www.neon.de Open in urlscan Pro
194.12.193.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.neon.de/violet1984
Submission: On October 26 via manual (October 26th 2017, 2:25:11 am UTC) from US

Summary HTTP 160 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 32 domains to perform 160 HTTP transactions. The main IP is 194.12.193.79, located in Hamburg, Germany and belongs to GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE. The main domain is www.neon.de.

This is the only time www.neon.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	194.12.193.79 194.12.193.79	12680 (GRUNER-UN...) (GRUNER-UND-JAHR-AS1 Hamburg)
1 10	92.123.92.14 92.123.92.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE - Google Inc.)
4	89.163.159.102 89.163.159.102	24961 (MYLOC-AS) (MYLOC-AS)
1	54.192.12.104 54.192.12.104	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.253.7.32 34.253.7.32	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.30.185.55 52.30.185.55	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	92.123.92.197 92.123.92.197	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	194.12.193.238 194.12.193.238	12680 (GRUNER-UN...) (GRUNER-UND-JAHR-AS1 Hamburg)
3	136.243.5.17 136.243.5.17	24940 (HETZNER-AS) (HETZNER-AS)
1	193.46.63.75 193.46.63.75	43407 (INFONLINE-AS) (INFONLINE-AS)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	185.54.150.20 185.54.150.20	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	54.239.17.113 54.239.17.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 14	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	92.123.93.31 92.123.93.31	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.250.2.89 178.250.2.89	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	148.251.195.97 148.251.195.97	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:200... 2600:9000:2001:6c00:1c:8c89:a300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	136.243.46.163 136.243.46.163	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	23.8.10.251 23.8.10.251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.57.86.190 52.57.86.190	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a01:4f8:202:... 2a01:4f8:202:42d4::2	24940 (HETZNER-AS) (HETZNER-AS)
1	37.252.172.27 37.252.172.27	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	2600:1480:400... 2600:1480:4000:41::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
1	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	138.201.141.91 138.201.141.91	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	52.48.43.7 52.48.43.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2001:16e0:10a... 2001:16e0:10a:1::c2:1	12611 (RKOM R-KO...) (RKOM R-KOM Regensburger Telekommunikations GmbH & Co. KG)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS) (MYLOC-AS)
1	85.114.144.199 85.114.144.199	24961 (MYLOC-AS) (MYLOC-AS)
16	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
38	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1	88.198.47.102 88.198.47.102	24940 (HETZNER-AS) (HETZNER-AS)
4	148.251.194.219 148.251.194.219	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY - Fastly)
160	46

15 194.12.193.79 (Hamburg, Germany)

ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE)
PTR: www.neon.de

www.neon.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.neon.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.neon.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 92.123.92.14 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-92-14.deploy.akamaitechnologies.com

static.stern.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.emsservice.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.163.159.102 (Germany)

ASN24961 (MYLOC-AS, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xpl.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.12.104 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-12-104.ams1.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.7.32 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-7-32.eu-west-1.compute.amazonaws.com

dyn.emetriq.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.185.55 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-185-55.eu-west-1.compute.amazonaws.com

ups.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.92.197 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-92-197.deploy.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google Inc., US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.12.193.238 (Hamburg, Germany)

ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE)
PTR: weblications.guj.de

weblications.guj.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.5.17 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h234.meetrics.de

s240.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.46.63.75 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: irqs.ioam.de

irqs.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.20 (Germany)

ASN60164 (WEBTREKK-AS, DE)

grunerjahr01.wt-eu02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.17.113 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.210.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.93.31 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-31.deploy.akamaitechnologies.com

s240.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.89 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.195.97 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h353.meetrics.de

dc7.s240.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2001:6c00:1c:8c89:a300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.emetriq.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.46.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.163.46.243.136.clients.your-server.de

static.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.10.251 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-10-251.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.86.190 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-86-190.eu-central-1.compute.amazonaws.com

de-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:202:42d4::2 (Germany)

ASN24940 (HETZNER-AS, DE)

farm.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.27 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1480:4000:41:: (United States)

ASN33905 (AKAMAI-AMS, EU)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.25 (Los Angeles, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.141.91 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.91.141.201.138.clients.your-server.de

static.plista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.43.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-43-7.eu-west-1.compute.amazonaws.com

cdn.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:16e0:10a:1::c2:1 (Germany) 1 redirects

ASN12611 (RKOM R-KOM Regensburger Telekommunikations GmbH & Co. KG, DE)

d.df-srv.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.144.199 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: lb.yieldlab.net

p.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.47.102 (Nürnberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h354.meetrics.de

dc8.s240.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.251.194.219 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h350.meetrics.de

dc2.s240.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	adform.net track.adform.net s1.adform.net	435 KB
17	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net pubads.g.doubleclick.net	112 KB
15	neon.de www.neon.de a1.neon.de s1.neon.de	380 KB
11	meetrics.net s240.meetrics.net dc7.s240.meetrics.net dc8.s240.meetrics.net dc2.s240.meetrics.net	4 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	42 KB
7	emsservice.de static.emsservice.de	70 KB
4	theadex.com dmp.theadex.com xpl.theadex.com	13 KB
4	ioam.de 1 redirects script.ioam.de irqs.ioam.de de.ioam.de	9 KB
3	pinterest.com assets.pinterest.com log.pinterest.com	23 KB
3	google.com 1 redirects www.google.com apis.google.com	64 KB
3	plista.com static.plista.com farm.plista.com	23 KB
3	stern.de 1 redirects static.stern.de	127 KB
2	df-srv.de 1 redirects d.df-srv.de	622 B
2	twitter.com platform.twitter.com syndication.twitter.com	35 KB
2	mookie1.com static-tagr.gd1.mookie1.com de-gmtdmp.mookie1.com	601 B
2	mxcdn.net s240.mxcdn.net	81 KB
2	yieldlab.net ad.yieldlab.net p.yieldlab.net	123 B
2	xplosion.de ups.xplosion.de	3 KB
2	emetriq.de 1 redirects dyn.emetriq.de cdn.emetriq.de	2 KB
2	amazon-adsystem.com c.amazon-adsystem.com aax.amazon-adsystem.com	4 KB
2	googleapis.com ajax.googleapis.com	61 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com	401 B
1	adrtx.net cdn.adrtx.net api.adrtx.net Failed	828 B
1	facebook.com www.facebook.com staticxx.facebook.com Failed	75 B
1	facebook.net connect.facebook.net	61 KB
1	adnxs.com ib.adnxs.com	62 B
1	google.de www.google.de	81 B
1	criteo.com bidder.criteo.com
1	wt-eu02.net grunerjahr01.wt-eu02.net	43 B
1	guj.de weblications.guj.de	382 B
1	googletagservices.com www.googletagservices.com	4 KB
1	googleadservices.com www.googleadservices.com	6 KB
160	32

	Domain	Requested by
38	s1.adform.net	track.adform.net s1.adform.net srcdoc ajax.googleapis.com
16	track.adform.net	securepubads.g.doubleclick.net www.neon.de s1.adform.net
13	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net www.neon.de
9	www.neon.de	www.neon.de
7	static.emsservice.de	www.neon.de static.emsservice.de securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.neon.de
4	dc2.s240.meetrics.net
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	a1.neon.de	www.neon.de
3	dc7.s240.meetrics.net	www.neon.de
3	s240.meetrics.net	www.neon.de
3	dmp.theadex.com	www.neon.de dmp.theadex.com
3	static.stern.de	1 redirects www.neon.de
2	d.df-srv.de	1 redirects www.neon.de
2	apis.google.com	www.neon.de apis.google.com
2	assets.pinterest.com	www.neon.de
2	static.plista.com	www.neon.de static.plista.com
2	s240.mxcdn.net	s240.meetrics.net
2	stats.g.doubleclick.net	www.neon.de
2	de.ioam.de	1 redirects www.neon.de
2	ups.xplosion.de	www.neon.de cdn.emetriq.de
2	s1.neon.de	www.neon.de
2	ajax.googleapis.com	www.neon.de s1.adform.net
1	log.pinterest.com	assets.pinterest.com
1	dc8.s240.meetrics.net
1	pubads.g.doubleclick.net	www.neon.de
1	p.yieldlab.net	www.neon.de
1	xpl.theadex.com	www.neon.de
1	dsp.adfarm1.adition.com	1 redirects
1	cdn.adrtx.net	www.neon.de
1	www.facebook.com	www.neon.de connect.facebook.net
1	syndication.twitter.com	platform.twitter.com
1	connect.facebook.net	www.neon.de
1	platform.twitter.com	ajax.googleapis.com platform.twitter.com
1	ib.adnxs.com	static-tagr.gd1.mookie1.com
1	farm.plista.com	static.plista.com
1	de-gmtdmp.mookie1.com	www.neon.de
1	static-tagr.gd1.mookie1.com	www.neon.de
1	www.google.de	www.neon.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	cdn.emetriq.de	ups.xplosion.de
1	bidder.criteo.com	static.emsservice.de
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	grunerjahr01.wt-eu02.net	www.neon.de
1	irqs.ioam.de	script.ioam.de
1	weblications.guj.de	ajax.googleapis.com
1	www.googletagservices.com	www.neon.de
1	ad.yieldlab.net	www.neon.de
1	dyn.emetriq.de	1 redirects
1	c.amazon-adsystem.com	www.neon.de
1	www.googleadservices.com	www.neon.de
1	script.ioam.de	www.neon.de
0	api.adrtx.net Failed	cdn.adrtx.net
0	staticxx.facebook.com Failed	connect.facebook.net
160	55

This site contains links to these domains. Also see Links.

Domain
www.stern.de
view.stern.de
shop.neon.de
ems.guj.de

Subject Issuer	Validity	Valid
static.stern.de Symantec Class 3 ECC 256 bit SSL CA - G2	`2017-10-24` - `2018-12-25`	a year	crt.sh
*.ioam.de thawte SSL CA - G2	`2016-08-30` - `2019-10-29`	3 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2017-10-17` - `2018-01-09`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2017-10-17` - `2018-01-09`	3 months	crt.sh
static-tagr.gd1.mookie1.com Symantec Class 3 Secure Server CA - G4	`2016-05-19` - `2018-05-20`	2 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2017-10-17` - `2018-01-09`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2017-09-22` - `2018-05-30`	8 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
*.apis.google.com Google Internet Authority G3	`2017-10-17` - `2018-01-09`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2015-07-30` - `2018-08-03`	3 years	crt.sh
*.df-srv.de thawte SHA256 SSL CA	`2016-12-12` - `2019-12-12`	3 years	crt.sh
track.adform.net GeoTrust SSL CA - G3	`2016-08-29` - `2019-10-01`	3 years	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-10-17` - `2017-12-29`	2 months	crt.sh

This page contains 16 frames:

Primary Page: http://www.neon.de/violet1984
Frame ID: 15428.1
Requests: 92 HTTP requests in this frame

Frame: data://truncated
Frame ID: 15428.8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/osd_listener.js
Frame ID: 15428.9
Requests: 4 HTTP requests in this frame

Frame: http://dmp.theadex.com/r/810/3277/?c=1001015090424590020
Frame ID: 15428.11
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=http%3A%2F%2Fwww.neon.de
Frame ID: 15428.12
Requests: 1 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/hsBwMj6iLmk.js?version=42
Frame ID: 15428.13
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/hsBwMj6iLmk.js?version=42
Frame ID: 15428.14
Requests: 1 HTTP requests in this frame

Frame: http://api.adrtx.net/thirdparty/iframe.html?p=adaud
Frame ID: 15428.15
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=136065509795137&domain=www.neon.de&origin=1&redirect_uri=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df7369283640ac%26domain%3Dwww.neon.de%26origin%3Dhttp%253A%252F%252Fwww.neon.de%252Ff8731e905594%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey
Frame ID: 15428.16
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=19923671;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214552967%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstn7kebSv7MyeNbYNw3gvDNybjJEoV47AC1bp7l0fkzHjaRTxeR09btVKSKvoyRliQqfCRJZziIlG8MQzeXFwYelcXIBzRC6E8cwpueYMfLlpuNxwkW1V8QjR-8YzQ89sXeJV8DD1gmTuy2HqajW_pvLB52gdW5RR4aq-QY1IKqLB2-fJ2IoQQwchALdbUcz_924FNR3Y9YxFjftIwGru3-VCeUMBN9W7QEBLhG6oPAxETNsg%2526sig%253DCg0ArKJSzLUJMqus9dzLEAE%2526urlfix%253D1%2526adurl%253D
Frame ID: 15428.17
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=19923667;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214551524%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssR9vHBajd6wKEQEEuRrcEfgYJFK9BivNM-xbmZWTop1WTmugYT2UkYGKxNYium3A7w5J6Ro4LK-UJAuV-jJxupZhslVB63bTqvUEITAcpiTlq4R1-CFu2Wik-cnLjXQFHoTHkC1sP43OpkS5Tq2lBh0cqC7ISrdsPWxL0LrhEvAqCGKxp6C7JzqWdEGUYFTQm2pEQjhmcU8mdAL91WvTcujOgQHZoe2g26fgVLb5zg2FkIPQ%2526sig%253DCg0ArKJSzIj-4B6YNeRqEAE%2526urlfix%253D1%2526adurl%253D
Frame ID: 15428.18
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=19929573;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214590665%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuWWp2wuiFRTqujbRCty-Sb9cwGc8YOod3aaP_bW6cRsPEdKEaYKYjtCd723ool_2oYgTleijhYF6N_DKYw4d8URMIPP4tYualPRwgaEKTbTBB0OUdtV2aposnJ7xpF-ZwJYwJVtuXgKnFbvHxmG2YwpTpKnEcOsQiccDHZQ42pxju3A2imUB10rc3n288qXrFfxL92ZJR_N78a4IP39LbaOgDsDDoBTSZ_-h_LnYmwipBY7g%2526sig%253DCg0ArKJSzLkTMyOH4TPuEAE%2526urlfix%253D1%2526adurl%253D
Frame ID: 15428.20
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/osd_listener.js
Frame ID: 15428.19
Requests: 4 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/1000194/2466008/2466008.js?ADFassetID=2466008&bv=514
Frame ID: 15428.21
Requests: 11 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/54026/2467714/2467714.js?ADFassetID=2467714&bv=514
Frame ID: 15428.22
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/1000194/2466012/2466012.js?ADFassetID=2466012&bv=514
Frame ID: 15428.23
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

160
Requests

56 %
HTTPS

29 %
IPv6

32
Domains

55
Subdomains

46
IPs

7
Countries

1559 kB
Transfer

3950 kB
Size

16
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.stern.de/
Title: stern

Search URL Search Domain Scan URL

URL: http://www.stern.de/nido/
Title: Nido

Search URL Search Domain Scan URL

URL: http://view.stern.de/
Title: VIEW

Search URL Search Domain Scan URL

URL: http://www.stern.de/tv/
Title: stern TV

Search URL Search Domain Scan URL

URL: http://www.stern.de/neon/

Search URL Search Domain Scan URL

URL: https://www.stern.de/sn/action/3000076/action/userdetails
Title: Profil

Search URL Search Domain Scan URL

URL: http://www.stern.de/sn/action/3000074/action/logout
Title: Abmelden

Search URL Search Domain Scan URL

URL: https://www.stern.de/sn/login/3000072/login?next=http://www.stern.de/neon/schnittmarke-neon-community/
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://www.stern.de/sn/action/3000132/action/registration
Title: Kostenlos neu registrieren

Search URL Search Domain Scan URL

URL: http://www.stern.de/neon/magazin/
Title: Magazin

Search URL Search Domain Scan URL

URL: http://www.stern.de/neon/unnuetzes-wissen---unnuetzes-quizzen-7142526.html
Title: Unnützes Wissen

Search URL Search Domain Scan URL

URL: http://shop.neon.de/neon/abos/?utm_source=neon.de&utm_medium=link&utm_campaign=hauptnavigation&onwewe=0690
Title: Shop

Search URL Search Domain Scan URL

URL: http://www.stern.de/neon/archiv/
Title: Archiv

Search URL Search Domain Scan URL

URL: http://www.stern.de/neon/gemeinsam-stark/
Title: Gemeinsam stark

Search URL Search Domain Scan URL

URL: http://www.stern.de/neon/digital-services/
Title: Smarter Service

Search URL Search Domain Scan URL

URL: http://www.stern.de/neon/mai-ausgabe--neon--05-2017--7393732.html

Search URL Search Domain Scan URL

URL: http://ems.guj.de/print/portfolio/neon/profil/
Title: Mediadaten

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://static.stern.de/resources/all/3000082/0/0/1582555676/stern-all.css HTTP 301
https://static.stern.de/resources/all/3000082/0/0/2025787660/stern-all.css

Request Chain 20

http://dyn.emetriq.de/loader/13262/default.js?_0.6553887931181144 HTTP 302
http://ups.xplosion.de/loader/13262/default.js?_0.6553887931181144&xplrdir=1

Request Chain 36

http://de.ioam.de/tx.io?st=stern&cp=f1DBU-821Vermischtesmultithematisch-neon&sv=i2&pt=CP&rf=&r2=&ur=www.neon.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0009&i2=000957649be93210a59f1477b&ep=1538918669&vr=406&id=k9kycv&lt=1508984699471&ev=&cs=5w3m3n&mo=1 HTTP 302
http://de.ioam.de/tx.io?st=stern&cp=f1DBU-821Vermischtesmultithematisch-neon&sv=i2&pt=CP&rf=&r2=&ur=www.neon.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0009&i2=000957649be93210a59f1477b&ep=1538918669&vr=406&id=k9kycv&lt=1508984699471&ev=&cs=5w3m3n&mo=1&sr=71

Request Chain 37

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 48

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.0dc&utms=1&utmn=821449795&utmhn=www.neon.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&utmhid=217980022&utmr=-&utmp=%2Fviolet1984&utmht=1508984699595&utmac=UA-2628742-1&utmcc=__utma%3D261612178.1294442649.1508984700.1508984700.1508984700.1%3B%2B__utmz%3D261612178.1508984700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=555827241&utmredir=3&utmu=qCUAAAABAAAAAAAAAAAAAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.0dc&utms=1&utmn=821449795&utmhn=www.neon.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&utmhid=217980022&utmr=-&utmp=%2Fviolet1984&utmht=1508984699595&utmac=UA-2628742-1&utmcc=__utma%3D261612178.1294442649.1508984700.1508984700.1508984700.1%3B%2B__utmz%3D261612178.1508984700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=555827241&utmredir=3&utmu=qCUAAAABAAAAAAAAAAAAAAAE~

Request Chain 57

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZPnTJnZhFVAmZ4oQcydlFt0S6HHPb7yZ9motfdoIP7owPwVQSREhSqwaWJPtp9CHH18KDf4bp1RNlyqxxAxwB8M-BUAR62MTDhKuOaQt8g31ROeHxos4ZsAu1Po3UOEr0EXuknkKrwpSUBpLQBGhlH9lByYufdSYbnjstcAy4G2fdhLKzD8DHkjSDRbsZzNp05h3lXcbWPm9yaq-VxBrV33OeRMp5kmI1oLjJktIZpxNFLwcrAxB_LtmbDBJeQNcogirC3m0&sig=Cg0ArKJSzNLwpJ-_CTUsEAE&urlfix=1&adurl=https://static.emsservice.de/systempixel/platzhalter.gif HTTP 302
https://static.emsservice.de/systempixel/platzhalter.gif

Request Chain 58

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1045330736/?random=1508984699701&cv=8&fst=1508984699701&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&tiba=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&rfmt=3&fmt=4 HTTP 302
https://www.google.com/ads/user-lists/1045330736/?random=1508984699701&cv=8&fst=1508983200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&tiba=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&fmt=4&cdct=2&is_vtc=1&random=92738863 HTTP 302
https://www.google.de/ads/user-lists/1045330736/?random=1508984699701&cv=8&fst=1508983200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&tiba=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&fmt=4&cdct=2&is_vtc=1&random=92738863&ipr=y&ulfeg=n

Request Chain 69

http://assets.pinterest.com/js/pinit.js?_=1508984699808 HTTP 307
https://assets.pinterest.com/js/pinit.js?_=1508984699808

Request Chain 71

http://connect.facebook.net/de_DE/all.js HTTP 307
https://connect.facebook.net/de_DE/all.js

Request Chain 77

http://assets.pinterest.com/js/pinit_main.js?0.5281924607041577 HTTP 307
https://assets.pinterest.com/js/pinit_main.js?0.5281924607041577

Request Chain 83

http://d.df-srv.de/match/a.js?pid=42 HTTP 302
http://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fd.df-srv.de%2Fmatch%2Fa.js%3Fpid%3D42%26l%3D1%26adition_vid%3D%25%25COOKIE%25%25 HTTP 302
https://d.df-srv.de/match/a.js?pid=42&l=1&adition_vid=6481039932383819795

160 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request Cookie set violet1984 Show response
www.neon.de/ 19 KB
19 KB 193ms
166ms Document
text/html 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: d739fc1ecbffaae6d191ecb754bc7d95b5258b17b48c40e49c21d1122c975d73

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Via: 1.1 ambato-vi, 1.1 delicias2-vi
X-LB: http
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS from delicias2-vi
Status: 404 Not Found
Connection: keep-alive
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-FSCK: 25d73c_59cd92b3fabaf421c036bda1f98d399bd7
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

stern-all.css
static.stern.de/resources/all/3000082/0/0/2025787660/
Redirect Chain

http://static.stern.de/resources/all/3000082/0/0/1582555676/stern-all.css
https://static.stern.de/resources/all/3000082/0/0/2025787660/stern-all.css

592 KB
108 KB

32ms
6ms

Stylesheet
text/css

92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.stern.de/resources/all/3000082/0/0/2025787660/stern-all.css
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: /
Resource Hash: a39f0fae83155b20be84a79f345ee29b77d377656ea025a5181ac491215272da

