www.onmeda.de Open in urlscan Pro
78.35.17.134 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onmeda.de/forum/
Submission: On December 07 via api (December 7th 2019, 3:11:33 pm UTC) from CZ

Summary HTTP 132 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 38 IPs in 10 countries across 37 domains to perform 132 HTTP transactions. The main IP is 78.35.17.134, located in Cologne, Germany and belongs to NETCOLOGNE, DE. The main domain is www.onmeda.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 7th 2019. Valid for: a year.

This is the only time www.onmeda.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	78.35.17.134 78.35.17.134	8422 (NETCOLOGNE) (NETCOLOGNE)
9	2600:9000:20e... 2600:9000:20eb:4200:14:3756:4880:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	91.215.100.39 91.215.100.39	43407 (INFONLINE-AS) (INFONLINE-AS)
1	195.70.1.181 195.70.1.181	12333 (DFINET Ge...) (DFINET Geneva)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	72.247.224.239 72.247.224.239	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.77.236.71 54.77.236.71	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	193.46.63.75 193.46.63.75	43407 (INFONLINE-AS) (INFONLINE-AS)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
2	46.105.202.39 46.105.202.39	16276 (OVH) (OVH)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	149.202.74.47 149.202.74.47	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.225.78.6 13.225.78.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	143.204.90.242 143.204.90.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2600:9000:20e... 2600:9000:20eb:4800:12:6213:9cc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:20e... 2600:9000:20eb:f800:1f:a1b:34c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6 6	85.114.159.93 85.114.159.93	24961 (MYLOC-AS) (MYLOC-AS)
1 13	104.103.89.20 104.103.89.20	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	35.158.68.53 35.158.68.53	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	35.157.89.106 35.157.89.106	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.210.59.27 52.210.59.27	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 2	52.19.114.209 52.19.114.209	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
2 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	89.163.159.110 89.163.159.110	24961 (MYLOC-AS) (MYLOC-AS)
1	54.229.133.110 54.229.133.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	77.66.11.200 77.66.11.200	16245 (NGDC) (NGDC)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
6	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	136.243.13.131 136.243.13.131	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	72.247.224.195 72.247.224.195	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	144.76.184.162 144.76.184.162	24940 (HETZNER-AS) (HETZNER-AS)
2	52.209.113.171 52.209.113.171	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
132	38

36 78.35.17.134 (Cologne, Germany)

ASN8422 (NETCOLOGNE, DE)
PTR: www.onmeda.de

www.onmeda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:4200:14:3756:4880:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

i.onmeda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.70.1.181 (Switzerland)

ASN12333 (DFINET Geneva, Switzerland, CH)
PTR: 181.1.70.195.rev.dfinet.net

www.honcode.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.247.224.239 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-224-239.deploy.static.akamaitechnologies.com

ad.71i.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.236.71 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-236-71.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.46.63.75 (Alfter, Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: irqs.ioam.de

irqs.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.39 (France)

ASN16276 (OVH, FR)

u.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.74.47 (France)

ASN16276 (OVH, FR)
PTR: eu6.heatmap.it

eu6.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.6 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-6.fra2.r.cloudfront.net

sak.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4800:12:6213:9cc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

71i.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f800:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

nugmw.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 85.114.159.93 (Germany) 6 redirects

ASN24961 (MYLOC-AS, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.103.89.20 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-89-20.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
probe.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.175 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 175.238.186.35.bc.googleusercontent.com

de-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.158.68.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-68-53.eu-central-1.compute.amazonaws.com

staging.cerberus.sqrt-5041.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.89.106 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-89-106.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.59.27 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-59-27.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.114.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-114-209.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.227 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.110 (Cloppenburg, Germany)

ASN24961 (MYLOC-AS, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.133.110 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-133-110.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.66.11.200 (Denmark) 1 redirects

ASN16245 (NGDC, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.13.131 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h314.meetrics.de

s265.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.224.195 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-224-195.deploy.static.akamaitechnologies.com

s265.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.184.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h359.meetrics.de

dc28.s265.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.113.171 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-209-113-171.eu-west-1.compute.amazonaws.com

aufeminin.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	onmeda.de www.onmeda.de i.onmeda.de	514 KB
13	yieldlab.net 1 redirects ad.yieldlab.net probe.yieldlab.net	8 KB
13	doubleclick.net 4 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	103 KB
7	meetrics.net s265.meetrics.net dc28.s265.meetrics.net	5 KB
6	ampproject.org cdn.ampproject.org	124 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	70 KB
6	sqrt-5041.de staging.cerberus.sqrt-5041.de	1 KB
6	adition.com 6 redirects dsp.adfarm1.adition.com	3 KB
4	bidswitch.net 3 redirects x.bidswitch.net	2 KB
4	googletagservices.com www.googletagservices.com	102 KB
4	google.com 3 redirects www.google.com adservice.google.com	592 B
4	71i.de ad.71i.de	853 KB
4	ioam.de 1 redirects script.ioam.de irqs.ioam.de de.ioam.de	13 KB
3	amazon-adsystem.com c.amazon-adsystem.com	29 KB
3	google.de www.google.de adservice.google.de	389 B
3	heatmap.it u.heatmap.it eu6.heatmap.it	11 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	demdex.net dpm.demdex.net aufeminin.demdex.net	5 KB
2	adform.net 2 redirects c1.adform.net	450 B
2	semasio.net 1 redirects uip.semasio.net	1 KB
2	openx.net 2 redirects us-u.openx.net	572 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	876 B
2	scoota.co 2 redirects r.scoota.co	1 KB
2	adnxs.com ib.adnxs.com Failed	2 KB
2	userreport.com sak.userreport.com nugmw.userreport.com	14 KB
1	mxcdn.net s265.mxcdn.net	48 KB
1	krxd.net beacon.krxd.net	320 B
1	theadex.com dmp.theadex.com	345 B
1	yahoo.com pr-bh.ybp.yahoo.com	290 B
1	criteo.net static.criteo.net	14 KB
1	criteo.com bidder.criteo.com	143 B
1	mookie1.com de-gmtdmp.mookie1.com	580 B
1	nuggad.net 1 redirects 71i.nuggad.net	551 B
1	googletagmanager.com www.googletagmanager.com	27 KB
1	googleapis.com ajax.googleapis.com	29 KB
1	honcode.ch www.honcode.ch	2 KB
132	37

