
h.handyvertrag.de
h.premiumsim.de
h.sim.de
h.simplytel.de
h.smartmobil.de
h.winsim.de
hades.srvtrck.com
i.srvtrck.com
imagesrv.adition.com
js.srvtrck.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
s0.2mdn.net
tarifladen24.de
tpc.googlesyndication.com
www.awin1.com
www.communicationads.net
www.googletagservices.com
142.250.180.230
142.250.201.194
167.233.13.224
18.66.137.49
193.227.195.217
193.238.60.41
193.238.62.106
2.19.44.80
217.79.188.11
2600:9000:223f:3200:11:19ae:9580:93a1
2606:4700::6813:a860
2606:4700::6813:a960
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2006
2a01:488:42:1000:b24d:7590:ff6e:e399
2a02:2350:5:109:80a4:30c1:1202:d9b4
04068b22e97b7b69e191260979d1bc91d4a9d9d8c4ef6f10fafa0c56891dcf01
0572717e3aa5113a454b7797dd5e350ce10507db60362b34098665121c830c7b
06a0713e77e4e88fc42ae00d6e240af2480445da2894071b3e781acbedde93db
0afc605c841dba9b7301501168a2b7739bb0c6a909f08a2467f7039fa7fb0af9
0f00cb4377fe0792751cb1c7d42dddd470c7d20073ca38106a7a298e59f269d0
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1671892bf155231b5d530edb9e3bf829c3555be03e9f5d895953be65384c46e0
19598680e5c40d93d35cd6c8183f0dc593705c8cfea1c05ea8256bc8d649eb7b
196a2877ed3b0dbaf6bd5a8292f2fe0baa135a143b21d3ccc0e7599af497ba4d
1ff68d043f2fcc6a25ba1db621caa76fef145cf714e8d37476aabce21adcb24f
22c610d404ada4ee3fa5c7cce2fca03b1ae119ca721be879474160f67e533af9
2424c6c57f79cac0e6095f5b086fea628c2263fa67cbf14647d959a0f658ab52
243c68000933eb03b6c36edb700a4f675ae811b68ba51136462d89d936347711
2474212dd52c4112a64c29b17b34c51f18a43d374a61379c9c9ae5671937f69f
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae2ce4c5f63c1484fe1acbea15541ca8f33d896490ccfc6b260999d4cde480a
2e7a418b9e9f117e5171198899e304b6cd9a413f082f4565af7880bff97de0a2
34bb20edc2ac928510891e0519111d3a7d0f5e5b04225fa7535a03bbe307b806
3ae81187a4408a563581902cd0fbc3c481cf4a23edafd0fc3173ef49459eda4b
3f3a45557163486d81b5adb20f21ecdea4246a936cd0b60d0901517213652fa4
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52ba6659eb876aa05c5b698833447305c2df665fbbbd94677f26854ade4cf605
57145153f81324ae965b6c5472578ebb2ade275a84d5203b2d10e25db82f8077
5d3fc2406d7c2918fc9717d5ef6d4d9973febd526af8a74034cee87ddf49de8b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6491a23884c5fe854fed22b5c3009971932fda9e052036aaea34a6abb800e466
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f722718fdece23485ef5db35aa80256b82537482bf2a9de0834555775829cfe
714cfd35dc25d26520563c8e3b6d812c0554e733e27337ab7b71b2504ec010f0
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c
763604c9b336b676ecacc34cf333f408ed2582f7705978f6d99efddc14ce0544
7a3f53998c0240b1a7f8f6ce20da5feb2c35fd303c7070c520e3a5217d2c9871
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7c6a70a87218a9350ee98e57b650aa85e6501db574926f66e9f46ab0b0a03b22
7fe8764d9afa653bb315e024180c51d0d1bd7639dff0a6c1526b5a479ba29ca8
81ada7101073041b1352ea5a4dc1783f745d371ec0b884d7cfd92982cb899e89
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8d1fd49e0ec09384c82edcbb42a70783e49cd37b0f740862be93ba1194087720
906b52ab53f50275ac2bcbe9dc652a7b93ab7e35790ae108c5794928bf0837f4
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
a2b051092403ea90e2fce266220427915411fa794c72c96f5e00e2c2a80396af
a5f73138bb6bed6e9972e398f69ffc47231a43048f71b2d47f932af3f9f3cf53
b1bfaa55f9c867045db19cbbb3c87608e7ce3f20ffa9db831a3c502001c2d538
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b8ca00327e7965b1e6aa199e0bf3adf8574ff42a30e0ed6987675607c680f06f
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c5121fa7c466a01268b0b05bcac171f3def607f5328cb969acda93ce19f1c8e9
c81e882179c6c3cc0d00eeb02d34d49a9d26909430277a2787715ff92c80dee3
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03
d33af8f86752679e915fe8cf12599b0061af4e90cd392dbbacaf811bb1742161
d4b484f84ef0081a1ce31561b14adfac4efe2d74a22c3bef8b7b4680a3285d5b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd
e5ca41da0d597b0c2ae816145658a87571b3c6ae618ccfa93d5eda78b788eb21
eb83f5acc18b9ecc8591fe3ffe0b9b2c235b957776d14216d230bac55e0bd228
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bccccee4d97f367f3bfc561e1536ee159ee43cb4c05fc5b90b215d5a38e51f
f2af67735eaba377798b2d8a2e6a2dd6cceccb1bcdaf4c4c3d25120c7dc7b3b9
f474bb6e52c05349e9f30b21f6e17d1c00e38b656dc5f837b46d72222ccca613
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
fc1f4385c1a3ad166a1443ad717a86783c8d4bb9c750d633e71910fb33c951f5

tarifladen24.de Open in urlscan Pro 2a02:2350:5:109:80a4:30c1:1202:d9b4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

65 %HTTPS

50 %IPv6

20 Domains

26 Subdomains

17 IPs

4 Countries

1154 kBTransfer

2090 kBSize

4 Cookies

12 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tarifladen24.de Open in urlscan Pro
2a02:2350:5:109:80a4:30c1:1202:d9b4 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

65 %
HTTPS

50 %
IPv6

20
Domains

26
Subdomains

17
IPs

4
Countries

1154 kB
Transfer

2090 kB
Size

4
Cookies

86 HTTP transactions
0 data transactions