Request headers

:path: /resources/all/3000082/0/0/2025787660/stern-all.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: static.stern.de
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
x-backend: cm_static/cae04
status: 200
vary: Accept-Encoding
content-language: de-DE
access-control-allow-origin: *
cache-control: public, max-age=2022180
accept-ranges: bytes
content-type: text/css;charset=UTF-8
content-length: 110672

Redirect headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
X-Backend: cm_static/cae02
Location: https://static.stern.de/resources/all/3000082/0/0/2025787660/stern-all.css
Content-Language: de-DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=28
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 0
X-LB: http

GET
H/1.1 200
OK container.css
www.neon.de/css/ 808 B
808 B 37ms
22ms Stylesheet
text/css 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/css/container.css?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: f63c1d263eb22abc94c4277e62255ac2d99b7226ad76318eb7a3bc131f0c3fe0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.neon.de/violet1984
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

X-IsFSC: true
Date: Thu, 26 Oct 2017 02:24:59 GMT
Via: 1.1 ambato-vi, 1.1 delicias2-vi
Server: Apache
Age: 0
Vary: Accept-Encoding
X-Cache: MISS from delicias2-vi
Content-Type: text/css; charset=utf-8
X-FSCK: 25d73c_599236be27fc3379448510eab701eb85a9
Expires: Thu, 26 Oct 2017 02:26:27 GMT
Cache-Control: public, max_age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 808
X-LB: http

GET
H/1.1 200
OK jHtmlArea.css
a1.neon.de/css/jHtmlArea/ 4 KB
751 B 43ms
17ms Stylesheet
text/css 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://a1.neon.de/css/jHtmlArea/jHtmlArea.css?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 6aa941e61686d70360a5f91ce8df3fef743d0b04202448dd5eb80a18694ab2ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a1.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 18 Oct 2017 01:03:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 10:01:57 GMT
Server: Apache
Age: 696101
Vary: Accept-Encoding
X-Cache: HIT from branco2-vi
Content-Type: text/css
Via: 1.1 arauca-vi, 1.1 branco2-vi
Expires: Fri, 26 Jan 2018 01:03:18 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 751
X-LB: http

GET
H/1.1 200
OK gujAd.css
www.neon.de/gujAd/ 1 KB
586 B 31ms
17ms Stylesheet
text/css 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/gujAd/gujAd.css?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 18b57ebf76339036f7bafa481aed09f6a892f001dc1f5c02bbb8cf82e0a72748

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.neon.de/violet1984
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 02:10:13 GMT
Server: Apache
Age: 59
Vary: Accept-Encoding
X-Cache: HIT from delicias2-vi
Content-Type: text/css
Via: 1.1 ambato-vi, 1.1 delicias2-vi
Expires: Thu, 26 Oct 2017 04:29:00
Cache-Control: max-age=300, stale-while-revalidate=3600, stale-if-error=36000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 586
X-LB: http

GET
H/1.1 200
OK gujAd.js Show response
www.neon.de/gujAd/ 251 KB
61 KB 32ms
17ms Script
application/x-javascript 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 3a8e1da63d40db33ee107f74124d35b92ef1ca4273699e978174ece080243138

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:21:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 02:10:13 GMT
Server: Apache
Age: 203
Vary: Accept-Encoding
X-Cache: HIT from delicias2-vi
Content-Type: application/x-javascript
Via: 1.1 ambato-vi, 1.1 delicias2-vi
Expires: Thu, 26 Oct 2017 04:26:35
Cache-Control: max-age=300, stale-while-revalidate=3600, stale-if-error=36000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62283
X-LB: http

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 25 KB
8 KB 49ms
11ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.9 0009
Resource Hash: 0b259afbc5f007add7c9248096512fee356cf0de9f3180400e09baf082d35735

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: script.ioam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 02:24:59 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.9 0009
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: privat, max-age=7200 pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Thu, 26 Oct 2017 04:24:59 GMT

GET
H/1.1 200
OK modernizr-1.7.min.js Show response
a1.neon.de/js/libs/ 9 KB
4 KB 44ms
18ms Script
text/javascript 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://a1.neon.de/js/libs/modernizr-1.7.min.js
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a1.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 18 Oct 2017 01:03:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 10:01:57 GMT
Server: Apache
Age: 696101
Vary: Accept-Encoding
X-Cache: HIT from branco2-vi
Content-Type: text/javascript
Via: 1.1 oruro-vi, 1.1 branco2-vi
Expires: Fri, 26 Jan 2018 01:03:18 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3688
X-LB: http

GET
H/1.1 200
OK NEON.js Show response
a1.neon.de/js/neon/ 12 KB
3 KB 43ms
18ms Script
text/javascript 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://a1.neon.de/js/neon/NEON.js?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 77f50bdf0692c8145e919fc52ec7c94172b38ffb43b239f8b737654fa8eae7d8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a1.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 18 Oct 2017 01:03:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 10:01:57 GMT
Server: Apache
Age: 696101
Vary: Accept-Encoding
X-Cache: HIT from branco2-vi
Content-Type: text/javascript
Via: 1.1 florencia-vi, 1.1 branco2-vi
Expires: Fri, 26 Jan 2018 01:03:18 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2950
X-LB: http

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 13 Oct 2017 14:57:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1078062
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33333
X-XSS-Protection: 1; mode=block
Expires: Sat, 13 Oct 2018 14:57:17 GMT

GET
H/1.1 200
OK neon-tracker.js Show response
www.neon.de/js/dist/neon-tracker/ 52 KB
15 KB 87ms
70ms Script
text/javascript 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/js/dist/neon-tracker/neon-tracker.js?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 25096d493bc6ca9c18137f1e9644ef1eb4a07669a7bff42be24767dbaef18228

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Mon, 23 Oct 2017 01:54:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 10:01:58 GMT
Server: Apache
Age: 261012
Vary: Accept-Encoding
X-Cache: HIT from anta2-vi
Content-Type: text/javascript
Via: 1.1 oruro-vi, 1.1 anta2-vi
Expires: Wed, 31 Jan 2018 01:54:47 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14877
X-LB: http

GET
H/1.1 200
OK stern-integration.css
www.neon.de/css/ 978 B
461 B 28ms
17ms Stylesheet
text/css 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/css/stern-integration.css?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 628a7cf2fb865b253fc8393b3d408f7ef4bce3dd31328426ba556a81610c43b9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.neon.de/violet1984
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 25 Oct 2017 04:57:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 10:01:56 GMT
Server: Apache
Age: 77229
Vary: Accept-Encoding
X-Cache: HIT from delicias2-vi
Content-Type: text/css
Via: 1.1 florencia-vi, 1.1 delicias2-vi
Expires: Fri, 02 Feb 2018 04:57:50 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 461
X-LB: http

GET
H/1.1 200
OK heftbox_mai.jpg
s1.neon.de/media/heftbox/ 77 KB
77 KB 48ms
22ms Image
image/jpeg 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.neon.de/media/heftbox/heftbox_mai.jpg
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 87e35cb6e28ce38c1e90adf75b8829e6e2daacc995eb80f4ec0723dd10dbd142

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: s1.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 25 Oct 2017 04:57:51 GMT
Via: 1.1 oruro-vi, 1.1 delicias2-vi
Last-Modified: Fri, 31 Mar 2017 12:48:40 GMT
Server: Apache
Age: 77228
ETag: "a0f12822ecefc7d8-133fa-54c063aa087e6"
X-Cache: HIT from delicias2-vi
Content-Type: image/jpeg
Expires: Fri, 02 Feb 2018 04:57:51 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78842
X-LB: http

GET
H/1.1 200
OK c_75x75_1499947855_c4e2_fbprofile0817.jpg
s1.neon.de/images/generated/16/61/773/ 2 KB
2 KB 48ms
21ms Image
image/jpeg 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.neon.de/images/generated/16/61/773/c_75x75_1499947855_c4e2_fbprofile0817.jpg
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: fe093ed6762e221ec75695875021342f123082ad656134e940208288e9cb7e34

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: s1.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 25 Oct 2017 04:57:51 GMT
Via: 1.1 arauca-vi, 1.1 delicias2-vi
Last-Modified: Thu, 13 Jul 2017 12:11:28 GMT
Server: Apache
Age: 77228
ETag: "9442fe3f3f3fa52f-9ee-55431d518880c"
X-Cache: HIT from delicias2-vi
Content-Type: image/jpeg
Expires: Fri, 02 Feb 2018 04:57:51 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2542
X-LB: http

GET
H/1.1 200
OK default.css
www.neon.de/css/ 79 KB
79 KB 20ms
19ms Stylesheet
text/css 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/css/default.css?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 3012c9bdfcbc90c0bd3d452d7cf6d1c538bf62f98d816fba5e6f2a1ab8571331

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.neon.de/violet1984
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2017 04:59:36 GMT
Via: 1.1 oruro-vi, 1.1 delicias2-vi
Server: Apache
Age: 77123
Vary: Accept-Encoding
X-Cache: HIT from delicias2-vi
Content-Type: text/css; charset=utf-8
X-FSCK: 25d73c_59bb81fed9da92cd8dce3a42c6e266143f
Expires: Thu, 25 Oct 2018 04:59:36 GMT
Cache-Control: public, max_age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80838
X-LB: http

GET
H/1.1 200
OK combined.js Show response
www.neon.de/js/ 99 KB
99 KB 102ms
102ms Script
text/javascript 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/js/combined.js?v=20170524113749-25d73c_2576
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: 2868bc3db24680568dae7c7ce3e6c96f11f6ae812724ad301f5dd0669b086926

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Oct 2017 01:55:49 GMT
Via: 1.1 ambato-vi, 1.1 anta2-vi
Server: Apache
Age: 260949
Vary: Accept-Encoding
X-Cache: HIT from anta2-vi
Content-Type: text/javascript; charset=utf-8
X-FSCK: 25d73c_59d3c1fd5018bc097bd1453f2075acc4aa
Expires: Tue, 23 Oct 2018 01:55:49 GMT
Cache-Control: public, max_age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100983
X-LB: http

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 17 KB
6 KB 20ms
14ms Script
text/javascript 172.217.21.194
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

HTTP/1.1

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4c43ac4f6ec003eb9f9bb9d4396f542402f03d3aac9cdeee4ed8e4d59a1a377c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16346152493260834643
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 6265
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
H/1.1 200
OK adex.js Show response
dmp.theadex.com/d/810/3277/s/ 36 KB
13 KB 46ms
14ms Script
application/javascript 89.163.159.102
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dmp.theadex.com/d/810/3277/s/adex.js
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 89.163.159.102 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d8140a26c6cb88b729d22fd1dce46cb9c491b6be1a7782e95f90bf6f0be9e512

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dmp.theadex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Aug 2017 13:46:01 GMT
Server: nginx
ETag: W/"59a41e99-91dd"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 26 Oct 2017 02:29:59 GMT

GET
H/1.1 200
OK amzn_ads.js Show response
c.amazon-adsystem.com/aax2/ 12 KB
4 KB 25ms
13ms Script
application/javascript 54.192.12.104
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 54.192.12.104 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-12-104.ams1.r.cloudfront.net
Software: Server /
Resource Hash: ec60d3f59db0946291c7e768835fb7a9787afbb206408d2cdb9e8cb1c70fcec5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 25 Oct 2017 18:21:22 GMT
Content-Encoding: gzip
Server: Server
Age: 29016
ETag: 6c381378220b675f40f2975a06f51bd2
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7d6b3813f81c0a2b16fe143c3b419156.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4001
X-Amz-Cf-Id: LQxehfnsRvEnjLql2z_p0J6ADQJ5AuD9HMCP2S3WzGQah4BssbM4dQ==

GET
H/1.1 200
OK gjsitedata.json Show response
static.emsservice.de/data/ 56 KB
15 KB 68ms
47ms XHR
application/json 92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://static.emsservice.de/data/gjsitedata.json?0.01141508999013463
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a4883d6637326c8070c490b81b0c7f0e19b2ccfc62ee6cf7386c11d6d95e8ba0

Request headers

Pragma: no-cache
Origin: http://www.neon.de
Accept-Encoding: gzip, deflate
Host: static.emsservice.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Accept: */*
Referer: http://www.neon.de/violet1984
Origin: http://www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Vary: Origin Accept-Encoding
Connection: keep-alive
Content-Length: 15016
Last-Modified: Wed, 25 Oct 2017 07:45:03 GMT
Server: AmazonS3
ETag: "2571830b7771960fdd1a475f38d8140b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=25604
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: x7Ol_yjZfI7bISAmkmY6nhnHA0l3nxi6J1UJf1jtQS990Ycm0Av3Jw==
Expires: Thu, 26 Oct 2017 09:31:43 GMT

GET
H/1.1 200
OK autoNative.min.js Show response
static.emsservice.de/autoNative/project/ 157 KB
39 KB 20ms
13ms Script
application/javascript 92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://static.emsservice.de/autoNative/project/autoNative.min.js
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bbc136601829554f1f3d390c503817bd5d0afb29017e0e941a034219ebbb0101

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.emsservice.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 39844
Last-Modified: Wed, 18 Oct 2017 15:59:13 GMT
Server: AmazonS3
ETag: "a898747af5af39983d2eab4ee11f1973"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=25656
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: STiah-s9-5d0ucfAT7Y8M2B55yVIpsrPuPwpWO_U-SbHom9YayCMcg==
Expires: Thu, 26 Oct 2017 09:32:35 GMT

GET
H/1.1

200
OK

default.js Show response
ups.xplosion.de/loader/13262/
Redirect Chain

http://dyn.emetriq.de/loader/13262/default.js?_0.6553887931181144
http://ups.xplosion.de/loader/13262/default.js?_0.6553887931181144&xplrdir=1

2 KB
2 KB

73ms
30ms

Script
text/javascript

52.30.185.55
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ups.xplosion.de/loader/13262/default.js?_0.6553887931181144&xplrdir=1
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 52.30.185.55 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-185-55.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 12ac1a7e286920557e998fa43bfe1d8e8592207adad8af7a9988b95b766ed2ce

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ups.xplosion.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID PSAo OUR SAMo BUS"
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1544

Redirect headers

Location: http://ups.xplosion.de/loader/13262/default.js?_0.6553887931181144&xplrdir=1
Date: Thu, 26 Oct 2017 02:24:59 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK publishertags.js Show response
static.emsservice.de/criteo/ 59 KB
14 KB 48ms
42ms Script
application/x-javascript 92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://static.emsservice.de/criteo/publishertags.js?rnd=0.39074042183171986
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4d5b23d26344a501078a1b3538c9a3564bb6eb2ed3c8cd8e1e20d229ecf6e842

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.emsservice.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-meta-cb-modifiedtime: Wed, 27 Sep 2017 16:31:14 GMT
Connection: keep-alive
Content-Length: 14829
Last-Modified: Wed, 27 Sep 2017 16:32:18 GMT
Server: AmazonS3
ETag: "73fd9e4ce30e53f1b0e7811e45b2d8fa"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=28105
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: THRER0KzBjpT39em5y7uv_ygjILVOccRKIfozq4Yr2XKT-UF85iv_Q==
Expires: Thu, 26 Oct 2017 10:13:24 GMT

GET
H/1.1 200
OK Cookie set 23773,23774,23775,57652,57654,423691,428585,647134,2416626,23776 Show response
ad.yieldlab.net/yp/ 154 B
123 B 18ms
12ms Script
text/javascript 92.123.92.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.yieldlab.net/yp/23773,23774,23775,57652,57654,423691,428585,647134,2416626,23776?formats_23776=101,102,103,104,105,106,108,110,111,112,113,114,115,116,117,119&yl_rtb_pubkey=8464_50691384&t=g%3D%26a%3D%26s%3D%26bi%3D%26bs%3D%26re%3D%26ne%3D&ts=0.21344393021526842
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 92.123.92.197 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-197.deploy.akamaitechnologies.com
Software: /
Resource Hash: 0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Connection: keep-alive
Content-Language: de-DE
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Set-Cookie: id=be2e5afc-6f69-4d5a-87d3-c0d03d0525ff; Domain=yieldlab.net; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/
Content-Type: text/javascript;charset=UTF-8
Content-Length: 123
Expires: Wed, 25 Oct 2017 02:24:59 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 10 KB
4 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

aef8e5f3f7bfe38b9278f9a7b02f26ba21d1341925f46db6c1f4b41fcd021995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1508982400215844"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 4486
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80618fe730350142f1b2e7997da774dbd0a31b3fc34e6438ec56d5a19665f5ec

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/plain;charset=US-ASCII

GET
H/1.1 200
OK gujTracker.js Show response
weblications.guj.de/js/ 811 B
382 B 58ms
19ms Script
text/javascript 194.12.193.238
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://weblications.guj.de/js/gujTracker.js?_=1508984699434
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol: HTTP/1.1
Server: 194.12.193.238 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: weblications.guj.de
Software: Apache /
Resource Hash: ea48b24bcd69694d0b52fa9ac12e2009346c344ac29eb54264f85f2da0fb0b48

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: weblications.guj.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 09:26:47 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding
X-Cache: MISS from anta2-vi
Content-Type: text/javascript
Via: 1.1 webmisc01-vi, 1.1 anta2-vi
Expires: Sat, 03 Feb 2018 02:24:59 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382
X-LB: http

GET
H/1.1 200
OK Cookie set mtrcs_886118.js Show response
s240.meetrics.net/bb-mx/prime/ 2 KB
1 KB 14ms
2ms Script
text/javascript 136.243.5.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s240.meetrics.net/bb-mx/prime/mtrcs_886118.js?pjid=886118&size=all&place=neon&adc=_default&cb=0.6733788073724785
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 136.243.5.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h234.meetrics.de
Software: nginx /
Resource Hash: 925a93960e67029e3c5392963a35e3396d8d10cd396c2b3e41841913809b6de1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Set-Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438; Version=1; path=/; Domain=s240.meetrics.net; Max-Age=2592000; expires=Sat, 25-Nov-2017 02:24:59 GMT
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1150
Expires: Thu, 26 Oct 2017 02:24:58 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31ab5e2f6e313cc462ff7d70a5c351189fdcba986b21c5e056ce553262976d7b

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 746 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2281d550b5bc08e325023953b5ba5aa485a3fd38e3e9cff3d27d46d6a8fdc2c8

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ffa770511d36a015c51b4a04e6cfcd5fc0c9fdca83594c6a45c8ebebb32205

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 446 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93f8e855bf6f3c3f80f334fbc08dac22669699f3dcb7726f63435e6508890f46

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 741 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d78059dc4353441d92f103e1057cc18b35c5892114e3613d1680cb3dde9b4371

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89800875c4bda31a35c6cfce95eb0d509919e909575056626a8ea8b9e8688495

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 truenoexbdit-webfont-woff2-data.woff2
static.stern.de/blob/7524382/d5e1c2331b768a865b804682bda33e6b/ 19 KB
19 KB 25ms
6ms Font
font/woff2 92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.stern.de/blob/7524382/d5e1c2331b768a865b804682bda33e6b/truenoexbdit-webfont-woff2-data.woff2
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: /
Resource Hash: 1a071b3179f03592a1c339fc17a2d57609454f9b9ee1eabd6cffb85971b88d8a

Request headers

:path: /blob/7524382/d5e1c2331b768a865b804682bda33e6b/truenoexbdit-webfont-woff2-data.woff2
pragma: no-cache
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: static.stern.de
referer: https://static.stern.de/resources/all/3000082/0/0/2025787660/stern-all.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer: https://static.stern.de/resources/all/3000082/0/0/2025787660/stern-all.css
Origin: http://www.neon.de

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
x-backend: cm_static/cae06
etag: "d5e1c2331b768a865b804682bda33e6b"
status: 200
content-language: de-DE
access-control-allow-origin: *
cache-control: public, max-age=5809296
accept-ranges: bytes
content-type: font/woff2;charset=UTF-8
content-length: 18992

GET
DATA 200
OK truncated
/ 396 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d08d41a10c2e1ea85e0e7c8454845236a49b2ce5a75e6e022651b7edd667d47

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=US-ASCII

GET
H/1.1 200 identitystatus Show response
irqs.ioam.de/ 25 B
36 B 18ms
9ms XHR
application/vnd.api+json 193.46.63.75
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://irqs.ioam.de/identitystatus?offerIdentifier=stern&siteIdentifier=f1DBU-821Vermischtesmultithematisch-neon&sampleType=in&pixelType=CP&isFadeoutFlash=true&isFadeoutFrame=true&isFadeoutForm=true&positionTop=10&positionLeft=100&zIndex=1100000&c=0.5826569013884924
Requested by: Host: script.ioam.de
URL: https://script.ioam.de/iam.js
Protocol: HTTP/1.1
Server: 193.46.63.75 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: irqs.ioam.de
Software: nginx /
Resource Hash: 9efa53ec1a261a8576a66a71befaf9d03c1a108aac36271f4599b87597b8a71e

Request headers

Pragma: no-cache
Origin: http://www.neon.de
Accept-Encoding: gzip, deflate
Host: irqs.ioam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer: http://www.neon.de/violet1984
Origin: http://www.neon.de

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Server: nginx
Vary: Origin
Content-Type: application/vnd.api+json
Access-Control-Allow-Origin: http://www.neon.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

200
OK

Cookie set tx.io Show response
de.ioam.de/
Redirect Chain

http://de.ioam.de/tx.io?st=stern&cp=f1DBU-821Vermischtesmultithematisch-neon&sv=i2&pt=CP&rf=&r2=&ur=www.neon.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0009&i2=000957649be93210a59f1477b&ep=1538918669&vr=40...
http://de.ioam.de/tx.io?st=stern&cp=f1DBU-821Vermischtesmultithematisch-neon&sv=i2&pt=CP&rf=&r2=&ur=www.neon.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0009&i2=000957649be93210a59f1477b&ep=1538918669&vr=40...