	Domain	Requested by
36	www.onmeda.de	www.onmeda.de ajax.googleapis.com
11	ad.yieldlab.net	1 redirects www.onmeda.de ad.71i.de
9	i.onmeda.de	www.onmeda.de
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.onmeda.de
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	staging.cerberus.sqrt-5041.de	ad.71i.de www.onmeda.de
6	dsp.adfarm1.adition.com	6 redirects
5	dc28.s265.meetrics.net	www.onmeda.de
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.onmeda.de
4	x.bidswitch.net	3 redirects www.onmeda.de
4	www.googletagservices.com	ad.71i.de securepubads.g.doubleclick.net
4	ad.71i.de	www.onmeda.de ad.71i.de
3	c.amazon-adsystem.com	ad.71i.de c.amazon-adsystem.com
3	www.google.com	3 redirects
3	www.google-analytics.com	1 redirects www.onmeda.de
2	aufeminin.demdex.net	i.onmeda.de
2	s265.meetrics.net	ad.71i.de
2	c1.adform.net	2 redirects
2	uip.semasio.net	1 redirects www.onmeda.de
2	us-u.openx.net	2 redirects
2	sync.mathtag.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	r.scoota.co	2 redirects
2	probe.yieldlab.net	ad.71i.de
2	ib.adnxs.com	ad.71i.de
2	www.google.de	www.onmeda.de
2	stats.g.doubleclick.net	2 redirects
2	u.heatmap.it	www.onmeda.de u.heatmap.it
2	de.ioam.de	1 redirects www.onmeda.de
1	pagead2.googlesyndication.com	www.onmeda.de
1	s265.mxcdn.net	s265.meetrics.net
1	googleads.g.doubleclick.net	www.onmeda.de
1	beacon.krxd.net	www.onmeda.de
1	dmp.theadex.com	www.onmeda.de
1	pr-bh.ybp.yahoo.com	www.onmeda.de
1	static.criteo.net	ad.71i.de
1	bidder.criteo.com	ad.71i.de
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	de-gmtdmp.mookie1.com	www.onmeda.de
1	nugmw.userreport.com	www.onmeda.de
1	71i.nuggad.net	1 redirects
1	sak.userreport.com	ad.71i.de
1	eu6.heatmap.it	www.onmeda.de
1	irqs.ioam.de	script.ioam.de
1	www.googletagmanager.com	www.onmeda.de
1	dpm.demdex.net	i.onmeda.de
1	ajax.googleapis.com	www.onmeda.de
1	www.honcode.ch	www.onmeda.de
1	script.ioam.de	www.onmeda.de
132	51

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
www.afgis.de
www.healthonnet.org
www.facebook.com
twitter.com
www.pinterest.de
www.instagram.com
unternehmen.gofeminin.de

Subject Issuer	Validity	Valid
*.onmeda.de Sectigo RSA Domain Validation Secure Server CA	`2019-03-07` - `2020-03-06`	a year	crt.sh
i.onmeda.de Amazon	`2019-04-12` - `2020-05-12`	a year	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
www.honcode.ch Thawte RSA CA 2018	`2019-10-15` - `2021-12-13`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.71i.de DigiCert SHA2 Secure Server CA	`2019-08-02` - `2020-10-31`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.heatmap.it Sectigo RSA Domain Validation Secure Server CA	`2019-06-14` - `2020-06-26`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.userreport.com RapidSSL RSA CA 2018	`2019-01-10` - `2021-03-10`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2018-12-12` - `2020-03-12`	a year	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2019-02-07` - `2020-03-22`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
staging.cerberus.sqrt-5041.de Amazon	`2019-12-06` - `2021-01-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-08-07` - `2020-02-03`	6 months	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.krxd.net DigiCert SHA2 Secure Server CA	`2019-04-11` - `2020-04-11`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2019-02-28` - `2020-03-27`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
meetrics.net Let's Encrypt Authority X3	`2019-12-03` - `2020-03-02`	3 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2019-11-04` - `2021-02-02`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.onmeda.de/forum/
Frame ID: 477B947EF3E9A3071E2E912FBC601B7C
Requests: 97 HTTP requests in this frame

Frame: https://www.onmeda.de/forum/auth/login-form
Frame ID: 4558C005A27EB6EB8C24654DCD56859C
Requests: 6 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/724079/6629/2x2?&ts=1575731468452
Frame ID: 8B349F198F139E2AEC77B705CE769733
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 3032E093908322749FB622E93CE5E975
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYcQcrjDIAQ1C2q8kT87qyfVkS8KrV1kJqPykoZy4niMzRYKNIbI-noU96b6GVqdAj0hrPfgrkCSEf7P0OmBqdOtNrN4e2ofTPAzjwSB2aPIowctllZ1evC_Yj2PybvggAe04btC3OLq6yqoiyr61Wj7xJavCTrgwVZT66_MmenxrZ241B1CoI7if9tF7pXO9VXUVZ8Y6j1TEwgF6t7mTvSCpCjsuOyIKgeo03YRSqd6e0owMFzGuKzeNpu7i7keyUoJZLJ9LH4z9PLYv815wj&sai=AMfl-YTlIO2Hz37v0tbgLrSSEZTjso9aA_Vh40ODgCqp5ZpXE1KXMVFsimPTXr7o8_ggUeV6TZWYmYDQjN-5ozAUw5y3daxvzzIi6K8gi5LKyg&sig=Cg0ArKJSzOHtw23lp531EAE&urlfix=1&adurl=
Frame ID: B98A1FFA506C1AF25597359FDA266456
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZXqUxx4R189nvomYs4ilWT5k0WQWGXIYekqThvOFqo-pr8JV0ZEgxXChuuTNtdhb7wSaqhDa_amu1MOweoSjX2YNKNd4Td2JNv3jch8S33_fcW1o6RgKjLLpTGZaj32iQBeLaQ69uXjJ9eJiXi4hUBUkMqPaRThIi692kIntBhrq5AGBCIotx_WOqw4Nf2RMW7OxzCekzoE_m0cFl5PZSc5rJrYhve2N1Ogf9bHEwE-icuoCD2Hy1mR1XIj2zzy0Ejk_4ItTbtMPx&sai=AMfl-YQAX5eOVdzWo14Mwh1ieNw1M-RpB1bt3IRDB2l2uVdzPaAqxhALHD-LFVrO5dpRaslA7c3QMBBwYAqv3Ymeglj4aDQs3g5L6adG1JiJ&sig=Cg0ArKJSzDALul6UQVmNEAE&urlfix=1&adurl=
Frame ID: A6C26F4CAD0D69EE5E1403AA2A4BC79B
Requests: 2 HTTP requests in this frame

Frame: https://aufeminin.demdex.net/dest5.html?d_nsid=0
Frame ID: BC4C79EBCC07150FC7B43ABF03139D46
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Page Statistics

132
Requests

99 %
HTTPS

31 %
IPv6

37
Domains

51
Subdomains

38
IPs

10
Countries

1990 kB
Transfer

7592 kB
Size

0
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstZHAUQCNsmsk729Ce73FppNYL-Q85Abxbu2QSLPPaqCJoYJzpm6_EcBDBV2HK8YvKW3DB3FwmBlTiyCQ67XOdPTx7WoGKt8yYj-d9U2vlQnkfYtXIn4ihSnz556Gkupz8YaJ36j2lTecj5Ywr8iCBgyJzlZhehmfChy2SOWhlQfYWxBuNU8AxAPA_ZONvga5cyhzs9H-3aXCXvT2VNT1IC_JKbU1z6E86icv3FcB64AGY5Xn3Q5MLlY1o9HvuH0MG0kNzAZ4e6u_8fppM1&sai=AMfl-YTKMNkychf61VW5ZtA4EwtBSppQPUkxV4C6hIlyrU_TIRaPT9i7uZ791Be7M1aafgT6JsRJ2DW9a1T5igPlaKpZojmmoURMDxmhX7V8Uw&sig=Cg0ArKJSzAKb5KkRGYXyEAE&urlfix=1&adurl=https://www.cholesterin-neu-verstehen.de/