0
0

9ms
9ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://de.ioam.de/tx.io?st=stern&cp=f1DBU-821Vermischtesmultithematisch-neon&sv=i2&pt=CP&rf=&r2=&ur=www.neon.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0009&i2=000957649be93210a59f1477b&ep=1538918669&vr=406&id=k9kycv&lt=1508984699471&ev=&cs=5w3m3n&mo=1&sr=71
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.04.6 002f
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.ioam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: i00=002f2e71f0af5855659f1477b0001%3B59f1477b%3B5b46c028
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.04.6 002f
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Set-Cookie: i00=002f2e71f0af5855659f1477b0001%3B59f1477b%3B5b46c028; expires=Thu, 12-Jul-2018 02:42:48 GMT; path=/; domain=ioam.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.04.6 002f
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Thu, 26 Oct 2017 02:24:59 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=stern&cp=f1DBU-821Vermischtesmultithematisch-neon&sv=i2&pt=CP&rf=&r2=&ur=www.neon.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0009&i2=000957649be93210a59f1477b&ep=1538918669&vr=406&id=k9kycv&lt=1508984699471&ev=&cs=5w3m3n&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Set-Cookie: i00=002f2e71f0af5855659f1477b0001%3B59f1477b%3B5b46c028; expires=Thu, 12-Jul-2018 02:42:48 GMT; path=/; domain=ioam.de
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Wed, 26 Oct 2016 02:24:59 GMT

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

44 KB
16 KB

43ms
14ms

Script
text/javascript

2a00:1450:400c:c04::9a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c04::9a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

80887a5401b58a63cbfcfa8149d48f90765f53f0bcaa06ee8a06fce97c87d62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /dc.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: stats.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Sep 2017 22:31:34 GMT
server: Golfe2
age: 5506
date: Thu, 26 Oct 2017 00:53:13 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 16578
expires: Thu, 26 Oct 2017 02:53:13 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK Cookie set wt
grunerjahr01.wt-eu02.net/358373148169700/ 43 B
43 B 22ms
7ms Image
image/gif 185.54.150.20
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grunerjahr01.wt-eu02.net/358373148169700/wt?p=326,www_neon_de.violet1984,1,1600x1200,24,1,1508984699479,0,1600x1200,0&tz=0&eid=2150898469900258682&one=1&fns=0&la=en&cg3=index&cp1=%2Fviolet1984&cp3=www.neon.de&cp6=f1DBU-821Vermischtesmultithematisch-neon&cp7=_default&cp9=desktop&cp10=Community&cp14=1%2F1&fvc=201710260224&lvc=201710260224&pu=http%3A%2F%2Fwww.neon.de%2Fviolet1984&np=&eor=1
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 185.54.150.20 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: 5 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: grunerjahr01.wt-eu02.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:58 GMT
Last-Modified: Thu, 26 Oct 2017 02:24:59 GMT
Server: 5
X-Robots-Tag: noindex, nofollow, noarchive
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Set-Cookie: wt_nbg_Q3=!lOmRlG/weB+AM0o5TUsZYeXswsJcsdtXog5pDRkYFjeEy3sdyJ+4JeP0oaOkYd9UMxsp4OWXcJrT; path=/; Httponly
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK truenoblkit-webfont.woff2
www.neon.de/font/ 18 KB
18 KB 20ms
19ms Font
application/octet-stream 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.neon.de/font/truenoblkit-webfont.woff2
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: a557ad98f662e9e0a0c64677aba69eef1ca8ae3a48c4324435ec069978763c55

Request headers

Pragma: no-cache
Origin: http://www.neon.de
Accept-Encoding: gzip, deflate
Host: www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/css/default.css?v=20170524113749-25d73c_2576
Cookie: s_neon=5doutf6rmsm3aaje8tp2adu6a7; gujemsuid=00000000-0000-4000-8000-000000000000; POPUPCHECK=1509071099471; wt3_eid=%3B358373148169700%7C2150898469900258682%232150898469900431522; wt3_sid=%3B358373148169700
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer: http://www.neon.de/css/default.css?v=20170524113749-25d73c_2576
Origin: http://www.neon.de

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Via: 1.1 ambato-vi, 1.1 delicias2-vi
Last-Modified: Mon, 20 Mar 2017 10:01:56 GMT
Server: Apache
Age: 0
ETag: "5fc5c-48cc-54b269e0c4d00"
Vary: Accept-Encoding
X-Cache: MISS from delicias2-vi
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18636
X-LB: http

GET
H/1.1 200
OK tabs_bottom_bg.png
a1.neon.de/images/ 1 KB
1 KB 20ms
20ms Image
image/png 194.12.193.79
GRUNER-UND-JAHR-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a1.neon.de/images/tabs_bottom_bg.png
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 194.12.193.79 Hamburg, Germany, ASN12680 (GRUNER-UND-JAHR-AS1 Hamburg, Germany, DE),
Reverse DNS: www.neon.de
Software: Apache /
Resource Hash: b50f76bdd15272d01d904c72154c22dad1b3b477c04aa6a030e059eccbefc3ef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a1.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/css/default.css?v=20170524113749-25d73c_2576
Cookie: wt3_eid=%3B358373148169700%7C2150898469900258682%232150898469900431522; wt3_sid=%3B358373148169700
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/css/default.css?v=20170524113749-25d73c_2576
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 18 Oct 2017 01:03:18 GMT
Via: 1.1 oruro-vi, 1.1 branco2-vi
Last-Modified: Mon, 20 Mar 2017 10:01:56 GMT
Server: Apache
Age: 696101
ETag: "414b9-55e-54b269e0c4d00"
X-Cache: HIT from branco2-vi
Content-Type: image/png
Expires: Fri, 26 Jan 2018 01:03:18 GMT
Cache-Control: max-age=8640000, stale-while-revalidate=10, stale-if-error=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1374
X-LB: http

GET
H/1.1 200
OK bid Show response
aax.amazon-adsystem.com/e/dtb/ 33 B
33 B 239ms
135ms Script
text/javascript 54.239.17.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://aax.amazon-adsystem.com/e/dtb/bid?src=3493&u=http%3A%2F%2Fwww.neon.de%2Fviolet1984&cb=8113826&t=300
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol: HTTP/1.1
Server: 54.239.17.113 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: c902c96266548c8982f65d29f2f8f188149102603bebd4382ef9dcfa0afac2ba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aax.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:58 GMT
Server: Server
Connection: Keep-Alive
Keep-Alive: timeout=2, max=5
Content-Length: 33
Vary: User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK autoNative.neon.js Show response
static.emsservice.de/autoNative/project/config/ 447 B
447 B 6ms
6ms Script
application/javascript 92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://static.emsservice.de/autoNative/project/config/autoNative.neon.js
Requested by: Host: static.emsservice.de
URL: http://static.emsservice.de/autoNative/project/autoNative.min.js
Protocol: HTTP/1.1
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1969ed9245e3de65b050cbe698a655e5748f8e80cadf0634ab78a098717f7fee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.emsservice.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Connection: keep-alive
Content-Length: 447
Last-Modified: Wed, 18 Oct 2017 15:59:12 GMT
Server: AmazonS3
ETag: "00f7f409b0b527bf2b47c20e8abd040d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=11185
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: DCgU5jHg9FPXKTl-9_OxS2djCPAMuFM9Zlq8RTtqPweZPlh7GaQPEA==
Expires: Thu, 26 Oct 2017 05:31:24 GMT

GET
H2 200 pubads_impl_162.js Show response
securepubads.g.doubleclick.net/gpt/ 184 KB
64 KB 33ms
20ms Script
text/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a09dc0db7d0684852b3eb4b6ba5d37fef05e3ef058e10efac5ba8f9df1ed2c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gpt/pubads_impl_162.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 18:42:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 65960
x-xss-protection: 1; mode=block
expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
H/1.1 200
OK mtrcs_886118.js Show response
s240.mxcdn.net/bb-mx/serve/ 105 KB
41 KB 16ms
6ms Script
text/javascript 92.123.93.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s240.mxcdn.net/bb-mx/serve/mtrcs_886118.js
Requested by: Host: s240.meetrics.net
URL: http://s240.meetrics.net/bb-mx/prime/mtrcs_886118.js?pjid=886118&size=all&place=neon&adc=_default&cb=0.6733788073724785
Protocol: HTTP/1.1
Server: 92.123.93.31 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-31.deploy.akamaitechnologies.com
Software: nginx /
Resource Hash: b1e2b9fb047a5990c7720504f3ef9dfdc7906dd71fa3206326dbe5e698df76c2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: s240.mxcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=27235
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 41524
Expires: Thu, 26 Oct 2017 09:58:54 GMT

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
0 25ms
13ms XHR
text/plain 178.250.2.89
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=26&profileId=184&cb=77481427696
Requested by: Host: static.emsservice.de
URL: http://static.emsservice.de/criteo/publishertags.js?rnd=0.39074042183171986
Protocol: HTTP/1.1
Server: 178.250.2.89 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Origin: http://www.neon.de
Accept-Encoding: gzip, deflate
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Content-Length: 429
Referer: http://www.neon.de/violet1984
Origin: http://www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: http://www.neon.de
Date: Thu, 26 Oct 2017 02:24:59 GMT
X-Cnection: close
Access-Control-Allow-Credentials: true
Server: Finatra
Content-Length: 0
Vary: Origin

GET
H2 200 neon.json Show response
static.emsservice.de/teasertemplates/ 1 KB
1 KB 6ms
6ms XHR
application/octet-stream 92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.emsservice.de/teasertemplates/neon.json
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b4238f49bb9f528e2333d8f3a7f248df30928638ab95152b58c0408b06c16e09

Request headers

:path: /teasertemplates/neon.json
pragma: no-cache
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: static.emsservice.de
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Accept: */*
Referer: http://www.neon.de/violet1984
Origin: http://www.neon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
x-amz-meta-cb-modifiedtime: Thu, 19 Jan 2017 14:09:09 GMT
status: 200
content-length: 1494
last-modified: Mon, 20 Feb 2017 16:44:02 GMT
server: AmazonS3
etag: "c071b0344eac283d74da7158e031ec2c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=11921
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Q72mhKlizvdf4bsNYuv8GWB902KjleYzrww1WYVEMgCj6kBJcHhiYQ==
expires: Thu, 26 Oct 2017 05:43:40 GMT

GET
H/1.1 200
OK submit
dc7.s240.meetrics.net/bb-mx/ 43 B
43 B 16ms
1ms Image
image/gif 148.251.195.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc7.s240.meetrics.net/bb-mx/submit?/Z2uOBJAAA8whFo0F0wF6vAv3E33FuuElvFuuBklFv2EpvFslF0xB54A0BEfpyF+k2FmywAx3AtxAwtAy1AtxAx6A13At4A42AxxA4tAyuAw5A4tAxhE0kEyyAh3ByqhFx1Aw4A54A02A55A03A44A42AxxA4BE/k0FEBxgAwqFpkF94A42AxxA4mAzpF6lF9hEssFmwEshFjlF9uElvFumBhkFj9BfkFlmFh1Fs0FmjEi9BwuA23AzzA34A4wA3zA3yA03A41ALquFsL2wFBLl1FC/2xFMCylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgBjzFzfF3lFirFp0FTkzF7FAAAAAAAZwSwSAPAAAAAAAAAOAAAAGBAAAAAAZwSwSABPCAAAAAAAAB4wbARksF/bAAAAAAAAAAAAEAAA4wbAAAAAAAAAEAulFvuFAADAhsFsBFAAIAfkFlmFh1Fs0F
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h353.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc7.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Thu, 26 Oct 2017 02:24:58 GMT

GET
H2

200

__utm.gif
stats.g.doubleclick.net/r/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.0dc&utms=1&utmn=821449795&utmhn=www.neon.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NEON%20Co...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.0dc&utms=1&utmn=821449795&utmhn=www.neon.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NEON%20C...

35 B
53 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c04::9a
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.0dc&utms=1&utmn=821449795&utmhn=www.neon.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&utmhid=217980022&utmr=-&utmp=%2Fviolet1984&utmht=1508984699595&utmac=UA-2628742-1&utmcc=__utma%3D261612178.1294442649.1508984700.1508984700.1508984700.1%3B%2B__utmz%3D261612178.1508984700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=555827241&utmredir=3&utmu=qCUAAAABAAAAAAAAAAAAAAAE~

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c04::9a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /r/__utm.gif?utmwv=5.7.0dc&utms=1&utmn=821449795&utmhn=www.neon.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&utmhid=217980022&utmr=-&utmp=%2Fviolet1984&utmht=1508984699595&utmac=UA-2628742-1&utmcc=__utma%3D261612178.1294442649.1508984700.1508984700.1508984700.1%3B%2B__utmz%3D261612178.1508984700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=555827241&utmredir=3&utmu=qCUAAAABAAAAAAAAAAAAAAAE~
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: stats.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 26 Oct 2017 02:24:59 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.0dc&utms=1&utmn=821449795&utmhn=www.neon.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&utmhid=217980022&utmr=-&utmp=%2Fviolet1984&utmht=1508984699595&utmac=UA-2628742-1&utmcc=__utma%3D261612178.1294442649.1508984700.1508984700.1508984700.1%3B%2B__utmz%3D261612178.1508984700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=555827241&utmredir=3&utmu=qCUAAAABAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 37ms
37ms Script
text/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=1x1&ists=1&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Doop1%26autoNative%3Dfalse%26pos%3D1%26oba%3D86699290&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie_enabled=1&abxe=1&lmt=1508984699&dt=1508984699631&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=1569640927&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=32&icsg=34372324387&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

fc9976034ec908098389ab08ab1fc1dd5a547439e9318f436637d4cd069acc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=1x1&ists=1&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Doop1%26autoNative%3Dfalse%26pos%3D1%26oba%3D86699290&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie_enabled=1&abxe=1&lmt=1508984699&dt=1508984699631&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=1569640927&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=32&icsg=34372324387&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1779
x-xss-protection: 1; mode=block
google-lineitem-id: 113101584
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 60235619664
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Oct-2017 02:39:59 GMT; path=/; domain=.doubleclick.net
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_162.js Show response
securepubads.g.doubleclick.net/gpt/ 28 KB
11 KB 14ms
13ms Script
text/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_162.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

eb0de02ef3d09319cff4297b98c712606f815453eb8345d394933f719194ba1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gpt/pubads_impl_rendering_162.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 18:42:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 10842
x-xss-protection: 1; mode=block
expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 45ms
45ms Script
text/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=728x600&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dwp1%26autoNative%3Dfalse%26pos%3D1%26oba%3D79225559&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie_enabled=1&abxe=1&lmt=1508984699&dt=1508984699638&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3905001908&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=34&icsg=44014837435427&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

04f67041b5272ee6aeec978c7d3295ecc2030de42b4570c499992b67ba683f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=728x600&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dwp1%26autoNative%3Dfalse%26pos%3D1%26oba%3D79225559&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie_enabled=1&abxe=1&lmt=1508984699&dt=1508984699638&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3905001908&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=34&icsg=44014837435427&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1825
x-xss-protection: 1; mode=block
google-lineitem-id: 82358904
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 44498056704
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Oct-2017 02:39:59 GMT; path=/; domain=.doubleclick.net
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3p_cookie.html
securepubads.g.doubleclick.net/static/ 223 B
185 B 6ms
5ms Other
text/html 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/3p_cookie.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/3p_cookie.html
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Purpose: prefetch
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Wed, 25 Oct 2017 19:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25961
status: 200
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 176
x-xss-protection: 1; mode=block
server: sffe
etag: "1502910952331160"
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=43200
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2017 07:12:18 GMT

GET
H/1.1 200
OK p.min.js Show response
cdn.emetriq.de/adp/profiling/0.1.13/ 4 KB
2 KB 186ms
12ms Script
application/javascript 2600:9000:2001:6c00:1c:8c89:a300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.emetriq.de/adp/profiling/0.1.13/p.min.js
Requested by: Host: ups.xplosion.de
URL: http://ups.xplosion.de/loader/13262/default.js?_0.6553887931181144&xplrdir=1
Protocol: HTTP/1.1
Server: 2600:9000:2001:6c00:1c:8c89:a300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03f56c523e42f36e912b7109c0a97e43703d78c0884f59c07ff115e590e9fd7f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.emetriq.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 31 May 2017 11:12:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 11:21:30 GMT
Server: AmazonS3
Age: 12755578
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: FiFeAFfpoMZPPyU16IPZd0oUAvReA_Mm
Via: 1.1 dd2e87141f0c93647821ace3080db8c7.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, no-transform, public
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
X-Amz-Cf-Id: Su-qDlX8efs9eMQgeuw_RqOz-8VQcEbX1zMSNUaq8imO6BhRTHLr6w==

GET
H/1.1 200
OK PLISTA_FLYAD.js Show response
static.plista.com/async/ 35 KB
11 KB 1ms
0ms Script
application/javascript 136.243.46.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://static.plista.com/async/PLISTA_FLYAD.js

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

HTTP/1.1

Server

136.243.46.163 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.163.46.243.136.clients.your-server.de

Software

nginx /

Resource Hash

9a68d0b8c2f107dc4b96552df6c5924908c96f005963dab3f345ba9461dc7f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.plista.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

X-Plista-Versions: plista-plugin- libplista-php-6.4.1
Date: Thu, 26 Oct 2017 02:19:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 321
X-Plista-Node: 851
Connection: close
Content-Length: 10947
Last-Modified: Thu, 26 Oct 2017 02:19:37 GMT
Server: nginx
Vary: Accept-Encoding
X-Varnish: 165897228 167769284
Via: 1.1 varnish-v4
Cache-Control: public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Expires: Fri, 27 Oct 2017 02:19:38 GMT

GET
DATA 200
OK truncated
/ Frame 1542 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cd84217a7690c0d1071d8b067749c4d40e3182f0bd9b8602f6b172c7a03704e

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 80 KB
29 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:816::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

9fabe13c5ec460db21f0a9f8ca82557238f95d216ceecdea245f6aa53009308f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 26 Oct 2017 02:04:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 1205
ETag: 3737912977758499713
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 29905
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2017 03:04:54 GMT

GET
H2

200

platzhalter.gif
static.emsservice.de/systempixel/ Frame 1542
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZPnTJnZhFVAmZ4oQcydlFt0S6HHPb7yZ9motfdoIP7owPwVQSREhSqwaWJPtp9CHH18KDf4bp1RNlyqxxAxwB8M-BUAR62MTDhKuOaQt8g31ROeHxos4ZsAu1Po3UOEr0EXuknkKrw...
https://static.emsservice.de/systempixel/platzhalter.gif

43 B
61 B

23ms
7ms

Image
image/gif

92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.emsservice.de/systempixel/platzhalter.gif
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:path: /systempixel/platzhalter.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: static.emsservice.de
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
status: 200
content-length: 43
last-modified: Wed, 04 Nov 2015 15:37:19 GMT
server: AmazonS3
etag: "325472601571f31e1bf00674c368d335"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=27635
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: XfDe5phrHiMCYdwk3ZStM5_9yPDmwCmJyOOC4f4lGZvFR6oKC6hoHg==
expires: Thu, 26 Oct 2017 10:05:34 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 26 Oct 2017 02:24:59 GMT
x-content-type-options: nosniff
server: cafe
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://static.emsservice.de/systempixel/platzhalter.gif
cache-control: private
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe; expires=Sat, 26-Oct-2019 02:24:59 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.google.de/ads/user-lists/1045330736/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1045330736/?random=1508984699701&cv=8&fst=1508984699701&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u...
https://www.google.com/ads/user-lists/1045330736/?random=1508984699701&cv=8&fst=1508983200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmi...
https://www.google.de/ads/user-lists/1045330736/?random=1508984699701&cv=8&fst=1508983200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmim...

43 B
81 B

26ms
14ms

Script
text/javascript

2a00:1450:4001:816::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/ads/user-lists/1045330736/?random=1508984699701&cv=8&fst=1508983200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&tiba=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&fmt=4&cdct=2&is_vtc=1&random=92738863&ipr=y&ulfeg=n

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/user-lists/1045330736/?random=1508984699701&cv=8&fst=1508983200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&tiba=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&fmt=4&cdct=2&is_vtc=1&random=92738863&ipr=y&ulfeg=n
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google.de
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: adclick_server
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, no-store, must-revalidate
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 63
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 26 Oct 2017 02:24:59 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/user-lists/1045330736/?random=1508984699701&cv=8&fst=1508983200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&tiba=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&fmt=4&cdct=2&is_vtc=1&random=92738863&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 667
x-xss-protection: 1; mode=block
expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
H/1.1 200
OK checkSegments.min.js Show response
static-tagr.gd1.mookie1.com/s1/sas/lh1/ 1 KB
558 B 20ms
5ms Script
text/javascript 23.8.10.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegments.min.js
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.10.251 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-10-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: d18486f4b388cc8b252dee5904a10a8aa0007e9cddad66644420a0c8f2a8d3d1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static-tagr.gd1.mookie1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2016 14:26:27 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "ee02f8-43c-5406657c62ac0"
ntCoent-Length: 1084
Vary: Accept-Encoding
P3P: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
Cache-Control: private, max-age=73291
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 558

GET
H/1.1 200
OK Cookie set learn
de-gmtdmp.mookie1.com/t/v2/ 43 B
43 B 27ms
8ms Image
image/gif 52.57.86.190
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_343&src.rand=1508984699704&src.id=SOM
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 52.57.86.190 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-86-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de-gmtdmp.mookie1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
P3P: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
Set-Cookie: id=11411628874796788923; Domain=.mookie1.com; Expires=Sun, 25-Nov-2018 02:24:59 GMT; Path=/ mdata=1|11411628874796788923|1508984699726; Domain=.mookie1.com; Expires=Sun, 25-Nov-2018 02:24:59 GMT; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
X-Application-Context: application
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/ Frame 1542 34 KB
13 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

dd1007d5201022f283db040729b32ddc0b2bbc01d30acc64c3f7e281a14193a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/js/r20171023/r20110914/activeview/osd_listener.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Mon, 23 Oct 2017 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 13071
x-xss-protection: 1; mode=block
server: cafe
etag: 5066275195817558928
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2017 13:12:39 GMT

GET
H2 200 dot.gif
static.emsservice.de/systempixel/ Frame 1542 43 B
61 B 30ms
6ms Image
image/gif 92.123.92.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.emsservice.de/systempixel/dot.gif
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.123.92.14 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-14.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:path: /systempixel/dot.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: static.emsservice.de
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
status: 200
content-length: 43
last-modified: Wed, 04 Nov 2015 15:37:31 GMT
server: AmazonS3
etag: "325472601571f31e1bf00674c368d335"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=24314
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: lTwLV_qFfdQecOffsC5-RusTCIGYE4VEkQwMTBZh72dnGiTY12Vd4A==
expires: Thu, 26 Oct 2017 09:10:13 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1542 0
0 14ms
14ms Image
text/html 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6iodK4zrCLVoM8knsZxcpmbTnxQoLb7wg6JHjc8nB6syz07FU9EBdvNBpRIbc5r4aU2mjT0ybc1GwXDuFk6vrS8Fs8TqzyWPa6ipQf4td4Mr75cSzlIJ9Ku_SrG5Cj1_780JlNC27y1b0tnvaZMQ2eGqe67406xmtdFcEfpB1oZ9LrU3RWgUE4b-6ufVVPoDTJ3DJfIdv-A-Z1AtTNLjfyj4vWMSdbw&sig=Cg0ArKJSzB7nSKiT0WRWEAE&urlfix=1&adurl=

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pcs/view?xai=AKAOjss6iodK4zrCLVoM8knsZxcpmbTnxQoLb7wg6JHjc8nB6syz07FU9EBdvNBpRIbc5r4aU2mjT0ybc1GwXDuFk6vrS8Fs8TqzyWPa6ipQf4td4Mr75cSzlIJ9Ku_SrG5Cj1_780JlNC27y1b0tnvaZMQ2eGqe67406xmtdFcEfpB1oZ9LrU3RWgUE4b-6ufVVPoDTJ3DJfIdv-A-Z1AtTNLjfyj4vWMSdbw&sig=Cg0ArKJSzB7nSKiT0WRWEAE&urlfix=1&adurl=
pragma: no-cache
cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Oct 2017 02:24:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/webp

GET
H/1.1 200
OK Cookie set async_lib.js Show response
farm.plista.com/ 8 KB
2 KB 114ms
112ms Script
application/javascript 2a01:4f8:202:42d4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://farm.plista.com/async_lib.js?json=%7B%22name%22%3A%22PLISTA_FLYAD%22%2C%22req%22%3A%5B%5B%22widgetload%22%2C%7B%22widgets%22%3A%5B%22flyad%22%5D%2C%22rw%22%3Atrue%2C%22ab%22%3A0%2C%22vo%22%3Atrue%2C%22pm%22%3Atrue%2C%22sc%22%3A%221600x1200%22%2C%22px%22%3A1%2C%22nc%22%3Atrue%2C%22fc%22%3Afalse%2C%22wb%22%3Atrue%2C%22vp%22%3Atrue%2C%22ww%22%3A1585%7D%5D%5D%2C%22publickey%22%3A%22ce1d8c68b302119a86dc63ce%22%2C%22rev%22%3A0%7D&x=1508984699731
Requested by: Host: static.plista.com
URL: http://static.plista.com/async/PLISTA_FLYAD.js
Protocol: HTTP/1.1
Server: 2a01:4f8:202:42d4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: plistaweb /
Resource Hash: 5b5ad8ca00e41194d44da8417cbae6363ba8e96c46fc2b1804df51dadecfd737

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: farm.plista.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 02:24:59 GMT
Server: plistaweb
Connection: close
P3P: policyref="http://www.plista.com/w3c/p3p.xml", CP="CAO DSP COR TAIa PSAa PSDa IVAi IVDi CONi HISa OUR IND PHY ONL UNI COM NAV INT DEM STA PRE"
Cache-Control: no-cache, must-revalidate
Set-Cookie: Pookie=8961a7f179d1d017ac27fJ33E97P6bKCjkP3ou66; expires=Fri, 26-Oct-2018 02:24:59 GMT; Max-Age=31536000; path=/; domain=.plista.com
Content-Type: application/javascript; charset=utf-8
Content-Length: 2337
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Cookie set jpt Show response
ib.adnxs.com/ 62 B
62 B 12ms
6ms Script
application/javascript 37.252.172.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/jpt?id=8843617&callback=window.top.xaxS.auctionResult&cb=4736033759

Requested by

Host: static-tagr.gd1.mookie1.com
URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegments.min.js

Protocol

HTTP/1.1

Server

37.252.172.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4e716febebdb4f5305e85790bc125498a60f849f32ebae9bca0e1f909e3c9fe7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:01 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.71:80
AN-X-Request-Uuid: cf6922e3-597e-4c19-bd17-fc9be517c4a4
Server: nginx/1.13.4
Connection: keep-alive
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Set-Cookie: anj=dTM7k!M4/8DYRWSF']wIg2IlhHZ)<V!@wnf]meq8dWME4(EW<KOsksi; Path=/; Max-Age=7776000; Expires=Wed, 24-Jan-2018 02:25:01 GMT; Domain=.adnxs.com; HttpOnly icu=ChgI8ckYEAoYASABKAEw_Y7FzwU4AUABSAEQ_Y7FzwUYAA..; Path=/; Max-Age=7776000; Expires=Wed, 24-Jan-2018 02:25:01 GMT; Domain=.adnxs.com; HttpOnly sess=1; Path=/; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:25:01 GMT; Domain=.adnxs.com; HttpOnly uuid2=7527538192332873137; Path=/; Max-Age=7776000; Expires=Wed, 24-Jan-2018 02:25:01 GMT; Domain=.adnxs.com; HttpOnly
Content-Type: application/javascript; charset=utf-8
Content-Length: 62
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set t.js Show response
dmp.theadex.com/d/7895/d/ 43 B
74 B 15ms
14ms Script
application/javascript 89.163.159.102
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dmp.theadex.com/d/7895/d/t.js
Requested by: Host: dmp.theadex.com
URL: http://dmp.theadex.com/d/810/3277/s/adex.js
Protocol: HTTP/1.1
Server: 89.163.159.102 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 64e76b5f5d18e4f580ec2b8e1e9d8eab4fd803859cfa846254d12a29ffeb4317

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dmp.theadex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 02:24:59 GMT
Server: nginx
Vary: User-Agent
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Set-Cookie: axd=1001015090424590020; expires=Fri, 26-Oct-2018 02:24:59 GMT; Max-Age=31536000; path=/; domain=.theadex.com
Cache-Control: private post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET /
dmp.theadex.com/r/810/3277/ Frame 1542 0
0

GET
H/1.1

200
OK

pinit.js Show response
assets.pinterest.com/js/
Redirect Chain

http://assets.pinterest.com/js/pinit.js?_=1508984699808
https://assets.pinterest.com/js/pinit.js?_=1508984699808

355 B
286 B

23ms
6ms

Script
application/javascript

2600:1480:4000:41::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js?_=1508984699808
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1480:4000:41:: , United States, ASN33905 (AKAMAI-AMS, EU),
Reverse DNS
Software: /
Resource Hash: 31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Content-Encoding: gzip
X-CDN: akamai
ETag: "931070e36fce60f2d86c78abe608ca38"
Vary: Accept-Encoding Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CDN
Cache-Control: max-age=184
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286

Redirect headers

Location: https://assets.pinterest.com/js/pinit.js?_=1508984699808
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 120 KB
35 KB 12ms
6ms Script
application/javascript 192.229.233.25
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js?_=1508984699809
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol: HTTP/1.1
Server: 192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A8) /
Resource Hash: 36a885bb45726b0f1b5f0b96271e2eb3eb34893964697f6a06e985b838dd16fe

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Oct 2017 21:37:06 GMT
Server: ECS (fcn/41A8)
Etag: "4f979daaadc1c760643be45572c9b301+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35411

GET
H2

200

all.js Show response
connect.facebook.net/de_DE/
Redirect Chain

http://connect.facebook.net/de_DE/all.js
https://connect.facebook.net/de_DE/all.js

195 KB
61 KB

23ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

87784b3c445b00c4918fe025d613678fbe2c469018996d12d809e26a7d9f54d6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /de_DE/all.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KkIOYPiMeGLNtvDcaa/rpw==
status: 200
content-length: 62294
x-xss-protection: 0
x-fb-debug: nz+WtswUjIXzkR1RuCB0N6NWe5zPGzZPslAKtnyjKC5TwPL77lXIAE4iyj/raGYY4sfUfGm4phxaYfVZuVVV/Q==
x-fb-content-md5: 3748b2e9599c4d089aecdd7578b255cd
x-frame-options: DENY
date: Thu, 26 Oct 2017 02:24:59 GMT
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "91895b489f43508d41a832b7c8128a5d"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Thu, 26 Oct 2017 02:37:42 GMT

Redirect headers

Location: https://connect.facebook.net/de_DE/all.js
Non-Authoritative-Reason: HSTS

GET
H2 200 plusone.js Show response
apis.google.com/js/ 45 KB
17 KB 54ms
30ms Script
application/javascript 2a00:1450:4001:816::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

035594f8bd9103cd72f6380efeaf5bdd123753f3b2ca202e638d0905f8cf074c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/plusone.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: apis.google.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "651173d249a1cc7e5ee0e014bea598e3"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
set-cookie: NID=115=pkMVZ8fJfpcaxjuHyvIRQ2SxNYlX9Rh_CGOe0O64vTBc7NZlXQOR3Twsgi6Ka7pmbjrEK9fCJeqggWiiD0LZlnGXlXvH3nBg51aGRsI-hUWog-OAfQkk6ngelG5CGoF6;Domain=.google.com;Path=/;Expires=Fri, 27-Apr-2018 02:24:59 GMT;HttpOnly
timing-allow-origin: *
expires: Thu, 26 Oct 2017 02:24:59 GMT

GET twitter_cookies.html
platform.twitter.com/widgets/ Frame 1542 0
0

GET
H2 200 settings Show response
syndication.twitter.com/ 57 B
91 B 126ms
107ms Fetch
application/json 104.244.42.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js?_=1508984699809

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

d442331ca710bdda5dfc13b7f65f78d601d0f9576d83a9eb1e628dcbbbbb2ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

:path: /settings
pragma: no-cache
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: syndication.twitter.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer: http://www.neon.de/violet1984
Origin: http://www.neon.de

Response headers

x-response-time: 101
date: Thu, 26 Oct 2017 02:24:59 GMT
content-encoding: gzip
last-modified: Thu, 26 Oct 2017 02:24:59 GMT
server: tsa_o
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.neon.de
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 475e3c902d5fcc22174997c1bc97e1fc
strict-transport-security: max-age=631138519
content-length: 82

GET
H/1.1 200
OK Cookie set data Show response
ups.xplosion.de/ 3 KB
1 KB 34ms
34ms Script
text/javascript 52.30.185.55
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ups.xplosion.de/data?title=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&hostSiteUrl=http%3A%2F%2Fwww.neon.de%2Fviolet1984&userAgent=5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20HeadlessChrome%2F62.0.3202.62%20Safari%2F537.36&userLang=en-US&color=24&os=Linux%20x86_64&timezone=0&screen=1200x1600&event_id=page_view&_sid=13262&_ver=0.1.13&_seg=jsonp&_=588971188917
Requested by: Host: cdn.emetriq.de
URL: http://cdn.emetriq.de/adp/profiling/0.1.13/p.min.js
Protocol: HTTP/1.1
Server: 52.30.185.55 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-185-55.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4f605cad7c11343a04d2abc9ab7547770bd77ee03bd8354c7d41ecff5092d28c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ups.xplosion.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:24:59 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID PSAo OUR SAMo BUS"
Access-Control-Allow-Origin: *
Set-Cookie: pid=BSaAEib3WiwZESJZWSf-BiUABifkBiUCBsfABifABifABfrr; Domain=.xplosion.de; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/ pid_short=aC0HaqIVa2_k_8yFwbWxyDW2__rr; Domain=.xplosion.de; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/ pid_signature=Bi_8WQ5jHiHdWSIDHQBkWif-WDf3HqwAWqUsHiHdwsUsEStlWSbAHJrr; Domain=.xplosion.de; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/ ep=WfFHe5dduSQ4vxyewEwe; Domain=.xplosion.de; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/ ignore_13262_1212426769="86400,1922181187"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_1305260825="86400,1305260825"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_567834344="86400,567834344"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_499874690="86400,1750475893"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_1808960101="86400,1068387283"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_527174912="86400,527174912"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_69077897="86400,1584062108"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_991459537="86400,991459537"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ throttle=0.5822762657488388; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/ ignore_13262_1289999537="86400,1289999537"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_549940574="86400,549940574"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ ignore_13262_991459537="86400,991459537"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ throttle=0.6598873322888149; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/ ignore_13262_991459537="86400,991459537"; Version=1; Max-Age=86400; Expires=Fri, 27-Oct-2017 02:24:59 GMT; Path=/ throttle=0.1383293930764502; Expires=Fri, 26-Oct-2018 02:24:59 GMT; Path=/
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1438

GET
H/1.1 200
OK PLISTA_FLYAD.js Show response
static.plista.com/async/module/bb85,fa4f/ 39 KB
10 KB 8ms
0ms Script
application/javascript 138.201.141.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://static.plista.com/async/module/bb85,fa4f/PLISTA_FLYAD.js

Requested by

Host: static.plista.com
URL: http://static.plista.com/async/PLISTA_FLYAD.js

Protocol

HTTP/1.1

Server

138.201.141.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.91.141.201.138.clients.your-server.de

Software

nginx /

Resource Hash

95d421b48f24e0acd311aad4ad367af7e8ef4e9f5c085473221b948dda115004

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.plista.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: Pookie=8961a7f179d1d017ac27fJ33E97P6bKCjkP3ou66
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

X-Plista-Versions: plista-plugin- libplista-php-7.2.5
Date: Thu, 26 Oct 2017 02:24:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 31
X-Plista-Node: 852
Connection: close
Content-Length: 10656
Last-Modified: Thu, 26 Oct 2017 02:24:27 GMT
Server: nginx
Vary: Accept-Encoding
X-Varnish: 650435825 650784478
Via: 1.1 varnish-v4
Cache-Control: public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Expires: Fri, 27 Oct 2017 02:24:28 GMT

GET
H/1.1

200
OK

pinit_main.js Show response
assets.pinterest.com/js/
Redirect Chain

http://assets.pinterest.com/js/pinit_main.js?0.5281924607041577
https://assets.pinterest.com/js/pinit_main.js?0.5281924607041577

63 KB
23 KB

7ms
6ms

Script
application/javascript

2600:1480:4000:41::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.5281924607041577
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1480:4000:41:: , United States, ASN33905 (AKAMAI-AMS, EU),
Reverse DNS
Software: /
Resource Hash: ebbf780afb4067d67c610a8db283b4f8563ae349f675b19f9de31b81b9a4661c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Content-Encoding: gzip
X-CDN: akamai
ETag: "41ce2e0723c6df13001ba436a0d60969"
Vary: Accept-Encoding Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CDN
Cache-Control: max-age=233
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23641

Redirect headers

Location: https://assets.pinterest.com/js/pinit_main.js?0.5281924607041577
Non-Authoritative-Reason: HSTS

GET
H2 200 /
www.facebook.com/impression.php/f2980ce76f21a58/ 43 B
75 B 56ms
43ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/impression.php/f2980ce76f21a58/?api_key=136065509795137&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /impression.php/f2980ce76f21a58/?api_key=136065509795137&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
x-xss-protection: 0
pragma: no-cache
x-fb-debug: c+yEA9mpTC39pKFeLMPf9cM9SkelZr+b6ZX05dOKBeHZ53p4diFOWxy7fBCKvbC92tbBEQvE1ghDq0MSHoIZCA==
date: Thu, 26 Oct 2017 02:24:59 GMT
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
public-key-pins-report-only: max-age=600; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="k2v657xBsOVe1PQRwOsHsw3bsGT2VzIqz5K+59sNQws="; pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; includeSubdomains; report-uri="http://reports.fb.com/hpkp/"
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.76p1PExEVeQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP1QPqp8osLxLcVajtLDo6bSGY2kQ/ 131 KB
46 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.76p1PExEVeQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP1QPqp8osLxLcVajtLDo6bSGY2kQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

ac10ab1ec172a8a43790546ececb9d80271d4adbfb4ca46aee469e3834525895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_/scs/apps-static/_/js/k=oz.gapi.de.76p1PExEVeQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP1QPqp8osLxLcVajtLDo6bSGY2kQ/cb=gapi.loaded_0
pragma: no-cache
cookie: NID=115=pkMVZ8fJfpcaxjuHyvIRQ2SxNYlX9Rh_CGOe0O64vTBc7NZlXQOR3Twsgi6Ka7pmbjrEK9fCJeqggWiiD0LZlnGXlXvH3nBg51aGRsI-hUWog-OAfQkk6ngelG5CGoF6
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: apis.google.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Tue, 24 Oct 2017 23:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Oct 2017 22:00:07 GMT
server: sffe
age: 97730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 47097
x-xss-protection: 1; mode=block
expires: Wed, 24 Oct 2018 23:16:09 GMT

GET hsBwMj6iLmk.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1542 0
0

GET
H/1.1 200
OK adrtxtag.min.js Show response
cdn.adrtx.net/ 828 B
828 B 60ms
30ms Script
application/javascript 52.48.43.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adrtx.net/adrtxtag.min.js
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 52.48.43.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-43-7.eu-west-1.compute.amazonaws.com
Software: akka-http/10.0.3 /
Resource Hash: 14c9fb6be804587aa687029332dfe13e733e96285aa470f4a8d0e6235f0cfe6f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn.adrtx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Wed, 25 Oct 2017 16:49:30 GMT
Last-Modified: Wed, 25 Oct 2017 16:49:30 GMT
Server: akka-http/10.0.3
ETag: "e7fc5a3642e62810fa5b76b97078a6d8"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=2678400, must-revalidate
Connection: keep-alive
Content-Length: 828

GET
H/1.1

200
OK

Cookie set a.js
d.df-srv.de/match/
Redirect Chain

http://d.df-srv.de/match/a.js?pid=42
http://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fd.df-srv.de%2Fmatch%2Fa.js%3Fpid%3D42%26l%3D1%26adition_vid%3D%25%25COOKIE%25%25
https://d.df-srv.de/match/a.js?pid=42&l=1&adition_vid=6481039932383819795

3 B
3 B

61ms
12ms

Image
application/javascript

2001:16e0:10a:1::c2:1
RKOM R-KOM Regens...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.df-srv.de/match/a.js?pid=42&l=1&adition_vid=6481039932383819795
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:16e0:10a:1::c2:1 , Germany, ASN12611 (RKOM R-KOM Regensburger Telekommunikations GmbH & Co. KG, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d.df-srv.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: i=37226421340; iS=37226421340
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:02 GMT
Server: nginx
Connection: close
P3P: CP="Contact Impact does not have a P3P policy.
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: i=37226421340; Max-Age=51840000; Domain=.df-srv.de; Path=/; Expires=Tue, 18 Jun 2019 02:25:02 GMT iS=37226421340; Domain=.df-srv.de; Path=/
Content-Type: application/javascript; charset=utf-8
Content-Length: 3
Expires: 0

Redirect headers

Location: https://d.df-srv.de/match/a.js?pid=42&l=1&adition_vid=6481039932383819795
Set-Cookie: UserID1=6481039932383819795;Path=/;Domain=.adfarm1.adition.com;Expires=Tue, 24-Apr-2018 02:24:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK Cookie set 2.gif
xpl.theadex.com/d/279/i/ 43 B
43 B 30ms
14ms Image
image/gif 89.163.159.102
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xpl.theadex.com/d/279/i/2.gif?axd_pid=22&axd_fuid=BSaAEib3WiwZESJZWSf-BiUABifkBiUCBsfABifABifABfrr
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: HTTP/1.1
Server: 89.163.159.102 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xpl.theadex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: axd=1001015090424590020; tis=EP8%3A1516%7CEP59%3A1516
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
Last-Modified: Thu, 26 Oct 2017 02:24:59 GMT
Server: nginx
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Set-Cookie: axd=1001015090424590020; expires=Fri, 26-Oct-2018 02:24:59 GMT; Max-Age=31536000; path=/; domain=.theadex.com tis=EP8%3A1516%7CEP59%3A1516%7CEP22%3A1516; expires=Fri, 26-Oct-2018 02:24:59 GMT; Max-Age=31536000; path=/; domain=.theadex.com
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Content-Transfer-Encoding: binary
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content Cookie set m
p.yieldlab.net/ 0
0 32ms
16ms Image
text/plain 85.114.144.199
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.yieldlab.net/m?dm_id=23666&ext_id=BSaAEib3WiwZESJZWSf-BiUABifkBiUCBsfABifABifABfrr&ddata_seg=e0

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

HTTP/1.1

Server

85.114.144.199 , Germany, ASN24961 (MYLOC-AS, DE),

Reverse DNS

lb.yieldlab.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: p.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=be2e5afc-6f69-4d5a-87d3-c0d03d0525ff
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:24:59 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Set-Cookie: id=be2e5afc-6f69-4d5a-87d3-c0d03d0525ff;Path=/;Domain=yieldlab.net;Expires=Fri, 26-Oct-2018 02:24:59 GMT;Max-Age=31536000
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Wed, 25 Oct 2017 02:24:59 GMT

GET iframe.html
api.adrtx.net/thirdparty/ Frame 1542 0
0

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 1542 42 B
42 B 16ms
15ms Image
image/gif 2a00:1450:4001:816::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=BaMLWe0fxWbTxJ4PDzAbf74KQAgAAAAAQATgByAEJwAIC4AIA4AQBoAYg0ggFCIBhEAE&cid=CAASBORoZas&id=osdim&ti=1&uc=1&tgt=BODY&cl=1&cec=6&clc=0&cac=0&cd=0x0&r=u&adk=3905001908&tt=272&bs=1585,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=0,0,0,0&inapp=0&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&bos=1600,1200&ps=1585,1214&ss=1600,1200&pt=-1&deb=1-0-2-3-3--1&tvt=261&avms=geo&v=r20171023