Search URL Search Domain Scan URL

URL: https://www.afgis.de/qualitaetslogo/aqdb/anbieter/afgisanbieter.2005-08-02.3236611942#afgisantrag.2010-06-04.8974199484
Title: <img class="d-flex" src="https://www.afgis.de/qualitaetslogo/aqdb/anbieter/afgisanbieter.2005-08-02.3236611942/afgisantrag.2010-06-04.8974199484/afgisqmodul.2017-12-08.4783573486/get_Logo?small:int=1" width="64" height="64" alt="afgis-Qualitätslogo mit Ablauf 2019/01: Mit einem Klick auf das Logo öffnet sich ein neues Bildschirmfenster mit Informationen über Gesundheitsportal Onmeda gofeminin.de GmbH und sein/ihr Internet-Angebot: www.onmeda.de"/>

Search URL Search Domain Scan URL

URL: https://www.healthonnet.org/HONcode/German/?HONConduct262255
Title: <img class="d-flex" src="https://www.honcode.ch/HONcode/Seal/HONConduct262255_s1.gif" width="43" height="60" alt="Diese Webseite ist von der Health On the Net Stiftung akkreditiert: Klicken Sie, um dies zu überprüfen" title="Diese Webseite ist von der Health On the Net Stiftung akkreditiert: Klicken Sie, um dies zu überprüfen"/>

Search URL Search Domain Scan URL

URL: https://www.facebook.com/onmeda/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/onmeda_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/onmeda_de/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.instagram.com/onmeda.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/
Title: Unternehmen & Presse

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/offene-stellen/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/werbekonzepte/
Title: Werbung

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/content-contessa/
Title: Content-Lizenzierung

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/nutzungsbasierte-online-werbung/
Title: Nutzungsbasierte Online-Werbung

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://de.ioam.de/tx.io?st=medworld&cp=Fo-1&sv=i2&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0011&i2=0011695be757d7a225debc10b&ep=1598528897&vr=415&id=sxnjyl&i3=0011695be757d7a225debc10b%3A1601997067426%3A1575731467426%3A.onmeda.de%3A1%3Amedworld%3AFo-1%3Anoevent%3A1575731467426&n1=2&dntt=0&lt=1575731467428&ev=&cs=dxsrk7&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=medworld&cp=Fo-1&sv=i2&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0011&i2=0011695be757d7a225debc10b&ep=1598528897&vr=415&id=sxnjyl&i3=0011695be757d7a225debc10b%3A1601997067426%3A1575731467426%3A.onmeda.de%3A1%3Amedworld%3AFo-1%3Anoevent%3A1575731467426&n1=2&dntt=0&lt=1575731467428&ev=&cs=dxsrk7&mo=1&sr=71

Request Chain 49

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&gjid=1748660297&_gid=696327697.1575731468&_u=IGBAgEAB~&z=1529572073 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&_v=j79&z=1529572073 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&_v=j79&z=1529572073&slf_rd=1&random=3757733206

Request Chain 51

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=182515522&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Onmeda-Foren&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Autor&ea=null&_u=aGDAAEAB~&jid=1013527214&gjid=897202099&cid=62224042.1575731468&tid=UA-32616126-1&_gid=696327697.1575731468&_r=1&gtm=2wgav9NX7FH6K&cd8=null&z=1082474801 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_gid=696327697.1575731468&gjid=897202099&_v=j79&z=1082474801 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_v=j79&z=1082474801 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_v=j79&z=1082474801&slf_rd=1&random=3936869969

Request Chain 65

https://71i.nuggad.net/rc?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade-staging_organic_forum_content&nuggrid=&ios=0 HTTP 302
https://nugmw.userreport.com/rc-ap/ba849328-6af4-433d-b50c-5df8403fe87b/71i.nuggad.net/nuggad?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade-staging_organic_forum_content&nuggrid=&ios=0

Request Chain 66

https://dsp.adfarm1.adition.com/cookie/?ssp=1 HTTP 302
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308

Request Chain 85

https://dsp.adfarm1.adition.com/cookie/?ssp=1 HTTP 302
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308

Request Chain 86

https://x.bidswitch.net/sync?ssp=yieldlab HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1cda2a5a-1c6f-4fb2-81c7-d09594cf4383&ssp=yieldlab HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=29&expires=30&user_id=1cda2a5a-1c6f-4fb2-81c7-d09594cf4383&ssp=yieldlab

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm=&google_sc=&google_tc= HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECGPkBps6uDjc75sHDfsQdc&google_cver=1

Request Chain 88

https://ad.yieldlab.net/mr?t=2&pid=5222173 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/yieldlab/ce717a75-c70e-47f1-bf59-93aa50d25825

Request Chain 89

https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID HTTP 302
https://ad.yieldlab.net/m?dt_id=140420&ext_id=8074893154703068891

Request Chain 90

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1 HTTP 302
https://ad.yieldlab.net/m?dt_id=99739&ext_id=5e24f832-0246-4458-be32-bf5607500d20

Request Chain 91

https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=abb05deb-c04a-4700-8bfc-1c2a2c5faaec HTTP 302
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=abb05deb-c04a-4700-8bfc-1c2a2c5faaec

Request Chain 92

https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=c9a2d2db-aa27-4c87-834b-adcf91baceaf

Request Chain 93

https://dsp.adfarm1.adition.com/cookie/?dmp=1&xxx=817 HTTP 302
https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6767715122356615308

Request Chain 94

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dactiveagent%26partner_uid%3D%25%25COOKIE%25%25 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6767715122356615308

Request Chain 95

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fuip.semasio.net%2Fadition%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dyl HTTP 302
https://uip.semasio.net/adition/1/info?sType=sync&sExtCookieId=6767715122356615308&sInitiator=yl HTTP 302
https://uip.semasio.net/adition/1/info2?sType=sync&sExtCookieId=6767715122356615308&sInitiator=yl

Request Chain 96

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D487201%26ext_id%3D%25%25COOKIE%25%25 HTTP 302
https://ad.yieldlab.net/m?dt_id=487201&ext_id=6767715122356615308

Request Chain 97

https://c1.adform.net/serving/cookie/match?party=6 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=6 HTTP 302
https://ad.yieldlab.net/m?dt_id=4879&ext_id=6137798777903696369

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

132 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.onmeda.de/forum/ 253 KB
34 KB 116ms
57ms Document
text/html 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmeda.de/forum/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),

Reverse DNS

www.onmeda.de

Software

Apache /

Resource Hash

e31ccacfd8cf8d7da4c473925327a930713c89e543e1f38d7bbb000586d2fef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.onmeda.de
:scheme: https
:path: /forum/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Sat, 07 Dec 2019 15:11:07 GMT
server: Apache
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'
set-cookie: bbsessionhash=97d4228e4ba3b6c41bd98fea152e08a2; path=/; domain=.onmeda.de; secure; HttpOnly bblastvisit=1575731467; path=/; domain=.onmeda.de; secure; HttpOnly bblastactivity=1575731467; path=/; domain=.onmeda.de; secure; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
content-length: 33911
content-type: text/html; charset=UTF-8

GET
H2 200 1573487329-main-cssnormalization.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ 26 KB
6 KB 36ms
34ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-main-cssnormalization.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 53ae800a03c811abef9e19dddd64988d564457e9de12fd3a914e4d9d06f09f6a