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ping
www.facebook.com/connect/ Frame 1542 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 123ms
123ms Script
text/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=320x50%7C728x90%7C800x250&fluid=height&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dsb1%26autoNative%3Dfalse%26wp%3D2%26pos%3D1%26oba%3D88562225&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie=ID%3D8b9e8a3130d262ea%3AT%3D1508984699%3AS%3DALNI_MZFvKNurXT4h8KmvqB9C4mHnb4gkw&cookie_enabled=1&abxe=1&lmt=1508984700&dt=1508984700242&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=996014702&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=61&icsg=35197260172033&mso=32&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3526b50e6645e234e6a8a6812acd44ac06f706f6161dfd741d4daea0e65ef13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=320x50%7C728x90%7C800x250&fluid=height&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dsb1%26autoNative%3Dfalse%26wp%3D2%26pos%3D1%26oba%3D88562225&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie=ID%3D8b9e8a3130d262ea%3AT%3D1508984699%3AS%3DALNI_MZFvKNurXT4h8KmvqB9C4mHnb4gkw&cookie_enabled=1&abxe=1&lmt=1508984700&dt=1508984700242&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=996014702&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=61&icsg=35197260172033&mso=32&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true
pragma: no-cache
cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 4914
x-xss-protection: 1; mode=block
google-lineitem-id: 4378854861
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138214552967
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 186ms
186ms Script
text/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=320x50%7C300x250%7C300x600&fluid=height&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dhp1%26autoNative%3Dfalse%26pos%3D1%26oba%3D62289911&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie=ID%3D8b9e8a3130d262ea%3AT%3D1508984699%3AS%3DALNI_MZFvKNurXT4h8KmvqB9C4mHnb4gkw&cookie_enabled=1&abxe=1&lmt=1508984700&dt=1508984700246&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3560621337&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=62&icsg=35197260172033&mso=32&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

85db756cce9775accf2248a492eb1fcfc7582817ae877f7f2ffe19129b60d700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=320x50%7C300x250%7C300x600&fluid=height&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dhp1%26autoNative%3Dfalse%26pos%3D1%26oba%3D62289911&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie=ID%3D8b9e8a3130d262ea%3AT%3D1508984699%3AS%3DALNI_MZFvKNurXT4h8KmvqB9C4mHnb4gkw&cookie_enabled=1&abxe=1&lmt=1508984700&dt=1508984700246&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3560621337&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=62&icsg=35197260172033&mso=32&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true
pragma: no-cache
cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 4903
x-xss-protection: 1; mode=block
google-lineitem-id: 4378497073
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138214551524
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
6 KB 231ms
231ms Script
text/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=160x600&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dsk1%26autoNative%3Dfalse%26wp%3D2%26pos%3D1%26oba%3D56767615%26v501%3D64%26v601%3D62%26v701%3D61%26v702%3D57%26v703%3D53%26v801%3D60%26v802%3D56%26v901%3D59%26v1001%3D56%26v1002%3D52&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie=ID%3D8b9e8a3130d262ea%3AT%3D1508984699%3AS%3DALNI_MZFvKNurXT4h8KmvqB9C4mHnb4gkw&cookie_enabled=1&abxe=1&lmt=1508984700&dt=1508984700253&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=2256688689&gut=v2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=63&icsg=35197260172033&mso=32&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3b8c5795ad72f2ab90839a3c7a3d35192cc54808c83e6e2f324c40f87d425d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=4211296143754558&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&eid=108809103%2C108809155%2C21061070&sc=0&sfv=1-0-13&iu=%2F6032%2Fneon%2F_default&sz=160x600&ppid=00000000-0000-4000-8000-000000000000&scp=slotid%3Dsk1%26autoNative%3Dfalse%26wp%3D2%26pos%3D1%26oba%3D56767615%26v501%3D64%26v601%3D62%26v701%3D61%26v702%3D57%26v703%3D53%26v801%3D60%26v802%3D56%26v901%3D59%26v1001%3D56%26v1002%3D52&cust_params=ind%3Dyes%26zm%3D100%26host%3Dneon.de%26ffblock%3Dno&cookie=ID%3D8b9e8a3130d262ea%3AT%3D1508984699%3AS%3DALNI_MZFvKNurXT4h8KmvqB9C4mHnb4gkw&cookie_enabled=1&abxe=1&lmt=1508984700&dt=1508984700253&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=2256688689&gut=v2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.neon.de%2Fviolet1984&dssz=63&icsg=35197260172033&mso=32&std=0&vrg=162&vis=1&ga_vid=1294442649.1508984700&ga_sid=1508984700&ga_hid=217980022&ga_fc=true
pragma: no-cache
cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 6105
x-xss-protection: 1; mode=block
google-lineitem-id: 4453280119
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138214590665
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set 1.gif
dmp.theadex.com/d/810/3277/i/ 43 B
43 B 14ms
14ms Image
image/gif 89.163.159.102
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dmp.theadex.com/d/810/3277/i/1.gif?c=1001015090424590020&t=1&location=http%3A%2F%2Fwww.neon.de%2Fviolet1984&protocol=http%3A%2F%2F&date=1508984699&sw=1600&sh=1200&sd=24&pd=24&saw=1600&sah=1200&vw=1600&vh=1200&pmd=Die%20NEON%20Community%3A%20Jeden%20Tag%20schreiben%20User%20hier%20sch%C3%B6ne%2C%20ber%C3%BChrende%20und%20lustige%20Texte.%20Ver%C3%B6ffentliche%20auch%20du%20eigene%20Artikel%2C%20diskutiere%20und%20triff%20Freunde!&pmk=NEON%2CMagazin%2CCommunity%2CFreunde%2CArtikel%2CForum%2CGesellschaft%2CJugendkultur%2CLiebe%2CSex&pmo=NEON%2C%20Munich%2C%20Germany%3BNEON%20Magazin%20GmbH%201995-2011&pmt=NEON%20Community%20-%20Schreiben%2C%20diskutieren%2C%20Freunde%20treffen&csource=8&r=690f3bb32fbe3606c9ba078075173b7e
Protocol: HTTP/1.1
Server: 89.163.159.102 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dmp.theadex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: axd=1001015090424590020; tis=EP8%3A1516%7CEP59%3A1516%7CEP22%3A1516
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:00 GMT
Last-Modified: Thu, 26 Oct 2017 02:25:00 GMT
Server: nginx
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Set-Cookie: axd=1001015090424590020; expires=Fri, 26-Oct-2018 02:25:00 GMT; Max-Age=31536000; path=/; domain=.theadex.com
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Content-Transfer-Encoding: binary
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1542 10 KB
5 KB 84ms
40ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfscript/?bn=19923671;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214552967%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstn7kebSv7MyeNbYNw3gvDNybjJEoV47AC1bp7l0fkzHjaRTxeR09btVKSKvoyRliQqfCRJZziIlG8MQzeXFwYelcXIBzRC6E8cwpueYMfLlpuNxwkW1V8QjR-8YzQ89sXeJV8DD1gmTuy2HqajW_pvLB52gdW5RR4aq-QY1IKqLB2-fJ2IoQQwchALdbUcz_924FNR3Y9YxFjftIwGru3-VCeUMBN9W7QEBLhG6oPAxETNsg%2526sig%253DCg0ArKJSzLUJMqus9dzLEAE%2526urlfix%253D1%2526adurl%253D
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 69588be7de3705f1e42e4b20f8ce106f8d88e437af559863165644fa2ec5fe9b

Request headers

:path: /adfscript/?bn=19923671;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214552967%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstn7kebSv7MyeNbYNw3gvDNybjJEoV47AC1bp7l0fkzHjaRTxeR09btVKSKvoyRliQqfCRJZziIlG8MQzeXFwYelcXIBzRC6E8cwpueYMfLlpuNxwkW1V8QjR-8YzQ89sXeJV8DD1gmTuy2HqajW_pvLB52gdW5RR4aq-QY1IKqLB2-fJ2IoQQwchALdbUcz_924FNR3Y9YxFjftIwGru3-VCeUMBN9W7QEBLhG6oPAxETNsg%2526sig%253DCg0ArKJSzLUJMqus9dzLEAE%2526urlfix%253D1%2526adurl%253D
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
set-cookie: C=1; expires=Sun, 26-Nov-2017 03:25:00 GMT; path=/ adtrc=1; domain=adform.net; expires=Thu, 02-Nov-2017 03:25:00 GMT; path=/
content-type: text/javascript; charset=utf-8
content-length: 5036
expires: -1

GET
H2 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/ Frame 1542 34 KB
0 29ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

dd1007d5201022f283db040729b32ddc0b2bbc01d30acc64c3f7e281a14193a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/js/r20171023/r20110914/activeview/osd_listener.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET

Response headers

date: Mon, 23 Oct 2017 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 13071
x-xss-protection: 1; mode=block
server: cafe
etag: 5066275195817558928
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2017 13:12:39 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1542 0
0 17ms
17ms Image
text/html 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGalqDXgNpw2H60Y3Mn8YWlyhdkupwrGgZ2DgIOVGhJ05Vv3d4nq2-BnuCKw_NrbFiEhWLAu-V0Tyu9WLDYZC5SFbiXyxWXcFjgzniYp0R-T6keXCJv7WJzEHtHY5dWXJzubTLSX_ui5f4QZNjJXOov-AN8M1dYHqDXRoUn4Jue_CXInEST72L9EmxYH3-aFtwMCqZlxL3WBDRMmi6u4Je-GA3gW0cOGTJUWB3Q10KcA7m1gAm2CRmBTGzKogY2hSdkg0LSjnSaA&sig=Cg0ArKJSzI8oX3QmYp_UEAE&urlfix=1&adurl=

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pcs/view?xai=AKAOjstGalqDXgNpw2H60Y3Mn8YWlyhdkupwrGgZ2DgIOVGhJ05Vv3d4nq2-BnuCKw_NrbFiEhWLAu-V0Tyu9WLDYZC5SFbiXyxWXcFjgzniYp0R-T6keXCJv7WJzEHtHY5dWXJzubTLSX_ui5f4QZNjJXOov-AN8M1dYHqDXRoUn4Jue_CXInEST72L9EmxYH3-aFtwMCqZlxL3WBDRMmi6u4Je-GA3gW0cOGTJUWB3Q10KcA7m1gAm2CRmBTGzKogY2hSdkg0LSjnSaA&sig=Cg0ArKJSzI8oX3QmYp_UEAE&urlfix=1&adurl=
pragma: no-cache
cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Oct 2017 02:25:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1542 10 KB
5 KB 41ms
41ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfscript/?bn=19923667;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214551524%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssR9vHBajd6wKEQEEuRrcEfgYJFK9BivNM-xbmZWTop1WTmugYT2UkYGKxNYium3A7w5J6Ro4LK-UJAuV-jJxupZhslVB63bTqvUEITAcpiTlq4R1-CFu2Wik-cnLjXQFHoTHkC1sP43OpkS5Tq2lBh0cqC7ISrdsPWxL0LrhEvAqCGKxp6C7JzqWdEGUYFTQm2pEQjhmcU8mdAL91WvTcujOgQHZoe2g26fgVLb5zg2FkIPQ%2526sig%253DCg0ArKJSzIj-4B6YNeRqEAE%2526urlfix%253D1%2526adurl%253D
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: b566970e92da13f9686c621ef539a8993df8e3fbf5811a7e36c8032fb754f05d

Request headers

:path: /adfscript/?bn=19923667;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214551524%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssR9vHBajd6wKEQEEuRrcEfgYJFK9BivNM-xbmZWTop1WTmugYT2UkYGKxNYium3A7w5J6Ro4LK-UJAuV-jJxupZhslVB63bTqvUEITAcpiTlq4R1-CFu2Wik-cnLjXQFHoTHkC1sP43OpkS5Tq2lBh0cqC7ISrdsPWxL0LrhEvAqCGKxp6C7JzqWdEGUYFTQm2pEQjhmcU8mdAL91WvTcujOgQHZoe2g26fgVLb5zg2FkIPQ%2526sig%253DCg0ArKJSzIj-4B6YNeRqEAE%2526urlfix%253D1%2526adurl%253D
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
set-cookie: C=1; expires=Sun, 26-Nov-2017 03:25:00 GMT; path=/ adtrc=1; domain=adform.net; expires=Thu, 02-Nov-2017 03:25:00 GMT; path=/
content-type: text/javascript; charset=utf-8
content-length: 5034
expires: -1

GET
H2 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/ Frame 1542 34 KB
0 29ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

dd1007d5201022f283db040729b32ddc0b2bbc01d30acc64c3f7e281a14193a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/js/r20171023/r20110914/activeview/osd_listener.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET

Response headers

date: Mon, 23 Oct 2017 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 13071
x-xss-protection: 1; mode=block
server: cafe
etag: 5066275195817558928
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2017 13:12:39 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1542 0
0 17ms
17ms Image
text/html 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttLG3sjOlNhu7tfuo1wPqe8XaM6Lje1m0HxBbgP22mjxLfDy4sxNQZoh-FfwB96XwoPPSWipOEeDoPh6JUx-2YUtRmq4s6__cZW34lzjj0lCtH1quVh_1dFRzaS2u_rcbDa6Tx8oeE5QXNTwr5offdcXSWbPPitj8plLXjnl51maPm1bZtMXAoTtXldvo6tdumgvpjXrTXzzQIFhmfo6feu9Jie8V9RGQ3OoCeB6qjjaYhM3_mp-f4qWZOUgtIlcv1vCwroSqlSg&sig=Cg0ArKJSzLelt5fzOu4XEAE&urlfix=1&adurl=

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pcs/view?xai=AKAOjsttLG3sjOlNhu7tfuo1wPqe8XaM6Lje1m0HxBbgP22mjxLfDy4sxNQZoh-FfwB96XwoPPSWipOEeDoPh6JUx-2YUtRmq4s6__cZW34lzjj0lCtH1quVh_1dFRzaS2u_rcbDa6Tx8oeE5QXNTwr5offdcXSWbPPitj8plLXjnl51maPm1bZtMXAoTtXldvo6tdumgvpjXrTXzzQIFhmfo6feu9Jie8V9RGQ3OoCeB6qjjaYhM3_mp-f4qWZOUgtIlcv1vCwroSqlSg&sig=Cg0ArKJSzLelt5fzOu4XEAE&urlfix=1&adurl=
pragma: no-cache
cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Oct 2017 02:25:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/603/s1.adform.net/ Frame 1542 29 KB
13 KB 88ms
41ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=19923671;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214552967%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstn7kebSv7MyeNbYNw3gvDNybjJEoV47AC1bp7l0fkzHjaRTxeR09btVKSKvoyRliQqfCRJZziIlG8MQzeXFwYelcXIBzRC6E8cwpueYMfLlpuNxwkW1V8QjR-8YzQ89sXeJV8DD1gmTuy2HqajW_pvLB52gdW5RR4aq-QY1IKqLB2-fJ2IoQQwchALdbUcz_924FNR3Y9YxFjftIwGru3-VCeUMBN9W7QEBLhG6oPAxETNsg%2526sig%253DCg0ArKJSzLUJMqus9dzLEAE%2526urlfix%253D1%2526adurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 221342ff9eb2140197c27c8350464937d861a0e81e4a3e57ef6aea245185a4cd

Request headers

:path: /stoat/603/s1.adform.net/bootstrap.js
pragma: no-cache
cookie: adtrc=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2017 07:01:53 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Fri, 27 Oct 2017 06:11:32 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/603/s1.adform.net/ Frame 1542 29 KB
13 KB 68ms
42ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=19923667;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214551524%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssR9vHBajd6wKEQEEuRrcEfgYJFK9BivNM-xbmZWTop1WTmugYT2UkYGKxNYium3A7w5J6Ro4LK-UJAuV-jJxupZhslVB63bTqvUEITAcpiTlq4R1-CFu2Wik-cnLjXQFHoTHkC1sP43OpkS5Tq2lBh0cqC7ISrdsPWxL0LrhEvAqCGKxp6C7JzqWdEGUYFTQm2pEQjhmcU8mdAL91WvTcujOgQHZoe2g26fgVLb5zg2FkIPQ%2526sig%253DCg0ArKJSzIj-4B6YNeRqEAE%2526urlfix%253D1%2526adurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 221342ff9eb2140197c27c8350464937d861a0e81e4a3e57ef6aea245185a4cd

Request headers

:path: /stoat/603/s1.adform.net/bootstrap.js
pragma: no-cache
cookie: adtrc=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2017 07:01:53 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Fri, 27 Oct 2017 06:11:32 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1542 10 KB
5 KB 21ms
21ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfscript/?bn=19929573;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214590665%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuWWp2wuiFRTqujbRCty-Sb9cwGc8YOod3aaP_bW6cRsPEdKEaYKYjtCd723ool_2oYgTleijhYF6N_DKYw4d8URMIPP4tYualPRwgaEKTbTBB0OUdtV2aposnJ7xpF-ZwJYwJVtuXgKnFbvHxmG2YwpTpKnEcOsQiccDHZQ42pxju3A2imUB10rc3n288qXrFfxL92ZJR_N78a4IP39LbaOgDsDDoBTSZ_-h_LnYmwipBY7g%2526sig%253DCg0ArKJSzLkTMyOH4TPuEAE%2526urlfix%253D1%2526adurl%253D
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 0b564294d18dc6d6e6f28f39ea67f29b6f1923194d037a33cd1a374b79f540dc

Request headers

:path: /adfscript/?bn=19929573;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214590665%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuWWp2wuiFRTqujbRCty-Sb9cwGc8YOod3aaP_bW6cRsPEdKEaYKYjtCd723ool_2oYgTleijhYF6N_DKYw4d8URMIPP4tYualPRwgaEKTbTBB0OUdtV2aposnJ7xpF-ZwJYwJVtuXgKnFbvHxmG2YwpTpKnEcOsQiccDHZQ42pxju3A2imUB10rc3n288qXrFfxL92ZJR_N78a4IP39LbaOgDsDDoBTSZ_-h_LnYmwipBY7g%2526sig%253DCg0ArKJSzLkTMyOH4TPuEAE%2526urlfix%253D1%2526adurl%253D
pragma: no-cache
cookie: C=1; adtrc=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/javascript; charset=utf-8
content-length: 5028
expires: -1

GET
H2 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/ Frame 1542 34 KB
0 29ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20171023/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

dd1007d5201022f283db040729b32ddc0b2bbc01d30acc64c3f7e281a14193a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/js/r20171023/r20110914/activeview/osd_listener.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET

Response headers

date: Mon, 23 Oct 2017 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 13071
x-xss-protection: 1; mode=block
server: cafe
etag: 5066275195817558928
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2017 13:12:39 GMT

GET
DATA 200
OK truncated
/ Frame 1542 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e266943478d985620c2d18e28a4fa32ffad7949c99f8de2397a0a8f23f2aae3

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK adx Show response
pubads.g.doubleclick.net/gampad/ 0
0 40ms
34ms Script
application/javascript 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pubads.g.doubleclick.net/gampad/adx?iu=/6032/neon/_default/inflow&sz=400x300&m=application/javascript&t=ind%3Dyes%26ffblock%3Dno%26&tile=1&c=1508984700515&_=1508984700515

Requested by

Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576

Protocol

HTTP/1.1

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:25:00 GMT
X-Content-Type-Options: nosniff
Google-MediationGroup-Id: -2
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Disposition: attachment; filename="f.txt"
Content-Length: 0
X-XSS-Protection: 1; mode=block
Google-LineItem-Id: -2
Pragma: no-cache
Server: cafe
Google-MediationTag-Id: -2
Google-Creative-Id: -2
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1542 0
0 16ms
16ms Image
text/html 216.58.210.2
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMY6dD8fAzFOx2AYOV4CmTzZsfLrI6oNVWt5EYi4TzIqza4i7YGy3LTx1K4E3FeUDXJMMGMZ-uaJuAPhu6R2Jo9S7XlPEfD4DZPvE06HJY4vRlKFccZUwjKb7K0AXELnH-vKtKHOnX0--nFF4w8gR4apLbvmwRBkB_PTyuS5TXuCy9jX-y4v-RPt4iL9YXg-759SW-lD4W7R1fwYw0jEiuLvumUMmRutjPv8Jv629mcZMS65l3cPRKYFU&sig=Cg0ArKJSzD-8Rv_aDMwrEAE&urlfix=1&adurl=

Requested by

Host: www.neon.de
URL: http://www.neon.de/violet1984

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pcs/view?xai=AKAOjstMY6dD8fAzFOx2AYOV4CmTzZsfLrI6oNVWt5EYi4TzIqza4i7YGy3LTx1K4E3FeUDXJMMGMZ-uaJuAPhu6R2Jo9S7XlPEfD4DZPvE06HJY4vRlKFccZUwjKb7K0AXELnH-vKtKHOnX0--nFF4w8gR4apLbvmwRBkB_PTyuS5TXuCy9jX-y4v-RPt4iL9YXg-759SW-lD4W7R1fwYw0jEiuLvumUMmRutjPv8Jv629mcZMS65l3cPRKYFU&sig=Cg0ArKJSzD-8Rv_aDMwrEAE&urlfix=1&adurl=
pragma: no-cache
cookie: IDE=AHWqTUn5HI-37SDN5FtSCJ5T42rg6AwOI7zkXibfqRTU-Xhyh9oXy7ao_pqVywEe
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Oct 2017 02:25:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 1542 42 B
42 B 14ms
14ms Image
image/gif 2a00:1450:4001:816::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=BihS9fEfxWfKaEuvgzAadrpuQCgAAAAAQATgByAEJwAIC4AIA4AQBoAYf0ggFCIBhEAE&cid=CAASEuRo4xx_1CSIQZXWY2EmbeK-Mw&id=osdim&ti=1&uc=1&tgt=BODY&cl=1&cec=9&clc=0&cac=0&cd=0x0&r=u&adk=2256688689&tt=373&bs=1585,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=0,0,0,0&inapp=0&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&bos=1600,1200&ps=1585,1214&ss=1600,1200&pt=427&deb=1-2-5-5-8-1&tvt=789&avms=geo&v=r20171023

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/603/s1.adform.net/ Frame 1542 29 KB
13 KB 24ms
24ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=19929573;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214590665%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuWWp2wuiFRTqujbRCty-Sb9cwGc8YOod3aaP_bW6cRsPEdKEaYKYjtCd723ool_2oYgTleijhYF6N_DKYw4d8URMIPP4tYualPRwgaEKTbTBB0OUdtV2aposnJ7xpF-ZwJYwJVtuXgKnFbvHxmG2YwpTpKnEcOsQiccDHZQ42pxju3A2imUB10rc3n288qXrFfxL92ZJR_N78a4IP39LbaOgDsDDoBTSZ_-h_LnYmwipBY7g%2526sig%253DCg0ArKJSzLkTMyOH4TPuEAE%2526urlfix%253D1%2526adurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 221342ff9eb2140197c27c8350464937d861a0e81e4a3e57ef6aea245185a4cd

Request headers

:path: /stoat/603/s1.adform.net/bootstrap.js
pragma: no-cache
cookie: adtrc=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2017 07:01:53 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Fri, 27 Oct 2017 06:11:32 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1542 6 KB
2 KB 22ms
22ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfserve/?CC=1&bn=19923671;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214552967%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstn7kebSv7MyeNbYNw3gvDNybjJEoV47AC1bp7l0fkzHjaRTxeR09btVKSKvoyRliQqfCRJZziIlG8MQzeXFwYelcXIBzRC6E8cwpueYMfLlpuNxwkW1V8QjR-8YzQ89sXeJV8DD1gmTuy2HqajW_pvLB52gdW5RR4aq-QY1IKqLB2-fJ2IoQQwchALdbUcz_924FNR3Y9YxFjftIwGru3-VCeUMBN9W7QEBLhG6oPAxETNsg%2526sig%253DCg0ArKJSzLUJMqus9dzLEAE%2526urlfix%253D1%2526adurl%253D;atdt=k0a44j1e3NlY5BSo9z4ofjb75PaK4Vpjt4U_98uszHVyVxFAk.lzXJJIneGffLMC7EZ3QHPBirTYKUowRslzhDOIdt__ljQlpRD.erboFen.fqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXjm_3xRUdFUFTc4s.Nzl998tp7ppfAaZ6m1CdC5MQjGejuTDRNzqbBdowmmsrhsui6.KQnu7KOVKvLG9mhORoVjnjk3nKxUC54qvStxz8DRulftckuyPBDjaY2ftckZZLQ084akJoEMhp29h1.Cq.6Hb9LarUqUdHz16rgPtFFg4Jh5DsAgB4WDJ.tG1MSubuYEpjl7pp0iJ3A0KFgBFY5BNlrAp5BNlan0Os5Apw.Efp;js=1;adfxid=1x;7713;set=en-US|en-US|1600X1200|0|800|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fwww.neon.de%2Fviolet1984
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8bd1487db66033b388bd314fc03760fd36949babf5902f4ad8706e7f707d7db0

Request headers

:path: /adfserve/?CC=1&bn=19923671;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214552967%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstn7kebSv7MyeNbYNw3gvDNybjJEoV47AC1bp7l0fkzHjaRTxeR09btVKSKvoyRliQqfCRJZziIlG8MQzeXFwYelcXIBzRC6E8cwpueYMfLlpuNxwkW1V8QjR-8YzQ89sXeJV8DD1gmTuy2HqajW_pvLB52gdW5RR4aq-QY1IKqLB2-fJ2IoQQwchALdbUcz_924FNR3Y9YxFjftIwGru3-VCeUMBN9W7QEBLhG6oPAxETNsg%2526sig%253DCg0ArKJSzLUJMqus9dzLEAE%2526urlfix%253D1%2526adurl%253D;atdt=k0a44j1e3NlY5BSo9z4ofjb75PaK4Vpjt4U_98uszHVyVxFAk.lzXJJIneGffLMC7EZ3QHPBirTYKUowRslzhDOIdt__ljQlpRD.erboFen.fqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXjm_3xRUdFUFTc4s.Nzl998tp7ppfAaZ6m1CdC5MQjGejuTDRNzqbBdowmmsrhsui6.KQnu7KOVKvLG9mhORoVjnjk3nKxUC54qvStxz8DRulftckuyPBDjaY2ftckZZLQ084akJoEMhp29h1.Cq.6Hb9LarUqUdHz16rgPtFFg4Jh5DsAgB4WDJ.tG1MSubuYEpjl7pp0iJ3A0KFgBFY5BNlrAp5BNlan0Os5Apw.Efp;js=1;adfxid=1x;7713;set=en-US|en-US|1600X1200|0|800|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fwww.neon.de%2Fviolet1984
pragma: no-cache
cookie: C=1; adtrc=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
set-cookie: cid=-8083007585276738545,0,0,0,0; expires=Mon, 25-Dec-2017 03:25:00 GMT; path=/ uid=-8083007585276738545; domain=adform.net; expires=Mon, 25-Dec-2017 03:25:00 GMT; path=/ TPC=1508984700575; domain=adform.net; expires=Thu, 02-Nov-2017 03:25:00 GMT; path=/
content-type: text/javascript; charset=utf-8
content-length: 2094
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1542 6 KB
2 KB 33ms
33ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfserve/?CC=1&bn=19923667;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214551524%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssR9vHBajd6wKEQEEuRrcEfgYJFK9BivNM-xbmZWTop1WTmugYT2UkYGKxNYium3A7w5J6Ro4LK-UJAuV-jJxupZhslVB63bTqvUEITAcpiTlq4R1-CFu2Wik-cnLjXQFHoTHkC1sP43OpkS5Tq2lBh0cqC7ISrdsPWxL0LrhEvAqCGKxp6C7JzqWdEGUYFTQm2pEQjhmcU8mdAL91WvTcujOgQHZoe2g26fgVLb5zg2FkIPQ%2526sig%253DCg0ArKJSzIj-4B6YNeRqEAE%2526urlfix%253D1%2526adurl%253D;atdt=k0a44j1e3NlY5BSo9z4ofjb75PaK4Vpjt4U_98uszHVyVxFAk.lzXJJIneGffLMC7EZ3QHPBirTYKUowRslzhDOIdt__ljQlpRD.erboFen.fqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXjm_3xRUdFUFTc4s.Nzl998tp7ppfAaZ6m1CdC5MQjGejuTDRNzqbBdowmmsrhsui6.KQnu7KOVKvLG9mhORoVjnjk3nKxUC54qvStxz8DRulftckuyPBDjaY2ftckZZLQ084akJoEMhp29h2pCSV0odm_dhrxbuJjkWxv5iJ3A0KAGYi1v20NI_.DJF_rTdycnxQwHCSFQ_01kKJA237lY5BSmxGY5BOgkLT0XxU..AVt;js=1;adfxid=2x;1758;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fwww.neon.de%2Fviolet1984
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: c2e472d29cc8e6923ae1473a92da908558efc03541270f105b592d6ae097724e

Request headers

:path: /adfserve/?CC=1&bn=19923667;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214551524%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssR9vHBajd6wKEQEEuRrcEfgYJFK9BivNM-xbmZWTop1WTmugYT2UkYGKxNYium3A7w5J6Ro4LK-UJAuV-jJxupZhslVB63bTqvUEITAcpiTlq4R1-CFu2Wik-cnLjXQFHoTHkC1sP43OpkS5Tq2lBh0cqC7ISrdsPWxL0LrhEvAqCGKxp6C7JzqWdEGUYFTQm2pEQjhmcU8mdAL91WvTcujOgQHZoe2g26fgVLb5zg2FkIPQ%2526sig%253DCg0ArKJSzIj-4B6YNeRqEAE%2526urlfix%253D1%2526adurl%253D;atdt=k0a44j1e3NlY5BSo9z4ofjb75PaK4Vpjt4U_98uszHVyVxFAk.lzXJJIneGffLMC7EZ3QHPBirTYKUowRslzhDOIdt__ljQlpRD.erboFen.fqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXjm_3xRUdFUFTc4s.Nzl998tp7ppfAaZ6m1CdC5MQjGejuTDRNzqbBdowmmsrhsui6.KQnu7KOVKvLG9mhORoVjnjk3nKxUC54qvStxz8DRulftckuyPBDjaY2ftckZZLQ084akJoEMhp29h2pCSV0odm_dhrxbuJjkWxv5iJ3A0KAGYi1v20NI_.DJF_rTdycnxQwHCSFQ_01kKJA237lY5BSmxGY5BOgkLT0XxU..AVt;js=1;adfxid=2x;1758;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fwww.neon.de%2Fviolet1984
pragma: no-cache
cookie: C=1; adtrc=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
set-cookie: cid=-8083007585276738534,0,0,0,0; expires=Mon, 25-Dec-2017 03:25:00 GMT; path=/ uid=-8083007585276738534; domain=adform.net; expires=Mon, 25-Dec-2017 03:25:00 GMT; path=/ TPC=1508984700576; domain=adform.net; expires=Thu, 02-Nov-2017 03:25:00 GMT; path=/
content-type: text/javascript; charset=utf-8
content-length: 2089
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1542 5 KB
2 KB 28ms
28ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfserve/?bn=19929573;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214590665%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuWWp2wuiFRTqujbRCty-Sb9cwGc8YOod3aaP_bW6cRsPEdKEaYKYjtCd723ool_2oYgTleijhYF6N_DKYw4d8URMIPP4tYualPRwgaEKTbTBB0OUdtV2aposnJ7xpF-ZwJYwJVtuXgKnFbvHxmG2YwpTpKnEcOsQiccDHZQ42pxju3A2imUB10rc3n288qXrFfxL92ZJR_N78a4IP39LbaOgDsDDoBTSZ_-h_LnYmwipBY7g%2526sig%253DCg0ArKJSzLkTMyOH4TPuEAE%2526urlfix%253D1%2526adurl%253D;atdt=k0a44j1e3NlY5BSo9z4ofjb75PaK4Vpjt4U_98uszHVyVxFAk.lzXJJIneGffLMC7EZ3QHPBirTYKUowRslzhDOIdt__ljQlpRD.erboFen.fqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXjm_3xRUdFUFTc4s.Nzl998tp7ppfAaZ6m1CdC5MQjGejuTDRNzqbBdowmmsrhsui6.KQnu7KOVKvLG9mhORoVjnjk3nKxUC54qvStxz8DRulftckuyPBDjaY2ftckZZLQ084akJoEMhp29hB6fSV0odm_dhrxbuJjkWxv5iJ3A0KAGYi1v20NI_.DJF_rTdycnxQwHCSFQ_01kKJA237lY5BSmxGY5BOgkLT0XxU..5Qk;js=1;adfxid=3x;4967;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fwww.neon.de%2Fviolet1984
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 9b559985c5e0100ad9fdd0994d2e7c91b6d22627a2c7e1e4b5daa0a3382c8dbc

Request headers

:path: /adfserve/?bn=19929573;click=http%3A%2F%2Fclkd.at%2F%3Fid%3D138214590665%26url%3Dhttps://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuWWp2wuiFRTqujbRCty-Sb9cwGc8YOod3aaP_bW6cRsPEdKEaYKYjtCd723ool_2oYgTleijhYF6N_DKYw4d8URMIPP4tYualPRwgaEKTbTBB0OUdtV2aposnJ7xpF-ZwJYwJVtuXgKnFbvHxmG2YwpTpKnEcOsQiccDHZQ42pxju3A2imUB10rc3n288qXrFfxL92ZJR_N78a4IP39LbaOgDsDDoBTSZ_-h_LnYmwipBY7g%2526sig%253DCg0ArKJSzLkTMyOH4TPuEAE%2526urlfix%253D1%2526adurl%253D;atdt=k0a44j1e3NlY5BSo9z4ofjb75PaK4Vpjt4U_98uszHVyVxFAk.lzXJJIneGffLMC7EZ3QHPBirTYKUowRslzhDOIdt__ljQlpRD.erboFen.fqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXjm_3xRUdFUFTc4s.Nzl998tp7ppfAaZ6m1CdC5MQjGejuTDRNzqbBdowmmsrhsui6.KQnu7KOVKvLG9mhORoVjnjk3nKxUC54qvStxz8DRulftckuyPBDjaY2ftckZZLQ084akJoEMhp29hB6fSV0odm_dhrxbuJjkWxv5iJ3A0KAGYi1v20NI_.DJF_rTdycnxQwHCSFQ_01kKJA237lY5BSmxGY5BOgkLT0XxU..5Qk;js=1;adfxid=3x;4967;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fwww.neon.de%2Fviolet1984
pragma: no-cache
cookie: C=1; adtrc=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
set-cookie: cid=-8083007585276738319,0,0,0,0; expires=Mon, 25-Dec-2017 03:25:00 GMT; path=/ uid=-8083007585276738319; domain=adform.net; expires=Mon, 25-Dec-2017 03:25:00 GMT; path=/ TPC=1508984700598; domain=adform.net; expires=Thu, 02-Nov-2017 03:25:00 GMT; path=/
content-type: text/javascript; charset=utf-8
content-length: 2057
expires: -1

GET
H/1.1 200
OK mtrcs_850799.js Show response
s240.meetrics.net/bb-mx/prime/ Frame 1542 2 KB
1 KB 2ms
2ms Script
text/javascript 136.243.5.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s240.meetrics.net/bb-mx/prime/mtrcs_850799.js?pjid=850799&place=ADID_4378854861&site=50691384&cid=138214552967&cpid=4378854861&size=BB&adc=51946584&cb=365141945&adv=92040864
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 136.243.5.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h234.meetrics.de
Software: nginx /
Resource Hash: 21b338808524676356626af2b582945141cfe1cdf23d80dd6d8788ae41db872f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:00 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1194
Expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
DATA 200
OK truncated
/ Frame 1542 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b07e5da75f2271ebe1eef0628da9b62c7c987a8ab35355347eca76dcd5ee4b9

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK mtrcs_850799.js Show response
s240.mxcdn.net/bb-mx/serve/ 106 KB
41 KB 6ms
6ms Script
text/javascript 92.123.93.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s240.mxcdn.net/bb-mx/serve/mtrcs_850799.js
Requested by: Host: s240.meetrics.net
URL: http://s240.meetrics.net/bb-mx/prime/mtrcs_850799.js?pjid=850799&place=ADID_4378854861&site=50691384&cid=138214552967&cpid=4378854861&size=BB&adc=51946584&cb=365141945&adv=92040864
Protocol: HTTP/1.1
Server: 92.123.93.31 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-31.deploy.akamaitechnologies.com
Software: nginx /
Resource Hash: e4d96ebe5e0abf4dabe4978ee6e25a0eacddd9b8f94c305028db779509e0ad81

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: s240.mxcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Thu, 26 Oct 2017 02:25:00 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=27177
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 41646
Expires: Thu, 26 Oct 2017 09:57:57 GMT

GET
H/1.1 200
OK mtrcs_850799.js Show response
s240.meetrics.net/bb-mx/prime/ Frame 1542 2 KB
1 KB 2ms
2ms Script
text/javascript 136.243.5.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s240.meetrics.net/bb-mx/prime/mtrcs_850799.js?pjid=850799&place=ADID_4378497073&site=50691384&cid=138214551524&cpid=4378497073&size=HP&adc=51946584&cb=1497258037&adv=92040864
Requested by: Host: www.neon.de
URL: http://www.neon.de/gujAd/gujAd.js?v=20170524113749-25d73c_2576
Protocol: HTTP/1.1
Server: 136.243.5.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h234.meetrics.de
Software: nginx /
Resource Hash: e6866672067eb448eb28954dc891425f2f1345fbc24e488ebcfe5e6a34736dd6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:00 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1194
Expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
DATA 200
OK truncated
/ Frame 1542 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c67534b22c4bfb47d6b03c1f3cd01e5d37914143cc6d049ce8b783e26abe753b

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 1542 43 B
52 B 21ms
21ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.adform.net/jsmetrics/?adfserve=32&sid=276&rid=10436&cid=42476
Requested by: Host: www.neon.de
URL: http://www.neon.de/violet1984
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:path: /jsmetrics/?adfserve=32&sid=276&rid=10436&cid=42476
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Tue, 12 Jul 2016 13:47:50 GMT
server: nginx
etag: "5784f506-2b"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK revoke
dc8.s240.meetrics.net/bb-mx/ 43 B
43 B 2ms
1ms Image
image/gif 88.198.47.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc8.s240.meetrics.net/bb-mx/revoke?BTAx1Aw4A54A03AwwA2wAz4A1wA35A5BE
Protocol: HTTP/1.1
Server: 88.198.47.102 Nürnberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h354.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc8.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:00 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Thu, 26 Oct 2017 02:24:59 GMT

GET
H/1.1 200
OK submit
dc2.s240.meetrics.net/bb-mx/ 43 B
43 B 379ms
2ms Image
image/gif 148.251.194.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc2.s240.meetrics.net/bb-mx/submit?/iuRoBOAAA8whFo0F0wF6vAv3E33FuuElvFuuBklFv2EpvFslF0xB54A0BEfpyF+k2FmywAx3AtxAwtAy1AtxAx6A11At4A1wA35A5tAyuAw5A4tAxhE0kEyyAh3BLlnFBLlnFC+qhFnx1Aw4A54A03AwwA15Aw4A1wA35A56Ax1Aw4A54A03AwwA2wAz4A1wA35A5BE/k0FEExgAwqFpkF94A1wA35A5mAwsFhjFl9BBEFJEFf0Bz3A44A10A42AxmAzpF0lF91Aw2A5xAz4A0mAjpFk9BxzA4yAx0A11Ay5A23AmjEwpFk9B0zA34A41A04A2xAmzEp6Fl9BCCFmhEkjF91Ax5A02A14A0mAjiF9zA21Ax0Ax5A01AmhEk2F95AywA0wA42A08ExgAwqFpkF94A1wA35A5mAwsFhjFl9BBEFJEFf0Bz3A40A53Aw3AzmAzpF0lF91Aw2A5xAz4A0mAjpFk9BxzA4yAx0A11Ax1Ay0AmjEwpFk9B0zA34A05A3wA3zAmzEp6Fl9BIQFmhEkjF91Ax5A02A14A0mAjiF9xA05A3yA14AwzA3mAhkF29B5yAw0Aw4A20AMquFHRL2wFBLl1FC/2xFMCylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgBjzFzfF3lFirFp0FUkzFEDFAAAAAAAZwSegAPAAAAAAAAAOAAAAGAAAAAAAZwSegABPCAAAAAAAABv0DAPAAAAAAAAAB4piAPJAA6DAAAAdcFvAZBAAFAw8E08ExBEFAx1A22AzBErcFvAPAAAFAAv0DTcFvAPBAA2AAAAAdFxNAZAAAFAw8E08ExBEGAx0Ax5A00ArFxNAPAAAFAA4piTFxNASksF4GeAAAAAAAAAAAAEAAAv0DAAAAAAAKA0zA34A41A04A2xAPABEFJEFf0Bz3A44A10A42AxBEIA1wA25AxzA40ACACCFMAxzA4yAx0A11Ay5A23AIA1xA50A21A40AAAAAIA5yAw0Aw4A20AeAAAAAAAAAAAAEAAA4piAAAAAAAKA0zA34A05A3wA3zAPABEFJEFf0Bz3A40A53Aw3AzBEIA1wA25AxzA40ACAIQFMAxzA4yAx0A11Ax1Ay0AIA1xA50A21A40AAAAAIA5yAw0Aw4A20AdlEAGDAgMA6DAFAAAcFvAAAQAOPFfTFPVFSDFFfFxxA22A31ACACCFAAAAAAAAAAAAAAGAJGFSBFNFFdmMA6LAsEAYJAFAAAFxNAAAQAOPFfTFPVFSDFFfFx0A5yA01ACAIQFAAAAAAAAAAAAAAGAJGFSBFNFF
Protocol: HTTP/1.1
Server: 148.251.194.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h350.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc2.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:01 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Thu, 26 Oct 2017 02:25:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/ Frame 1542 87 KB
36 KB 26ms
25ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4abf32e014a4fe0b7c5431e6eb592f5103dc09691cd91f9a6c37406d4a0ad441

Request headers

:path: /stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2017 07:01:53 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Fri, 27 Oct 2017 06:04:28 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/ Frame 1542 87 KB
36 KB 37ms
37ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4abf32e014a4fe0b7c5431e6eb592f5103dc09691cd91f9a6c37406d4a0ad441

Request headers

:path: /stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2017 07:01:53 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Fri, 27 Oct 2017 06:04:28 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/ Frame 1542 87 KB
36 KB 31ms
31ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4abf32e014a4fe0b7c5431e6eb592f5103dc09691cd91f9a6c37406d4a0ad441

Request headers

:path: /stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2017 07:01:53 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Fri, 27 Oct 2017 06:04:28 GMT