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "6650-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 5753
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 1573487329-main.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ 244 KB
41 KB 43ms
41ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-main.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 156083bfc71114b3f418142505c9a0523d9578370d690154b2b9b89031ddabc3

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "3d1c2-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 41250
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 header-rollup-555.js Show response
www.onmeda.de/forum/js/ 18 KB
7 KB 35ms
33ms Script
application/javascript 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/js/header-rollup-555.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: c29b90ffd8074da0fb7d2b3b2ce38498d98dd5a72732b62f5364df8f31c5d46d

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 08:28:34 GMT
server: Apache
etag: "4816-596d19152b080-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1209600, private
accept-ranges: bytes
content-length: 7108
expires: Sat, 21 Dec 2019 15:11:07 GMT

GET
H2 200 1573487329-postbit.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ 12 KB
3 KB 34ms
33ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-postbit.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 0d4ecda727a37e81276066117a94cf21170a060102f9e73b03fc4fcdee90bab5

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "302a-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 2908
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 1573487329-css_additional.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ 2 KB
666 B 37ms
35ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-css_additional.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 9186ef61893bf4f9655b5c73f84769f66481119c527339e2bff07aac93e5ce8a

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "6f3-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 611
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 ads.js Show response
i.onmeda.de/nav/ 6 KB
2 KB 53ms
13ms Script
application/javascript 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/ads.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: d31c364910c2a4f56f3d2e2f0165efd0c4bb1d939a80cb304dce342dcea06430

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Dec 2019 01:16:44 GMT
content-encoding: gzip
age: 395663
x-cache: Hit from cloudfront
status: 200
content-length: 1979
last-modified: Thu, 09 May 2019 11:19:14 GMT
server: Apache
etag: "19ab-588729eb71080-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: nG9B9N6vuDRlHT8aowFu7hYaf6ljIm7dRbNfsflCuSlZPEQypJp3Cg==

GET
H2 200 visitor_api_v1.6.js Show response
i.onmeda.de/nav/ 21 KB
9 KB 55ms
14ms Script
application/javascript 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/visitor_api_v1.6.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 21b6f9f75b9afad52abc2b6139f274e75b09a8ad025bd8e306cc454ba54f1db6

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Dec 2019 00:20:10 GMT
content-encoding: gzip
age: 139857
x-cache: Hit from cloudfront
status: 200
content-length: 8734
last-modified: Tue, 16 Oct 2018 08:04:28 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "533a-5785400b4fb00-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: HpB5-kduSmRQPosA17Qq7RMrkRpqiSbSliVs9cPclqYbnnFwQcCbew==

GET
H2 200 dil_v6.4.js Show response
i.onmeda.de/nav/ 36 KB
13 KB 55ms
15ms Script
application/javascript 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/dil_v6.4.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 7243dc6bcdd3c2e324fbc29c6e969e0a7504646b21045b4817556dd26fb20243

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 00:56:18 GMT
content-encoding: gzip
age: 224089
x-cache: Hit from cloudfront
status: 200
content-length: 12410
last-modified: Tue, 16 Oct 2018 08:03:59 GMT
server: Apache
etag: "9105-57853fefa79c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: mhJqW32_kd2qPzEiOAUlx3k-4w_ON_pWYMqkt0g6O8Lkhr1yy0gQhw==

GET
H2 200 onmeda.css
i.onmeda.de/nav/ 212 KB
33 KB 49ms
8ms Stylesheet
text/css 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/onmeda.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 438b62e8eb15ed39fd6230912a9ec83b25d371bf7d0e28ab2560996375f9652c

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 05:34:52 GMT
content-encoding: gzip
age: 34563
x-cache: Hit from cloudfront
status: 200
content-length: 33824
last-modified: Tue, 12 Nov 2019 15:15:09 GMT
server: Apache
etag: "351e1-59727b6be5940-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: wfmWsp6qdMbYjKb4UvuTrS_Z8p0_FoeUH7aUNFzc7MaoSLBw5UOs_A==

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 34 KB
11 KB 326ms
26ms Script
application/javascript 91.215.100.39
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script4.ioam.de
Software: nginx / BLACKBIRD-SRC v0.10 0011
Resource Hash: d5b78ab32de97034c5ff6160ce2edbe4e2052e6b665846cfa3156fbd7472f10f

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Dec 2019 15:11:07 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.10 0011
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Sat, 07 Dec 2019 17:11:07 GMT

GET
H2 200 default_avatar_thumb.png
www.onmeda.de/forum/core/images/default/ 976 B
1 KB 41ms
40ms Image
image/png 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/images/default/default_avatar_thumb.png
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: d2d4e851d6f61bb2adbc10d777db617fa0882b0414e5f8ecce5d1fccbe6d244b

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 08:28:33 GMT
server: Apache
etag: "3d0-596d191436e40-gzip"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600, public
accept-ranges: bytes
content-length: 964
expires: Sat, 21 Dec 2019 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 58ms
57ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=76&thumb=1&dateline=1379437564
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: c6c98bb33d21c737d6ee19c3dbf23055dbb50cebee32e808af49a7aaeff4fd18

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1379437564-76-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar76_2.jpeg
content-length: 1622
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 62ms
62ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=71&thumb=1&dateline=1469003019
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: c392522a2462bab82c0a7c3b5cd2de7493945bcaa62a08fce95e03bca62acfd7

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1469003019-71-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar71_2.jpeg
content-length: 1589
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 47ms
47ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=9171&thumb=1&dateline=1537188840
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: ea093d5d236a3668c9a94b179e3d40055f310d9411e33304219700f373587816

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1537188840-9171-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar9171_2.jpeg
content-length: 2230
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 1 KB
1 KB 50ms
49ms Image
image/gif 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=92&thumb=1&dateline=1379505402
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: be1053c98883cfda957be58a4bec5df0d3ea1c4d4074a73591841f4d8e005147

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1379505402-92-gzip"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar92_2.gif
content-length: 1291
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 61ms
60ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=88&thumb=1&dateline=1471269846
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 5a1c1e2e178bcbdcb21d84f40ee31ec81d0f2fd8167c4bc8d2baa025a41d533b

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1471269846-88-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar88_2.jpeg
content-length: 2280
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 70ms
70ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=80&thumb=1&dateline=1466170640
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: e997f8f9139dbc927bc207ea8a0ba368d793b2e261f8d71b9880d9ad741e5c21

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1466170640-80-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar80_2.jpeg
content-length: 2010
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 3 KB
3 KB 64ms
64ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=208155&thumb=1&dateline=1523010545
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: b1a7dbf8c72ff70cdfbca9c53d2a8580730f382836d18da12d8a801f7c7f47c7

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1523010545-208155-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar208155_0.jpeg
content-length: 2973
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 3 KB
3 KB 68ms
68ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=93743&thumb=1&dateline=1465483733
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 715ed7fc2a8fbf7bc53e08ce7362e3228e488847a94607a67368e78ffa4ee258

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1465483733-93743-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar93743_0.jpeg
content-length: 2703
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 58ms
56ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=29&thumb=1&dateline=1485187260
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 3a3bf2b611dc6399dd7797033cbb8cf88499c772540715b1d9f8da3f597b789b