GET
H2 200 /
track.adform.net/csimpr/ Frame 1542 35 B
44 B 22ms
22ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.adform.net/csimpr/?bn=19923671&csi=XmPJBF7P7AzRcXbRQfhKIqOyjvve_pYix-fXVz9y6V5ocX1Ui59_tA2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /csimpr/?bn=19923671&csi=XmPJBF7P7AzRcXbRQfhKIqOyjvve_pYix-fXVz9y6V5ocX1Ui59_tA2
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
server: nginx
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 /
track.adform.net/csimpr/ Frame 1542 35 B
53 B 46ms
45ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.adform.net/csimpr/?bn=19929573&csi=QC9Z8g77O75XPl7F1Po4j-T270nZW5DmEA43e4ZUhzpocX1Ui59_tA2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /csimpr/?bn=19929573&csi=QC9Z8g77O75XPl7F1Po4j-T270nZW5DmEA43e4ZUhzpocX1Ui59_tA2
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
server: nginx
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 /
track.adform.net/csimpr/ Frame 1542 35 B
53 B 79ms
78ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.adform.net/csimpr/?bn=19923667&csi=h2-pi71zSRHj6T_89F30JA9BFgCC4BzXx-fXVz9y6V5ocX1Ui59_tA2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /csimpr/?bn=19923667&csi=h2-pi71zSRHj6T_89F30JA9BFgCC4BzXx-fXVz9y6V5ocX1Ui59_tA2
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:00 GMT
server: nginx
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 2466008.js Show response
s1.adform.net/Banners/Elements/Files/1000194/2466008/ Frame 1542 15 KB
6 KB 20ms
20ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/2466008.js?ADFassetID=2466008&bv=514

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8511e039b6cec667574e9bb993973e48767eba9a0ac23b6b51ea954d90c33bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/2466008.js?ADFassetID=2466008&bv=514
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 07:39:58 GMT
server: nginx
status: 200
etag: W/"59e856ce-3d55"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
content-type: application/x-javascript

GET
H2 200 2467714.js Show response
s1.adform.net/Banners/Elements/Files/54026/2467714/ Frame 1542 16 KB
8 KB 22ms
22ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/2467714.js?ADFassetID=2467714&bv=514

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2d0f1e31016d11225c6e765b191a172f55af40f96587d4536c4ac643b9528413

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/2467714.js?ADFassetID=2467714&bv=514
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 12:23:31 GMT
server: nginx
status: 200
etag: W/"59e89943-3f60"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
content-type: application/x-javascript

GET
H2 200 2466012.js Show response
s1.adform.net/Banners/Elements/Files/1000194/2466012/ Frame 1542 15 KB
6 KB 36ms
36ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/2466012.js?ADFassetID=2466012&bv=514

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

897c48cb2b9771291a0d41dc84cb3343582e398d61262e0c7abdfa09670f3720

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/2466012.js?ADFassetID=2466012&bv=514
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 07:40:27 GMT
server: nginx
status: 200
etag: W/"59e856eb-3d7f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 1542 29 KB
13 KB 21ms
21ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=603
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: da5fd2a3a539309b814f9ee6eaab650b86ac9a52b4bab833f4c05ee6316b6913

Request headers

:path: /banners/scripts/rmb/Adform.DHTML.js?bv=603
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 04 Sep 2017 09:36:18 GMT
server: nginx
etag: W/"59ad1e92-7565"
x-cache-status: HIT
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
content-type: application/x-javascript

GET
H2 200 bg1.jpg
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 35 KB
35 KB 21ms
21ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/bg1.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

daf61e4a540f3b941df29c54ab0f99847d5944ee7cd352dd0d2e6fc7b915cc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/bg1.jpg
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:57 GMT
server: nginx
status: 200
etag: "59e856cd-8a03"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 35331

GET
H2 200 bg2.jpg
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 46 KB
46 KB 21ms
20ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/bg2.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3a0c554e85b1d6155d5c1983160b4fb4f4c36a6dff01ee7f3cc2f0d37d0450ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/bg2.jpg
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:57 GMT
server: nginx
status: 200
etag: "59e856cd-b928"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 47400

GET
H2 200 text-bg.png
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 1 KB
1 KB 22ms
21ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text-bg.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a0a2bddc8f672f32a9dda933a62dd770295089c60c41b6daaea8ceab84fda1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text-bg.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:58 GMT
server: nginx
status: 200
etag: "59e856ce-468"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1128

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 3 KB
3 KB 22ms
21ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e409df52e71141cf81d9ed618487267794feccdcd35217dc6625429cc0df37e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text1.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:58 GMT
server: nginx
status: 200
etag: "59e856ce-aab"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2731

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 22ms
21ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b75cc0b763638ce1089a93b1c6bd2ebc804cdef8e48a3bdea4256a33a612bf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/cta.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:57 GMT
server: nginx
status: 200
etag: "59e856cd-634"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1588

GET
H2 200 cta-arrow.png
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 1 KB
1 KB 22ms
22ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/cta-arrow.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a87627def4e0bc04d6dc86f25113276dfb98c500d22bcf9c3fe542bf0269e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/cta-arrow.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:57 GMT
server: nginx
status: 200
etag: "59e856cd-488"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1160

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 23ms
22ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

98d66a3bc48108efd732fda9dd0b680674ea00f83651831b8aaba38a4b644674

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/logo.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:58 GMT
server: nginx
status: 200
etag: "59e856ce-843"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2115

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 22ms
22ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b72073ed5422556ffd962837521e7d4df55fce59b5908ca2e47c1637217e033f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text2.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:58 GMT
server: nginx
status: 200
etag: "59e856ce-7e3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2019

GET
H2 200 text3.png
s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 24ms
23ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text3.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4982ec83fadb7ba47f86472ead57e40a57924eb4ee6d57a995a9280e9482b632

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466008/bvpath_514/assets/img/text3.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:39:58 GMT
server: nginx
status: 200
etag: "59e856ce-848"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2120

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ Frame 1542 81 KB
29 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:818::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ajax/libs/jquery/2.0.0/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ajax.googleapis.com
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 12 Oct 2017 17:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1156472
status: 200
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 29195
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Oct 2018 17:10:28 GMT

GET
H2 200 blue_rect.png
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 141 B
150 B 21ms
20ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/blue_rect.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2f797478cbe2fca810957902e203a1832c1423d7f1eb2f7cb9d00876a61b2d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/blue_rect.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:30 GMT
server: nginx
status: 200
etag: "59e89942-8d"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 141

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 1 KB
1 KB 36ms
35ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b931af1c35bf8befcbf39d4b6c7be58e66a35935ed5c0764af8a896d27b891bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/logo.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:30 GMT
server: nginx
status: 200
etag: "59e89942-4c8"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1224

GET
H2 200 txt_0.png
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 1 KB
1 KB 36ms
36ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/txt_0.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6d17d853d3f402a4999609f258a78680bc16cc8cd69ea47c35b021fabf8bbc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/txt_0.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:30 GMT
server: nginx
status: 200
etag: "59e89942-44a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1098

GET
H2 200 txt_1.png
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 1 KB
1 KB 37ms
36ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/txt_1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f4739a013c597979f74a0dcbb9e9f42c5c3133f578ae2ddc2769d0ea6a299252

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/txt_1.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:30 GMT
server: nginx
status: 200
etag: "59e89942-5e5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1509

GET
H2 200 cta_txt_white.png
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 522 B
531 B 37ms
36ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/cta_txt_white.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2e6eba886e4c5c4e94519a443b9900f0e2a4a4439c31120bfb70292c28fdc16b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/cta_txt_white.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:30 GMT
server: nginx
status: 200
etag: "59e89942-20a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 522

GET
H2 200 cta_txt_blue.png
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 511 B
520 B 37ms
36ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/cta_txt_blue.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a2e2ffc843f04a01f574c608811a9c891f2c99c260b6ca0772a4eb3064886ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/cta_txt_blue.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:30 GMT
server: nginx
status: 200
etag: "59e89942-1ff"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 511

GET
H2 200 hand.png
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 275 B
284 B 37ms
36ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/hand.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1f8ab6d5549cf376163783337db7f07676edecbc108acfe28f8b4e1c1729b396

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/hand.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:30 GMT
server: nginx
status: 200
etag: "59e89942-113"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 275

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 1542 29 KB
13 KB 22ms
22ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=603
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: da5fd2a3a539309b814f9ee6eaab650b86ac9a52b4bab833f4c05ee6316b6913

Request headers

:path: /banners/scripts/rmb/Adform.DHTML.js?bv=603
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 04 Sep 2017 09:36:18 GMT
server: nginx
etag: W/"59ad1e92-7565"
x-cache-status: HIT
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
content-type: application/x-javascript

GET
H2 200 bg1.jpg
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 20 KB
20 KB 22ms
20ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/bg1.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b78decf705f0d48320e306b22cb3903d305da485a87ed7e71a5a5b77abd493ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/bg1.jpg
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:25 GMT
server: nginx
status: 200
etag: "59e856e9-518a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 20874

GET
H2 200 bg2.jpg
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 27 KB
27 KB 22ms
19ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/bg2.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

16503d17004c33701fef893f61c4016a88aa1f8dafacc94f6ff2227a961f892e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/bg2.jpg
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-6a7a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 27258

GET
H2 200 text-bg.png
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 1 KB
1 KB 23ms
19ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text-bg.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8fdde08e7ef53af7de2edaf546f3f3227333e569162eb64c49a51a6ce799202a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text-bg.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-47c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1148

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 3 KB
3 KB 23ms
20ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a181b96409bc3c9e19b8ce1f3dc2dccd39a05be056a4e472026c9d89bd75136f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text1.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-abe"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2750

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 23ms
20ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2f285e9517ee21839d59c9345084ec55e0919061df52ff282164f19ff2456033

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/cta.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-615"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1557

GET
H2 200 cta-arrow.png
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 1 KB
1 KB 23ms
20ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/cta-arrow.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d3e8d7ad927d73724c18caaa67fcebc771cc07df02e5ee71458d9e6c535b0147

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/cta-arrow.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-48a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1162

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 24ms
21ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

565eea6b89b19185de8ededacad8483b43f8ac5d256e74cfe8753a67a9f4092c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/logo.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-89c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2204

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 24ms
21ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9ea53f4f23651320ba59f70300d6b394ccab4d785633bdc01b069a2df4e80988

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text2.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-78e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1934

GET
H2 200 text3.png
s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/ Frame 1542 2 KB
2 KB 39ms
36ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text3.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

718dd0a15907c87a24e53b71254daffaba58066502daaa44caf45d917ecdbb0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/1000194/2466012/bvpath_514/assets/img/text3.png
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 07:40:26 GMT
server: nginx
status: 200
etag: "59e856ea-7a8"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1960

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 1542 29 KB
0 22ms
22ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=603
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: da5fd2a3a539309b814f9ee6eaab650b86ac9a52b4bab833f4c05ee6316b6913

Request headers

:path: /banners/scripts/rmb/Adform.DHTML.js?bv=603
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s1.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
:method: GET

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
content-encoding: gzip
last-modified: Mon, 04 Sep 2017 09:36:18 GMT
server: nginx
etag: W/"59ad1e92-7565"
x-cache-status: HIT
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
content-type: application/x-javascript

GET
DATA 200
OK truncated
/ Frame 1542 2 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98d39904de5024eab7eaa885ca4112e0a810196e20ff100b4acefd059be764c9

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame 1542 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bcba7cd8e8bdaf52ef8db0109d4359fae79793c6db86d5b1ee32b4240cfb6ae

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H2 200 bg.jpg
s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/ Frame 1542 63 KB
63 KB 21ms
21ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/img/bg.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bf4e584566121126d1323a748b746c71bdf56577844776fa4ec2513bce3a6e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /Banners/Elements/Files/54026/2467714/bvpath_514/img/bg.jpg
pragma: no-cache
cookie: adtrc=1; uid=-8083007585276738319; TPC=1508984700598
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: s1.adform.net
referer: https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/
:scheme: https
:method: GET
Referer: https://s1.adform.net/Banners/Elements/Files/54026/2467714/bvpath_514/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Thu, 26 Oct 2017 02:25:00 GMT
last-modified: Thu, 19 Oct 2017 12:23:29 GMT
server: nginx
status: 200
etag: "59e89941-fd54"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 64852

GET
H/1.1 200
OK Cookie set / Show response
log.pinterest.com/ 0
0 119ms
104ms Script
text/plain 151.101.112.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://log.pinterest.com/?guid=R_ZiXo2nds4i&tv=2017100302&type=pidget&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&lang=en&via=http%3A%2F%2Fwww.neon.de%2Fviolet1984&callback=PIN_1508984699930.f.callback[0]
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.5281924607041577
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

X-Pinterest-Host: widgets.pinterest.com
Date: Thu, 26 Oct 2017 02:25:01 GMT
Via: 1.1 varnish-v4 1.1 varnish
Age: 0
VCL-backend-name: cookiemonster_prod_docker_0a01116a_ec2_pin220_com
X-Served-By: cache-hhn1543-HHN
X-Cache: MISS
Set-Cookie: _pinterest_cm=TWc9PSZZRjAxYWw0VlNoVWZJSHZCdElCVWd3ODVxNzFUcEc0TUUyQlYxVnRxQkszUnl2bk5ibzdjNFVCeVY2L2oySy9sT0tqS256eHFHUXE5TTB6WWVJeVJHWEJxak5Sdk15SVdpSUUwU3dhVUdhQmFuTWZkWWZscFB6NXI4S3dsbmFaaiZXSzJQc3JUUmhhU3BqQW55ZjFBOWZHQWRsc1k9; Expires=Fri, 26 Oct 2018 02:25:01 GMT; Domain=.pinterest.com
Connection: keep-alive
Accept-Ranges: bytes bytes
X-Timer: S1508984701.956337,VS0,VE98
Content-Length: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK data
dc2.s240.meetrics.net/ 43 B
54 B 51ms
0ms Image
image/gif 148.251.194.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc2.s240.meetrics.net/data?/iuRoCSFAALktFBLkqFFlqwF41Aw3A55ALl1FDKq1FKq2FMq3FNHMq4FLEKq6FK2mFLkqFK+kyBo41Aw3A55A64A42AxxA46AwhFnlFfpFtwFylFzzFpvFufFpkF6wEylF0pFtlF2qoFx1Aw4A54A02A55Aw2A0zE26F5nFxkFm1B1BEUkzFiEPIAAAZAwSAcAAAAPbDAVEAAAAdpg7APcBAAAAAAAzcFvAZAAAFAx8E38E1BEFAx1A22AzBEr2oDAPAAAFAAv0DT2oDAZBAAFAx8E38E1BEFAx1A22AzBErkXaAPAAAFAAv0DTkXaAZAAAFAx8E38E1BEFAx1A22AzBErihfAPAAAFAAv0DTihfAPDAAAAAAAAzFxNAZAAAFAx8E38E1BEGAx0Ax5A00ArbehAPAAAFAA4piTbehAZAAAFAx8E38E1BEGAx0Ax5A00AriEjAPAAAFAA4piTiEjASksFWRdnSAcAAgCAYJAAAAApg7AAAGBqhF2hFzjFypFw0F6iA8oE0tFs+B8iEvkF5gBz0F5sFl9BniEhjFrnFyvF1uFk6B0yFhuFzwFhyFluF0nB+8AviEvkF5+B8vAo0FtsF+iACATTFAAAAAAAAAAAAAAGAJGFSBFNFFdQNAGDAgMA6DAFAAA2oDAAAeBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFvxAwwAwxA50AvyA02A2wAw4AviE2wFh0FofF1xA0vAhzFzlF0zFvpEtnFv0El4F0tBinFuwEunFCACCFAAAAAAAAAAAAAADAJNFHBFdFRAGDAgMA6DAFAAAkXaAAAaBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFvxAwwAwxA50AvyA02A2wAw4AviE2wFh0FofF1xA0vAhzFzlF0zFvpEtnFvjE0hFuwEunFCACCFAAAAAAAAAAAAAADAJNFHBFdlEAGDAgMA6DAFAAAihfAAAbBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFvxAwwAwxA50AvyA02A2wAw4AviE2wFh0FofF1xA0vAhzFzlF0zFvpEtnFvsEvnFvuBwuFnBFCACCFAAAAAAAAAAAAAADAJNFHBFdVQA6LAsEAYJAFAAAbehAAAeBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFvxAwwAwxA50AvyA02A2wAxyAviE2wFh0FofF1xA0vAhzFzlF0zFvpEtnFv0El4F0tBinFuwEunFCAIQFAAAAAAAAAAAAAADAJNFHBFdSRA6LAsEAYJAFAAAiEjAAAaBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFvxAwwAwxA50AvyA02A2wAxyAviE2wFh0FofF1xA0vAhzFzlF0zFvpEtnFvjE0hFuwEunFCAIQFAAAAAAAAAAAAAADAJNFHBF
Protocol: HTTP/1.1
Server: 148.251.194.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h350.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc2.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:01 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 26-Oct-17 02:25:00 GMT

GET
H/1.1 200
OK data
dc7.s240.meetrics.net/ 43 B
54 B 1ms
0ms Image
image/gif 148.251.195.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc7.s240.meetrics.net/data?/Z2uOCUWAAKktFLkqFFlqwF44A2xAx4ALl1FDKq1FKq2FMq3FNHMq4FLEKq6FK2mFLkqFKlkyB44A2xAx4A2qoFx1Aw4A54A02A55Aw2A0zE26F5nFxkFm1B1BELlnFBLlnFCLlnFDLlnFELlnFFLlnFGlqwF44A2xAx4ALkmFBUkzFWCPZCAAZAwSAcAAAAPTKAFAA4wbTcFvAPFDAFAA4wbTeU9APEAAFAA4wbTpg7AP/BAAAAAAAzcFvAPAAAFAA4wbTKHRAPhAAAAAAAAzpg7APAAAFAA4wbT6J9APZAAFAA4wbTyPJAPAAAAAAAAAzeU9ASksFYJdlEAGDAgMA6DAFAAAcFvAAAQAOPFfTFPVFSDFFfFxxA22A31AHACCFtDEPOFUBFAAAAAAAAAAAAAAGAJGFSBFNFFdmMAsLAsEA6DAFAAAeU9AAAQAOPFfTFPVFSDFFfFx2A5xA1zAHANSFtDEPOFUBFAAAAAAAAAAAAAAGAJGFSBFNFFdnSAcAAgCAYJAFAAApg7AAAGBqhF2hFzjFypFw0F6iA8oE0tFs+B8iEvkF5gBz0F5sFl9BniEhjFrnFyvF1uFk6B0yFhuFzwFhyFluF0nB+8AviEvkF5+B8vAo0FtsF+iAHATTFtDEPOFUBFAAAAAAAAAAAAAAGAJGFSBFNFFdlEAGDAgMA6DAFAAAKHRAAAOAqhF2hFzjFypFw0F6nAn7AHACCFtDEPOFUBFAAAAAAAAAAAAAAGAJGFSBFNFFdnSAcAAgCAYJAFAAA6J9AAAOAqhF2hFzjFypFw0F6nAn7AHATTFtDEPOFUBFAAAAAAAAAAAAAAGAJGFSBFNFFdmMA6LAsEAYJAFAAAyPJAAAOAqhF2hFzjFypFw0F6nAn7AHAIQFtDEPOFUBFAAAAAAAAAAAAAAGAJGFSBFNFF
Protocol: HTTP/1.1
Server: 148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h353.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc7.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 26-Oct-17 02:24:59 GMT

GET
H/1.1 200
OK data
dc2.s240.meetrics.net/ 43 B
54 B 1ms
1ms Image
image/gif 148.251.194.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc2.s240.meetrics.net/data?/iuRoDHKAAOprFvtPDOqwFvtPDlqwF41Aw3A55ALkmFBTkzF9ZBAAFAx8E38E1BEGAx0Ax5A00ArlotAPAAAFAA4piTlotAPDAAAAAAAAzpg7ASksFoIdmMA6LAsEAYJAFAAAlotAAAbBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFvxAwwAwxA50AvyA02A2wAxyAviE2wFh0FofF1xA0vAhzFzlF0zFvpEtnFvsEvnFvuBwuFnBFCAIQFAAAAAAAAAAAAAADAJNFHBFdnSAAAAgCAYJAAAAAudJAAAXBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFv1A0wAy2AvyA02A33Ax0AviE2wFh0FofF1xA0vAptFnvBisF1lFfyFljF0uBwuFnBFCATTFAAAAAAAAAAAAAADAJNFHBFdnSAcAAgCAYJAAAAAxs8AAATBo0F0wFz6BvvAzxBuhEkmFvyFtuBulF0vBChFuuFlyFzvBFsFltFluF0zFvGEpsFlzFv1A0wAy2AvyA02A33Ax0AviE2wFh0FofF1xA0vAptFnvB04F0fFwuAwuFnBFCATTFAAAAAAAAAAAAAADAJNFHBF
Protocol: HTTP/1.1
Server: 148.251.194.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h350.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc2.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:01 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 26-Oct-17 02:25:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 1542 42 B
42 B 14ms
14ms Image
image/gif 2a00:1450:4001:816::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=Byfl9fEfxWbDXD-fgzAbm5bv4BQAAAAAQATgByAEJwAIC4AIA4AQBoAYf0ggFCIBhEAE&cid=CAASEuRoruKu2re9zWgiJj06BI5BbQ&id=osdim&ti=1&uc=10&tgt=DIV&cl=1&cec=10&clc=1&cac=0&cd=800x254&r=u&adk=996014702&tt=1381&bs=1585,1200&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&p=198,293,448,1093&inapp=0&mcvt=1077&rs=3&ht=0&tfs=731&tls=1808&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,1214&ss=1600,1200&pt=427&deb=1-2-5-12-19-1&tvt=1797&avms=geo&v=r20171023

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:01 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 1542 42 B
42 B 19ms
14ms Image
image/gif 2a00:1450:4001:816::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=BOUgHfEfxWZqHENPizAawlYWgBwAAAAAQATgByAEJwAIC4AIA4AQBoAYf0ggFCIBhEAE&cid=CAASEuRoOxehZ1BpMHJClmMj-BSflg&id=osdim&ti=1&uc=9&tgt=DIV&cl=1&cec=10&clc=1&cac=0&cd=300x604&r=u&adk=3560621337&tt=1381&bs=1585,1200&mtos=0,144,1077,1077,1077&tos=0,144,933,0,0&p=762,806,1362,1106&inapp=0&mcvt=1077&rs=3&ht=0&tfs=731&tls=1808&mc=0.75&lte=0.75&bas=0&bac=0&bos=1600,1200&ps=1585,1214&ss=1600,1200&pt=427&deb=1-2-5-12-19-1&tvt=1797&avms=geo&v=r20171023

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:01 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1542 35 B
44 B 21ms
21ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-8083007585276738364@@19923671,779857990008136925,100|1070|0|0|250|0|0|0|0||113|0|||||1|0|0|
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /serving/unload/?version=15&unload=-8083007585276738364@@19923671,779857990008136925,100|1070|0|0|250|0|0|0|0||113|0|||||1|0|0|
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: max-age=0
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
content-length: 0
:method: POST
Cache-Control: max-age=0
Origin: http://www.neon.de
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:02 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://www.neon.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1542 35 B
44 B 21ms
21ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-8083007585276738364@@19923667,4503210827427145297,73|1088|0|0|600|0|0|0|0||75|0|||||1|0|0|
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /serving/unload/?version=15&unload=-8083007585276738364@@19923667,4503210827427145297,73|1088|0|0|600|0|0|0|0||75|0|||||1|0|0|
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: max-age=0
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
content-length: 0
:method: POST
Cache-Control: max-age=0
Origin: http://www.neon.de
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:02 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://www.neon.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1542 35 B
44 B 21ms
21ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-8083007585276738364@@19929573,1837761146170951488,100|1203|0|0|600|0|0|0|0||61|0|||||1|0|0|
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /serving/unload/?version=15&unload=-8083007585276738364@@19929573,1837761146170951488,100|1203|0|0|600|0|0|0|0||61|0|||||1|0|0|
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: max-age=0
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
content-length: 0
:method: POST
Cache-Control: max-age=0
Origin: http://www.neon.de
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:02 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://www.neon.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK data
dc7.s240.meetrics.net/ 43 B
54 B 1ms
0ms Image
image/gif 148.251.195.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc7.s240.meetrics.net/data?/Z2uODNOBATkzFPPQIAnSAcAAP6J9ARksFA
Protocol: HTTP/1.1
Server: 148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h353.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc7.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:04 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 26-Oct-17 02:25:03 GMT

GET
H/1.1 200
OK data
dc2.s240.meetrics.net/ 43 B
54 B 1ms
0ms Image
image/gif 148.251.194.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dc2.s240.meetrics.net/data?/iuRoEWOBAUkzFRCPfJAlEAGDAK2oDAZBAAEAxxA5xAEAtxA3yAPudJAPAAAZIAGDAKkXaAPBAAmMA6LAKbehAPAAAcOA6LAKiEjAPAAAnSAcAAPxs8APuEAlEAGDAKkXaAPAAAmMA6LAKiEjAPiqAnSAcAAKudJARksFA
Protocol: HTTP/1.1
Server: 148.251.194.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h350.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dc2.s240.meetrics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.neon.de/violet1984
Cookie: id=F609F224-2D59-69FE-4D81-7AFB2821C438
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2017 02:25:05 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 26-Oct-17 02:25:04 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1542 35 B
44 B 21ms
21ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-8083007585276738364@@19923671,779857990008136925,100|4768|0|0|250|0|0|0|0||501|0|||||1|0|0|
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /serving/unload/?version=15&unload=-8083007585276738364@@19923671,779857990008136925,100|4768|0|0|250|0|0|0|0||501|0|||||1|0|0|
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: max-age=0
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
content-length: 0
:method: POST
Cache-Control: max-age=0
Origin: http://www.neon.de
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:05 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://www.neon.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1542 35 B
53 B 43ms
43ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-8083007585276738364@@19929573,1837761146170951488,100|4702|0|0|600|0|0|0|0||237|0|||||1|0|0|
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /serving/unload/?version=15&unload=-8083007585276738364@@19929573,1837761146170951488,100|4702|0|0|600|0|0|0|0||237|0|||||1|0|0|
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: max-age=0
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
content-length: 0
:method: POST
Cache-Control: max-age=0
Origin: http://www.neon.de
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:05 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://www.neon.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1542 35 B
53 B 79ms
79ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-8083007585276738364@@19923667,4503210827427145297,73|4787|0|0|600|0|0|0|0||331|0|||||1|0|0|
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/603/s1.adform.net/load/v/0.0.140/e/.gkDBpA/i/8IG-iAAAAEAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path: /serving/unload/?version=15&unload=-8083007585276738364@@19923667,4503210827427145297,73|4787|0|0|600|0|0|0|0||331|0|||||1|0|0|
pragma: no-cache
cookie: C=1; adtrc=1; cid=-8083007585276738319,0,0,0,0; uid=-8083007585276738319; TPC=1508984700598
origin: http://www.neon.de
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: max-age=0
:authority: track.adform.net
referer: http://www.neon.de/violet1984
:scheme: https
content-length: 0
:method: POST
Cache-Control: max-age=0
Origin: http://www.neon.de
Referer: http://www.neon.de/violet1984
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Oct 2017 02:25:05 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://www.neon.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmp.theadex.com
URL: http://dmp.theadex.com/r/810/3277/?c=1001015090424590020

Domain: platform.twitter.com
URL: https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=http%3A%2F%2Fwww.neon.de

Domain: staticxx.facebook.com
URL: http://staticxx.facebook.com/connect/xd_arbiter/r/hsBwMj6iLmk.js?version=42

Domain: staticxx.facebook.com
URL: https://staticxx.facebook.com/connect/xd_arbiter/r/hsBwMj6iLmk.js?version=42

Domain: api.adrtx.net
URL: http://api.adrtx.net/thirdparty/iframe.html?p=adaud

Domain: www.facebook.com
URL: https://www.facebook.com/connect/ping?client_id=136065509795137&domain=www.neon.de&origin=1&redirect_uri=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df7369283640ac%26domain%3Dwww.neon.de%26origin%3Dhttp%253A%252F%252Fwww.neon.de%252Ff8731e905594%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theadex.com/	1970-01-18 19:55:20	Name: tis Value: EP8%3A1516%7CEP59%3A1516%7CEP22%3A1516
.theadex.com/	1970-01-18 19:55:20	Name: axd Value: 1001015090424590020
www.neon.de/	1970-01-18 19:55:20	Name: axd Value: 1001015090424590020
www.neon.de/	1970-01-18 11:14:03	Name: adp_segs Value: e0
.neon.de/	1970-01-19 04:40:56	Name: __gads Value: ID=8b9e8a3130d262ea:T=1508984699:S=ALNI_MZFvKNurXT4h8KmvqB9C4mHnb4gkw
www.neon.de/	1970-01-18 11:11:11	Name: emsspltuuid Value: 8941f379-a1bc-443e-ef81-a38fb72e6122
.neon.de/	1970-01-18 15:32:32	Name: __utmz Value: 261612178.1508984700.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.neon.de/	1970-01-01 00:00:00	Name: __utmc Value: 261612178
www.neon.de/	1970-01-01 00:00:00	Name: s_neon Value: 5doutf6rmsm3aaje8tp2adu6a7
.neon.de/	1970-01-18 11:09:46	Name: __utmb Value: 261612178.1.10.1508984700
.neon.de/	1970-01-18 15:28:56	Name: wt3_eid Value: %3B358373148169700%7C2150898469900258682%232150898469900431522
.neon.de/	1970-01-19 04:40:56	Name: __utma Value: 261612178.1294442649.1508984700.1508984700.1508984700.1
www.neon.de/	1970-01-18 11:11:11	Name: POPUPCHECK Value: 1509071099471
www.neon.de/	1970-01-01 00:00:00	Name: gujemsuid Value: 00000000-0000-4000-8000-000000000000
.neon.de/	1970-01-01 00:00:00	Name: wt3_sid Value: %3B358373148169700
.neon.de/	1970-01-18 11:09:45	Name: __utmt Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.neon.de
aax.amazon-adsystem.com
ad.yieldlab.net
ajax.googleapis.com
api.adrtx.net
apis.google.com
assets.pinterest.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.adrtx.net
cdn.emetriq.de
connect.facebook.net
d.df-srv.de
dc2.s240.meetrics.net
dc7.s240.meetrics.net
dc8.s240.meetrics.net
de-gmtdmp.mookie1.com
de.ioam.de
dmp.theadex.com
dsp.adfarm1.adition.com
dyn.emetriq.de
farm.plista.com
googleads.g.doubleclick.net
grunerjahr01.wt-eu02.net
ib.adnxs.com
irqs.ioam.de
log.pinterest.com
p.yieldlab.net
pagead2.googlesyndication.com
platform.twitter.com
pubads.g.doubleclick.net
s1.adform.net
s1.neon.de
s240.meetrics.net
s240.mxcdn.net
script.ioam.de
securepubads.g.doubleclick.net
static-tagr.gd1.mookie1.com
static.emsservice.de
static.plista.com
static.stern.de
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
track.adform.net
ups.xplosion.de
weblications.guj.de
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.neon.de
xpl.theadex.com
api.adrtx.net
dmp.theadex.com
platform.twitter.com
staticxx.facebook.com
www.facebook.com
104.244.42.200
136.243.46.163
136.243.5.17
138.201.141.91
148.251.194.219
148.251.195.97
151.101.112.84
172.217.21.194
178.250.2.89
185.54.150.20
192.229.233.25
193.46.63.75
194.12.193.238
194.12.193.79
2001:16e0:10a:1::c2:1
216.58.210.2
23.8.10.251
2600:1480:4000:41::
2600:9000:2001:6c00:1c:8c89:a300:93a1
2a00:1450:4001:816::2001
2a00:1450:4001:816::2002
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:816::200e
2a00:1450:4001:818::200a
2a00:1450:4001:821::200a
2a00:1450:400c:c04::9a
2a01:4f8:202:42d4::2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.253.7.32
37.157.5.71
37.157.6.251
37.252.172.27
52.30.185.55
52.48.43.7
52.57.86.190
54.192.12.104
54.239.17.113
85.114.144.199
85.114.159.93
88.198.47.102
89.163.159.102
91.215.100.40
91.215.103.64
92.123.92.14
92.123.92.197
92.123.93.31
035594f8bd9103cd72f6380efeaf5bdd123753f3b2ca202e638d0905f8cf074c
03f56c523e42f36e912b7109c0a97e43703d78c0884f59c07ff115e590e9fd7f
04f67041b5272ee6aeec978c7d3295ecc2030de42b4570c499992b67ba683f46
0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082
0b259afbc5f007add7c9248096512fee356cf0de9f3180400e09baf082d35735
0b564294d18dc6d6e6f28f39ea67f29b6f1923194d037a33cd1a374b79f540dc
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8
12ac1a7e286920557e998fa43bfe1d8e8592207adad8af7a9988b95b766ed2ce
14c9fb6be804587aa687029332dfe13e733e96285aa470f4a8d0e6235f0cfe6f
16503d17004c33701fef893f61c4016a88aa1f8dafacc94f6ff2227a961f892e
18b57ebf76339036f7bafa481aed09f6a892f001dc1f5c02bbb8cf82e0a72748
1969ed9245e3de65b050cbe698a655e5748f8e80cadf0634ab78a098717f7fee
1a071b3179f03592a1c339fc17a2d57609454f9b9ee1eabd6cffb85971b88d8a
1b07e5da75f2271ebe1eef0628da9b62c7c987a8ab35355347eca76dcd5ee4b9
1f8ab6d5549cf376163783337db7f07676edecbc108acfe28f8b4e1c1729b396
21b338808524676356626af2b582945141cfe1cdf23d80dd6d8788ae41db872f
221342ff9eb2140197c27c8350464937d861a0e81e4a3e57ef6aea245185a4cd
2281d550b5bc08e325023953b5ba5aa485a3fd38e3e9cff3d27d46d6a8fdc2c8
25096d493bc6ca9c18137f1e9644ef1eb4a07669a7bff42be24767dbaef18228
2868bc3db24680568dae7c7ce3e6c96f11f6ae812724ad301f5dd0669b086926
2d0f1e31016d11225c6e765b191a172f55af40f96587d4536c4ac643b9528413
2e6eba886e4c5c4e94519a443b9900f0e2a4a4439c31120bfb70292c28fdc16b
2f285e9517ee21839d59c9345084ec55e0919061df52ff282164f19ff2456033
2f797478cbe2fca810957902e203a1832c1423d7f1eb2f7cb9d00876a61b2d99
3012c9bdfcbc90c0bd3d452d7cf6d1c538bf62f98d816fba5e6f2a1ab8571331
31ab5e2f6e313cc462ff7d70a5c351189fdcba986b21c5e056ce553262976d7b
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687
36a885bb45726b0f1b5f0b96271e2eb3eb34893964697f6a06e985b838dd16fe
3a0c554e85b1d6155d5c1983160b4fb4f4c36a6dff01ee7f3cc2f0d37d0450ba
3a8e1da63d40db33ee107f74124d35b92ef1ca4273699e978174ece080243138
3b8c5795ad72f2ab90839a3c7a3d35192cc54808c83e6e2f324c40f87d425d62
3bcba7cd8e8bdaf52ef8db0109d4359fae79793c6db86d5b1ee32b4240cfb6ae
3cd84217a7690c0d1071d8b067749c4d40e3182f0bd9b8602f6b172c7a03704e
4982ec83fadb7ba47f86472ead57e40a57924eb4ee6d57a995a9280e9482b632
4abf32e014a4fe0b7c5431e6eb592f5103dc09691cd91f9a6c37406d4a0ad441
4c43ac4f6ec003eb9f9bb9d4396f542402f03d3aac9cdeee4ed8e4d59a1a377c
4d5b23d26344a501078a1b3538c9a3564bb6eb2ed3c8cd8e1e20d229ecf6e842
4e266943478d985620c2d18e28a4fa32ffad7949c99f8de2397a0a8f23f2aae3
4e716febebdb4f5305e85790bc125498a60f849f32ebae9bca0e1f909e3c9fe7
4f605cad7c11343a04d2abc9ab7547770bd77ee03bd8354c7d41ecff5092d28c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565eea6b89b19185de8ededacad8483b43f8ac5d256e74cfe8753a67a9f4092c
5b5ad8ca00e41194d44da8417cbae6363ba8e96c46fc2b1804df51dadecfd737
628a7cf2fb865b253fc8393b3d408f7ef4bce3dd31328426ba556a81610c43b9
64e76b5f5d18e4f580ec2b8e1e9d8eab4fd803859cfa846254d12a29ffeb4317
69588be7de3705f1e42e4b20f8ce106f8d88e437af559863165644fa2ec5fe9b
6aa941e61686d70360a5f91ce8df3fef743d0b04202448dd5eb80a18694ab2ab
6d08d41a10c2e1ea85e0e7c8454845236a49b2ce5a75e6e022651b7edd667d47
6d17d853d3f402a4999609f258a78680bc16cc8cd69ea47c35b021fabf8bbc9a
718dd0a15907c87a24e53b71254daffaba58066502daaa44caf45d917ecdbb0e
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
77f50bdf0692c8145e919fc52ec7c94172b38ffb43b239f8b737654fa8eae7d8
80618fe730350142f1b2e7997da774dbd0a31b3fc34e6438ec56d5a19665f5ec
80887a5401b58a63cbfcfa8149d48f90765f53f0bcaa06ee8a06fce97c87d62d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ffa770511d36a015c51b4a04e6cfcd5fc0c9fdca83594c6a45c8ebebb32205
8511e039b6cec667574e9bb993973e48767eba9a0ac23b6b51ea954d90c33bda
85db756cce9775accf2248a492eb1fcfc7582817ae877f7f2ffe19129b60d700
87784b3c445b00c4918fe025d613678fbe2c469018996d12d809e26a7d9f54d6
87e35cb6e28ce38c1e90adf75b8829e6e2daacc995eb80f4ec0723dd10dbd142
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
897c48cb2b9771291a0d41dc84cb3343582e398d61262e0c7abdfa09670f3720
89800875c4bda31a35c6cfce95eb0d509919e909575056626a8ea8b9e8688495
8bd1487db66033b388bd314fc03760fd36949babf5902f4ad8706e7f707d7db0
8fdde08e7ef53af7de2edaf546f3f3227333e569162eb64c49a51a6ce799202a
925a93960e67029e3c5392963a35e3396d8d10cd396c2b3e41841913809b6de1
93f8e855bf6f3c3f80f334fbc08dac22669699f3dcb7726f63435e6508890f46
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
95d421b48f24e0acd311aad4ad367af7e8ef4e9f5c085473221b948dda115004
98d39904de5024eab7eaa885ca4112e0a810196e20ff100b4acefd059be764c9
98d66a3bc48108efd732fda9dd0b680674ea00f83651831b8aaba38a4b644674
9a68d0b8c2f107dc4b96552df6c5924908c96f005963dab3f345ba9461dc7f68
9b559985c5e0100ad9fdd0994d2e7c91b6d22627a2c7e1e4b5daa0a3382c8dbc
9ea53f4f23651320ba59f70300d6b394ccab4d785633bdc01b069a2df4e80988
9efa53ec1a261a8576a66a71befaf9d03c1a108aac36271f4599b87597b8a71e
9fabe13c5ec460db21f0a9f8ca82557238f95d216ceecdea245f6aa53009308f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09dc0db7d0684852b3eb4b6ba5d37fef05e3ef058e10efac5ba8f9df1ed2c54
a0a2bddc8f672f32a9dda933a62dd770295089c60c41b6daaea8ceab84fda1be
a181b96409bc3c9e19b8ce1f3dc2dccd39a05be056a4e472026c9d89bd75136f
a2e2ffc843f04a01f574c608811a9c891f2c99c260b6ca0772a4eb3064886ea8
a39f0fae83155b20be84a79f345ee29b77d377656ea025a5181ac491215272da
a4883d6637326c8070c490b81b0c7f0e19b2ccfc62ee6cf7386c11d6d95e8ba0
a557ad98f662e9e0a0c64677aba69eef1ca8ae3a48c4324435ec069978763c55
a87627def4e0bc04d6dc86f25113276dfb98c500d22bcf9c3fe542bf0269e7fb
ac10ab1ec172a8a43790546ececb9d80271d4adbfb4ca46aee469e3834525895
aef8e5f3f7bfe38b9278f9a7b02f26ba21d1341925f46db6c1f4b41fcd021995
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e2b9fb047a5990c7720504f3ef9dfdc7906dd71fa3206326dbe5e698df76c2
b4238f49bb9f528e2333d8f3a7f248df30928638ab95152b58c0408b06c16e09
b50f76bdd15272d01d904c72154c22dad1b3b477c04aa6a030e059eccbefc3ef
b566970e92da13f9686c621ef539a8993df8e3fbf5811a7e36c8032fb754f05d
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b72073ed5422556ffd962837521e7d4df55fce59b5908ca2e47c1637217e033f
b75cc0b763638ce1089a93b1c6bd2ebc804cdef8e48a3bdea4256a33a612bf57
b78decf705f0d48320e306b22cb3903d305da485a87ed7e71a5a5b77abd493ca
b931af1c35bf8befcbf39d4b6c7be58e66a35935ed5c0764af8a896d27b891bb
bbc136601829554f1f3d390c503817bd5d0afb29017e0e941a034219ebbb0101
bf4e584566121126d1323a748b746c71bdf56577844776fa4ec2513bce3a6e55
c2e472d29cc8e6923ae1473a92da908558efc03541270f105b592d6ae097724e
c67534b22c4bfb47d6b03c1f3cd01e5d37914143cc6d049ce8b783e26abe753b
c902c96266548c8982f65d29f2f8f188149102603bebd4382ef9dcfa0afac2ba
d18486f4b388cc8b252dee5904a10a8aa0007e9cddad66644420a0c8f2a8d3d1
d3e8d7ad927d73724c18caaa67fcebc771cc07df02e5ee71458d9e6c535b0147
d442331ca710bdda5dfc13b7f65f78d601d0f9576d83a9eb1e628dcbbbbb2ef6
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d739fc1ecbffaae6d191ecb754bc7d95b5258b17b48c40e49c21d1122c975d73
d78059dc4353441d92f103e1057cc18b35c5892114e3613d1680cb3dde9b4371
d8140a26c6cb88b729d22fd1dce46cb9c491b6be1a7782e95f90bf6f0be9e512
da5fd2a3a539309b814f9ee6eaab650b86ac9a52b4bab833f4c05ee6316b6913
daf61e4a540f3b941df29c54ab0f99847d5944ee7cd352dd0d2e6fc7b915cc7b
dd1007d5201022f283db040729b32ddc0b2bbc01d30acc64c3f7e281a14193a5
e3526b50e6645e234e6a8a6812acd44ac06f706f6161dfd741d4daea0e65ef13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409df52e71141cf81d9ed618487267794feccdcd35217dc6625429cc0df37e1
e4d96ebe5e0abf4dabe4978ee6e25a0eacddd9b8f94c305028db779509e0ad81
e6866672067eb448eb28954dc891425f2f1345fbc24e488ebcfe5e6a34736dd6
ea48b24bcd69694d0b52fa9ac12e2009346c344ac29eb54264f85f2da0fb0b48
eb0de02ef3d09319cff4297b98c712606f815453eb8345d394933f719194ba1c
ebbf780afb4067d67c610a8db283b4f8563ae349f675b19f9de31b81b9a4661c
ec60d3f59db0946291c7e768835fb7a9787afbb206408d2cdb9e8cb1c70fcec5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4739a013c597979f74a0dcbb9e9f42c5c3133f578ae2ddc2769d0ea6a299252
f63c1d263eb22abc94c4277e62255ac2d99b7226ad76318eb7a3bc131f0c3fe0
fc9976034ec908098389ab08ab1fc1dd5a547439e9318f436637d4cd069acc8b
fe093ed6762e221ec75695875021342f123082ad656134e940208288e9cb7e34

www.neon.de Open in urlscan Pro 194.12.193.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

160 Requests

56 %HTTPS

29 %IPv6

32 Domains

55 Subdomains

46 IPs

7 Countries

1559 kBTransfer

3950 kBSize

16 Cookies

17 Outgoing links

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.neon.de Open in urlscan Pro
194.12.193.79 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

56 %
HTTPS

29 %
IPv6

32
Domains

55
Subdomains

46
IPs

7
Countries

1559 kB
Transfer

3950 kB
Size

16
Cookies

160 HTTP transactions
15 data transactions