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1485187260-29-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar29_0.jpeg
content-length: 1471
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 57ms
55ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=36898&thumb=1&dateline=1465385311
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: c11e32c9cd4db85c1bc87d1bba0871a0572bf6a397abe9918ada77978e2da318

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1465385311-36898-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar36898_2.jpeg
content-length: 2119
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 57ms
55ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=78&thumb=1&dateline=1380620978
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: f11a6eadb09938b06740a6fc1892c2af56d72218c937a4d4d7ade7b2da7eaa46

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1380620978-78-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar78_2.jpeg
content-length: 1555
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 57ms
56ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=252574&thumb=1&dateline=1532090889
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 69c25b7926b8ef1bbcb58e2474271f76aecb1bfbf42071e89896bf7ae9d49037

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1532090889-252574-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar252574_0.jpeg
content-length: 1659
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 default_avatar_medium.png
www.onmeda.de/forum/core/images/default/ 2 KB
2 KB 50ms
48ms Image
image/png 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/images/default/default_avatar_medium.png
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 20f72d711a9fa45790128ad75317ebaaf79c8c5d7031d85ae0d137416295faba

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 08:28:33 GMT
server: Apache
etag: "822-596d191436e40-gzip"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600, public
accept-ranges: bytes
content-length: 2105
expires: Sat, 21 Dec 2019 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
1 KB 58ms
56ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=29&dateline=1485187260
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 3a3bf2b611dc6399dd7797033cbb8cf88499c772540715b1d9f8da3f597b789b

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1485187260-29-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar29_0.jpeg
content-length: 1471
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 3 KB
3 KB 58ms
56ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=26725&dateline=1391282945
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: c92a1fe17d5c643abf757bf1222cbeb438bad946c83f23a2957f719eb422efbb

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1391282945-26725-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar26725_2.jpeg
content-length: 2697
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 image.php
www.onmeda.de/forum/core/ 2 KB
2 KB 58ms
57ms Image
image/jpeg 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/core/image.php?userid=76&dateline=1379437564
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 293c7ee2201ff94fe316e7c082b16c57fb217ee1b73d4e5a92f63e7ba2a8587e

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
server: Apache
etag: "1379437564-76-gzip"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename=avatar76_2.jpeg
content-length: 2018
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 afgis.png
i.onmeda.de/nav/ 7 KB
8 KB 8ms
6ms Image
image/png 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/nav/afgis.png
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 59bd9554f6e56d52888f776649f6dc86cc5ce3ea7ed96789b0908d6eec02b8d5

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Dec 2019 00:51:40 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Thu, 29 Nov 2018 11:56:01 GMT
server: Apache/2.4.29 (Ubuntu)
age: 137967
etag: "1dbc-57bcc5dcfd640"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7612
x-amz-cf-id: tklT4g9HpevJxd2ILKvKRToJDX5GTGnal-aaNpYbUWe66bkTnF6sFQ==

GET
H2 200 HONConduct262255_s.gif
www.honcode.ch/HONcode/Seal/ 2 KB
2 KB 98ms
31ms Image
image/gif 195.70.1.181
DFINET Geneva

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.honcode.ch/HONcode/Seal/HONConduct262255_s.gif
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.70.1.181 , Switzerland, ASN12333 (DFINET Geneva, Switzerland, CH),
Reverse DNS: 181.1.70.195.rev.dfinet.net
Software: nginx /
Resource Hash: d094dd35621b1528eb3847231a675903cc626fa9474d6bb13cf87ee0cd708939

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
last-modified: Sat, 02 Mar 2019 22:47:15 GMT
server: nginx
etag: "5c7b07f3-8c4"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 2244

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 15:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1382842
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 15:03:45 GMT

GET
H2 200 footer-rollup-555.js Show response
www.onmeda.de/forum/js/ 625 KB
159 KB 48ms
48ms Script
application/javascript 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/js/footer-rollup-555.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: a3e0bc6c6f49fdd6c2ffbc01c1535e29e6f17ae55e7ab0c9ba760320fa2d2801

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 12:51:50 GMT
server: Apache
etag: "9c3d3-59711985ca580-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1209600, private
accept-ranges: bytes
expires: Sat, 21 Dec 2019 15:11:07 GMT

GET
H2 200 onmeda-forum-min.js Show response
i.onmeda.de/nav/ 152 KB
41 KB 7ms
7ms Script
application/javascript 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/onmeda-forum-min.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: dbe35ab244bf2a9c28cde1529db62bd560222ead30f7310bafb6a96016b884cf

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Dec 2019 10:42:38 GMT
content-encoding: gzip
age: 102509
x-cache: Hit from cloudfront
status: 200
content-length: 42017
last-modified: Fri, 29 Nov 2019 10:42:33 GMT
server: Apache
etag: "261f5-59879e326f840-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: IYovNGLUUImmnsYTwKC_tuwwy97yBOIvroZrs8l9hCdtQWyXLwBNiA==

GET
H/1.1 200
OK loader.debug.js Show response
ad.71i.de/somtag/loader/ 4 MB
789 KB 604ms
47ms Script
application/x-javascript 72.247.224.239
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.71i.de/somtag/loader/loader.debug.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.239 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1189c79d038ae52072530179c2ace528e8e527d5e93a2d319e4996870c5563af

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2019 10:39:39 GMT
Server: Apache
ETag: "3a58d9-598f28bdd60bc"
Vary: Accept-Encoding
P3P: policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1110
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 807239
Expires: Sat, 07 Dec 2019 15:29:38 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 141ms
41ms XHR
application/json 54.77.236.71
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=44326DF2572396FB7F000101%40AdobeOrg&d_nsid=0&ts=1575731467179

Requested by

Host: i.onmeda.de
URL: https://i.onmeda.de/nav/visitor_api_v1.6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.236.71 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-77-236-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e47f442d91b64075698838acae446400516824e015ed9b144b0b5fb136629e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v055-017bb8fc0.edge-irl1.demdex.com 5.64.1.20191128093837 6ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: l87DaIkFQ1A=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.onmeda.de
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1621
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2250
date: Sat, 07 Dec 2019 14:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 07 Dec 2019 16:33:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
27 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NX7FH6K

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e2ab455a05f1e1c22d6f0c38cb6e15464e035c1d01f727683c01ddb32a971c0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27387
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:07 GMT

GET
H2 200 identitystatus Show response
irqs.ioam.de/ 25 B
205 B 77ms
23ms XHR
application/vnd.api+json 193.46.63.75
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://irqs.ioam.de/identitystatus?offerIdentifier=medworld&siteIdentifier=Fo-1&sampleType=in&pixelType=CP&isFadeoutFlash=true&isFadeoutFrame=true&isFadeoutForm=true&positionTop=10&positionLeft=100&zIndex=1100000&c=0.4850789081453477

Requested by

Host: script.ioam.de
URL: https://script.ioam.de/iam.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.46.63.75 Alfter, Germany, ASN43407 (INFONLINE-AS, NL),

Reverse DNS

irqs.ioam.de

Software

nginx /

Resource Hash

9efa53ec1a261a8576a66a71befaf9d03c1a108aac36271f4599b87597b8a71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
server: nginx
status: 200
vary: Origin
content-type: application/vnd.api+json
access-control-allow-origin: https://www.onmeda.de
access-control-allow-credentials: true
strict-transport-security: max-age=15768000

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=medworld&cp=Fo-1&sv=i2&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0011&i2=0011695be757d7a225debc10b&ep=159...
https://de.ioam.de/tx.io?st=medworld&cp=Fo-1&sv=i2&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0011&i2=0011695be757d7a225debc10b&ep=159...

0
694 B

29ms
29ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=medworld&cp=Fo-1&sv=i2&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0011&i2=0011695be757d7a225debc10b&ep=1598528897&vr=415&id=sxnjyl&i3=0011695be757d7a225debc10b%3A1601997067426%3A1575731467426%3A.onmeda.de%3A1%3Amedworld%3AFo-1%3Anoevent%3A1575731467426&n1=2&dntt=0&lt=1575731467428&ev=&cs=dxsrk7&mo=1&sr=71
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.05.0 002a
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:08 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.05.0 002a
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Sat, 07 Dec 2019 15:11:08 GMT
X-Powered-By: BLACKBIRD-RCV v1.05.0 002a
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Sat, 07 Dec 2019 15:11:08 GMT
Server: nginx
Location: /tx.io?st=medworld&cp=Fo-1&sv=i2&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0011&i2=0011695be757d7a225debc10b&ep=1598528897&vr=415&id=sxnjyl&i3=0011695be757d7a225debc10b%3A1601997067426%3A1575731467426%3A.onmeda.de%3A1%3Amedworld%3AFo-1%3Anoevent%3A1575731467426&n1=2&dntt=0&lt=1575731467428&ev=&cs=dxsrk7&mo=1&sr=71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Fri, 07 Dec 2018 15:11:08 GMT

GET
H2 200 login-form Show response
www.onmeda.de/forum/auth/ Frame 4558 4 KB
2 KB 57ms
57ms Document
text/html 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmeda.de/forum/auth/login-form

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),

Reverse DNS

www.onmeda.de

Software

Apache /

Resource Hash

aff729cc50281f24e5b736d4a4a696a89cf129b73af5156b74755d3be6f73f12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.onmeda.de
:scheme: https
:path: /forum/auth/login-form
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: nested-navigate
referer: https://www.onmeda.de/forum/
accept-encoding: gzip, deflate, br
cookie: bbsessionhash=97d4228e4ba3b6c41bd98fea152e08a2; bblastvisit=1575731467; bblastactivity=1575731467; AMCVS_44326DF2572396FB7F000101%40AdobeOrg=1; AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C18238%7CMCMID%7C20576884824983243842158219648702269703%7CMCAAMLH-1576336267%7C6%7CMCAAMB-1576336267%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1575738667s%7CNONE%7CMCAID%7CNONE; ioam2018=0011695be757d7a225debc10b:1601997067426:1575731467426:.onmeda.de:2:medworld:Fo-1:noevent:1575731467426:37iy8; POPUPCHECK=1575817867427
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/

Response headers

status: 200
date: Sat, 07 Dec 2019 15:11:07 GMT
server: Apache
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'
x-robots-tag: noindex, nofollow
set-cookie: bblastactivity=1575731467; path=/; domain=.onmeda.de; secure; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
content-length: 1447
content-type: text/html; charset=UTF-8

GET
H2 200 logo-de-noclaim.svg
i.onmeda.de/nav/ 4 KB
2 KB 7ms
6ms Image
image/svg+xml 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/nav/logo-de-noclaim.svg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 82ea74bb791f425559fd747275a3fa38ca27de17ab2e1a658b29b5ee7fed591a

Request headers

Referer: https://i.onmeda.de/nav/onmeda.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Dec 2019 00:47:55 GMT
content-encoding: gzip
age: 138192
x-cache: Hit from cloudfront
status: 200
content-length: 1747
last-modified: Fri, 16 Mar 2018 13:22:24 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "f6a-567877faf6400-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 81kDkzVgcYKmvhGL73X4thlEdQwZGa6HLoTYN99073hWYTL4hazmVg==

GET
H2 200 sprite_gradients_vb.png
www.onmeda.de/forum/images/css/ 922 B
1 KB 47ms
47ms Image
image/png 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/images/css/sprite_gradients_vb.png
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: e61ec675dbc1fa4cc8e27ff78aaa9cbe267ab71026ba41d8a0eb36991498fb17

Request headers

Referer: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 08:26:57 GMT
server: Apache
etag: "39a-596d18b8a9640-gzip"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600, public
accept-ranges: bytes
content-length: 945
expires: Sat, 21 Dec 2019 15:11:07 GMT

GET
H2 200 onmeda-icon-font.woff
i.onmeda.de/nav/ 9 KB
9 KB 24ms
7ms Font
application/font-woff 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/onmeda-icon-font.woff
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 343c2438d8dc8d19d126ae7eb501b1bcb1aa54b0c8c7dd25475a203cfe8961c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://i.onmeda.de/nav/onmeda.css
Origin: https://www.onmeda.de

Response headers

date: Tue, 03 Dec 2019 01:16:44 GMT
content-encoding: gzip
age: 395663
x-cache: Hit from cloudfront
status: 200
content-length: 8748
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2019 09:11:14 GMT
server: Apache
etag: "222c-58a8ffaaab080-gzip"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: sU8R29GfXmlURBbqVgFIbJAIYT5mnmVXKxymbrVPf1W2BoD95XFIkw==

GET
H2 200 sprite_icons_vb_ltr.png
www.onmeda.de/forum/images/css/ 37 KB
36 KB 35ms
34ms Image
image/png 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmeda.de/forum/images/css/sprite_icons_vb_ltr.png
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 60fdd101d180b6e3126a85b0c6ea4c2fb1ff85eb752ddafb17e391458e883016

Request headers

Referer: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 08:26:57 GMT
server: Apache
etag: "94b5-596d18b8a9640-gzip"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600, public
accept-ranges: bytes
content-length: 36778
expires: Sat, 21 Dec 2019 15:11:07 GMT

GET
H2 200 texgyreadventor-regular-webfont.woff
i.onmeda.de/nav/ 24 KB
24 KB 8ms
8ms Font
application/font-woff 2600:9000:20eb:4200:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/texgyreadventor-regular-webfont.woff
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4200:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: f3eedf80f3052829cda1c34719886ac29030a9801bda53b23df6a2d293c7bcf3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://i.onmeda.de/nav/onmeda.css
Origin: https://www.onmeda.de

Response headers

date: Tue, 03 Dec 2019 00:35:11 GMT
content-encoding: gzip
age: 398156
x-cache: Hit from cloudfront
status: 200
content-length: 24242
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 09:22:30 GMT
server: Apache
etag: "5f24-567e8baf14180-gzip"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: cXRuHx4jn-XELJ5ZVFW1K2A-N0KtIs1DDCrZdGy6oUXGGSw9y458ag==

GET
H2 200 log.js Show response
u.heatmap.it/ 26 KB
10 KB 66ms
23ms Script
application/x-javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/log.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: efcfad245934d067687f3b6e0f0a3601477fe92bc4f1738188a57dc51b0ae267

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:04:36 GMT
content-encoding: br
last-modified: Fri, 08 Nov 2019 09:05:02 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: W/"5dc52fbe-6804"
x-cacheable: Matched cache
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
status: 200
cache-control: max-age=2592000
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 10193
x-request-id: 47448066
expires: Thu, 05 Dec 2019 10:04:36 GMT

POST
H2 200 fetchValues Show response
www.onmeda.de/forum/ajax/api/options/ 346 B
407 B 55ms
55ms XHR
application/json 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 7090e72d3f1ddccdc2921ed16e1c8daa9ef9cbbe5ec61ec2f62707ab8f3ed946

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Sat, 07 Dec 2019 15:11:07 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
cache-control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
content-length: 198
expires: Sat, 1 Jan 2000 01:00:00 GMT

POST
H2 200 fetchValues Show response
www.onmeda.de/forum/ajax/api/options/ 19 B
126 B 55ms
54ms XHR
application/json 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 5167d983ce3208a3ed2d17298bb5758ffe7d6e4664083e2d2e44ed3bb2debe96

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Sat, 07 Dec 2019 15:11:07 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
cache-control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
content-length: 39
expires: Sat, 1 Jan 2000 01:00:00 GMT

POST
H2 200 fetchValues Show response
www.onmeda.de/forum/ajax/api/options/ 19 B
126 B 41ms
41ms XHR
application/json 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 5167d983ce3208a3ed2d17298bb5758ffe7d6e4664083e2d2e44ed3bb2debe96

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Sat, 07 Dec 2019 15:11:07 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
cache-control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
content-length: 39
expires: Sat, 1 Jan 2000 01:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=182515522&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Onmeda-Foren&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IGBAgEAB~&jid=1204967889&gjid=1748660297&cid=62224042.1575731468&tid=UA-32616126-1&_gid=696327697.1575731468&cd1=Forum%3BFID%3D1F&cd2=FID%3D1F&cd3=amp%3D0&cd4=forum&cd5=Forum&cd6=section__forum_&cd7=&z=96941056

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 01:12:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1519146
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&gjid=1748660297&_gid=696327697.1575731468&_u=IGBAgEAB~&z=1529572073
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&_v=j79&z=1529572073
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&_v=j79&z=1529572073&slf_rd=1&random=3757733206

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&_v=j79&z=1529572073&slf_rd=1&random=3757733206

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1204967889&_v=j79&z=1529572073&slf_rd=1&random=3757733206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 fetchValues Show response
www.onmeda.de/forum/ajax/api/options/ 13 B
120 B 51ms
51ms XHR
application/json 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 57b34d094c8609cb7d241ec02e482a4327101964ac2d043201ba209ec19b4445

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Sat, 07 Dec 2019 15:11:07 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
cache-control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
content-length: 33
expires: Sat, 1 Jan 2000 01:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=182515522&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Onmeda-Foren&sd=24-bit&sr=1600x12...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_gid=696327697.1575731468&gjid=897202099&_v=j79&z=1082474801
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_v=j79&z=1082474801
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_v=j79&z=1082474801&slf_rd=1&random=3936869969

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_v=j79&z=1082474801&slf_rd=1&random=3936869969

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=62224042.1575731468&jid=1013527214&_v=j79&z=1082474801&slf_rd=1&random=3936869969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.onmeda.de.js Show response
u.heatmap.it/conf/ 1 KB
719 B 41ms
41ms Script
text/javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/conf/www.onmeda.de.js
Requested by: Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: f4f47ff6cc8be9945d3f9d74b15fd1ad4117d426a50737a092e8f8b9a810aa98

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: br
x-cacheable: Cacheable
x-cdn-pop-ip: 51.254.41.128/26
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=60
x-cdn-pop: rbx1
accept-ranges: bytes
x-request-id: 525666655
expires: Sat, 07 Dec 2019 15:16:08 GMT

GET
H2 200 1573487329-main-cssnormalization.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ Frame 4558 26 KB
6 KB 31ms
30ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-main-cssnormalization.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/auth/login-form
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 53ae800a03c811abef9e19dddd64988d564457e9de12fd3a914e4d9d06f09f6a

Request headers

Referer: https://www.onmeda.de/forum/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "6650-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 5753
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 1573487329-main.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ Frame 4558 244 KB
41 KB 36ms
35ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-main.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/auth/login-form
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 156083bfc71114b3f418142505c9a0523d9578370d690154b2b9b89031ddabc3

Request headers

Referer: https://www.onmeda.de/forum/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "3d1c2-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 41250
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 1573487329-css_login.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ Frame 4558 1 KB
652 B 30ms
29ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-css_login.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/auth/login-form
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: a6cfee8c9eb10fd231a4a295e56763a15c5839273c13a47c909443e3f992b4fc

Request headers

Referer: https://www.onmeda.de/forum/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "56e-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 596
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 1573487329-css_additional.css
www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/ Frame 4558 2 KB
666 B 29ms
29ms Stylesheet
text/css 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/core/clientscript/vbulletin_css/style00102l/1573487329-css_additional.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/auth/login-form
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 9186ef61893bf4f9655b5c73f84769f66481119c527339e2bff07aac93e5ce8a

Request headers

Referer: https://www.onmeda.de/forum/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:48:58 GMT
server: Apache
etag: "6f3-5971411d70e80-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 611
expires: Sun, 06 Dec 2020 15:11:07 GMT

GET
H2 200 login_md5.js Show response
www.onmeda.de/forum/js/ Frame 4558 5 KB
2 KB 30ms
29ms Script
application/javascript 78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/forum/js/login_md5.js?v=555
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/auth/login-form
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 548819da190b08c330048cbe2b18c05d966247290a236d4f52199c40cf38a856

Request headers

Referer: https://www.onmeda.de/forum/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 08:28:34 GMT
server: Apache
etag: "1558-596d19152b080-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1209600, private
accept-ranges: bytes
content-length: 2010
expires: Sat, 21 Dec 2019 15:11:07 GMT

GET
H/1.1 204
No Content pv
eu6.heatmap.it/log/ 0
212 B 128ms
22ms Image
image/gif 149.202.74.47
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu6.heatmap.it/log/pv?pid=19&u=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F%23desktop&tpl=.&pt=Home%20-%20Onmeda-Foren&t=85655
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.202.74.47 , France, ASN16276 (OVH, FR),
Reverse DNS: eu6.heatmap.it
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:08 GMT
Cache-Control: no-cache
Expires: Sat, 07 Dec 2019 15:11:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
H/1.1 200
OK default.js Show response
ad.71i.de/somtag/config/onmedade-staging/ 8 KB
2 KB 28ms
28ms Script
application/x-javascript 72.247.224.239
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.71i.de/somtag/config/onmedade-staging/default.js
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.239 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5ab0376964f6a5af89c4a98c537048e71e6c30fe29f54bcf7e181fa6e8c4a6ab

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Dec 2019 16:12:01 GMT
Server: Apache
ETag: "1ea0-5990b4e55eb65"
Vary: Accept-Encoding
P3P: policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin: *
Cache-Control: max-age=3117
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 1818
Expires: Sat, 07 Dec 2019 16:03:05 GMT

GET
H/1.1 200
OK default.css
ad.71i.de/somtag/config/onmedade-staging/ 2 KB
1007 B 26ms
26ms Stylesheet
text/css 72.247.224.239
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.71i.de/somtag/config/onmedade-staging/default.css
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.239 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 98f857ece56fc82fd1cd36605bdda34e6756bde229df236de008183f98807199

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Oct 2019 11:26:36 GMT
Server: Apache
ETag: "810-595f6c5ce5920"
Vary: Accept-Encoding
P3P: policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin: *
Cache-Control: max-age=3118
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 518
Expires: Sat, 07 Dec 2019 16:03:06 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b508fabbaa58cf12252dff60303bc9982ab57891b86f63fa5059f40f305fba93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "359 / 384 of 1000 / last-modified: 1575663769"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15827
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:08 GMT

GET
H2 200 launcher.js Show response
sak.userreport.com/71i/ 40 KB
13 KB 346ms
39ms Script
application/javascript 13.225.78.6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sak.userreport.com/71i/launcher.js
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08342df56f5f718245c2a6f71716fe6cb37d36f4ef5223362c15f35c5d7d8556

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: YPJt2pyXFCdlbkTI0KQ1r59kVVasU08J
content-encoding: gzip
last-modified: Mon, 18 Nov 2019 09:39:03 GMT
server: AmazonS3
age: 143
date: Sat, 07 Dec 2019 15:08:46 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: IKkreL5X2MWORExv0-6xpcIyxyC_9PClZCT22n6lysxX9XjhAomJ9A==
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)

GET
H/1.1 200
OK prebid.js Show response
ad.71i.de/somtag/prebid/ 191 KB
61 KB 52ms
31ms Script
application/x-javascript 72.247.224.239
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.71i.de/somtag/prebid/prebid.js
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.239 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 12a7eac08be278a985f79a9efd151f79985beb0383b6c3342222c685ccf84e5d

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2019 09:09:36 GMT
Server: Apache
ETag: "2fb32-58e416f6b0f67"
Vary: Accept-Encoding
P3P: policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin: *
Cache-Control: max-age=2393
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 61963
Expires: Sat, 07 Dec 2019 15:51:01 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 88 KB
26 KB 95ms
40ms Script
application/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 1412d7245072504d1975da264074e475485b5bab1edab58938a536542a4f3dd5

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Dec 2019 21:22:56 GMT
content-encoding: gzip
server: Server
age: 64092
etag: f95fda3d4fe6103808d969fc52fa66db
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: PXGNOJeZte1wA_vtGsQq7TxlHZlTvJAUoqVC7c8UmuulIAVEQHskyQ==
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)

GET
H2

200

nuggad Show response
nugmw.userreport.com/rc-ap/ba849328-6af4-433d-b50c-5df8403fe87b/71i.nuggad.net/
Redirect Chain

https://71i.nuggad.net/rc?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade-staging_organic_forum_content&nuggrid=&ios=0
https://nugmw.userreport.com/rc-ap/ba849328-6af4-433d-b50c-5df8403fe87b/71i.nuggad.net/nuggad?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade-staging_organic_forum_content&nuggrid=&ios=0

233 B
695 B

47ms
31ms

Script
text/javascript

2600:9000:20eb:f800:1f:a1b:34c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nugmw.userreport.com/rc-ap/ba849328-6af4-433d-b50c-5df8403fe87b/71i.nuggad.net/nuggad?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade-staging_organic_forum_content&nuggrid=&ios=0
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:f800:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 31c968410517169576e44de1435745d7fd6889a99d618dea011be9a9539d2a2a

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:08 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: FRA2-C1
access-control-allow-methods: get, post, options
content-type: text/javascript
status: 200
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 233
x-amz-cf-id: hfM9ECwfZfyF01dSHOfn3tdxrVp2a6GRTCJ8MlkaaLeecGhn0NLvSA==

Redirect headers

date: Sat, 07 Dec 2019 15:11:08 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: FRA2-C1
location: https://nugmw.userreport.com/rc-ap/ba849328-6af4-433d-b50c-5df8403fe87b/71i.nuggad.net/nuggad?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade-staging_organic_forum_content&nuggrid=&ios=0
access-control-allow-methods: get, post, options
status: 302
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 0
x-amz-cf-id: ZdxkBaRtfBlAOyITrdnavjPzEVV1c-C0ZOd391H26vaoOWaisUXDGQ==

GET
H/1.1

204
No Content

m
ad.yieldlab.net/
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=1
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308

0
495 B

1234ms
127ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:09 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308
Date: Sat, 07 Dec 2019 15:11:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 learn
de-gmtdmp.mookie1.com/t/v2/ 43 B
580 B 56ms
23ms Image
image/gif 35.186.238.175
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_343&src.rand=1575731468268&src.id=SOM
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.238.175 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:08 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmeda.de

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmeda.de

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019112101.js Show response
securepubads.g.doubleclick.net/gpt/ 165 KB
61 KB 1109ms
54ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

a11f15f06bef7b933daafe155e1983cb8d4e2ba1615bda99d83330905d72af5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Nov 2019 14:10:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:09 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
143 B 352ms
33ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.24.0&cb=69127023929
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 07 Dec 2019 15:11:08 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.onmeda.de
timing-allow-origin: *
vary: Origin

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H/1.1 200
OK 7526572,7526644,7526012,7526627,7526293,7526019 Show response
probe.yieldlab.net/yp/ 2 B
761 B 1162ms
64ms Fetch
application/json 104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://probe.yieldlab.net/yp/7526572,7526644,7526012,7526627,7526293,7526019?t=d17%3D1%26i41%3D1%26d10%3D5%26d15%3D2%26n8%3D0%26i46%3D1%26i44%3D1%26i53%3D1%26i3%3D1%26i13%3D1%26d4%3D0%26d8%3D1%26i15%3D1%26d9%3D4%26i18%3D1%26i50%3D1%26d12%3D1%26d1%3D2%26n3%3D0%26i9%3D1%26n5%3D0%26d3%3D2%26i52%3D1%26d20%3D0%26d16%3D1%26n9%3D0&pvid=1&ts=1575731468449&json=true
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-103-89-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: de-DE
Access-Control-Allow-Origin: https://www.onmeda.de
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 28
Expires: Fri, 06 Dec 2019 15:11:09 GMT

GET
H/1.1 200
OK 7548568 Show response
probe.yieldlab.net/yp/ 2 B
761 B 1203ms
105ms Fetch
application/json 104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://probe.yieldlab.net/yp/7548568?t=d17%3D1%26i41%3D1%26d10%3D5%26d15%3D2%26n8%3D0%26i46%3D1%26i44%3D1%26i53%3D1%26i3%3D1%26i13%3D1%26d4%3D0%26d8%3D1%26i15%3D1%26d9%3D4%26i18%3D1%26i50%3D1%26d12%3D1%26d1%3D2%26n3%3D0%26i9%3D1%26n5%3D0%26d3%3D2%26i52%3D1%26d20%3D0%26d16%3D1%26n9%3D0&pvid=1&ts=1575731468449&json=true
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-103-89-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: de-DE
Access-Control-Allow-Origin: https://www.onmeda.de
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 28
Expires: Fri, 06 Dec 2019 15:11:09 GMT

GET
H/1.1 200
OK 2x2 Show response
ad.yieldlab.net/d/724079/6629/ Frame 8B34 2 KB
1 KB 1140ms
66ms Script
text/javascript 104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/d/724079/6629/2x2?&ts=1575731468452
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-103-89-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45b6de65fc34aa42a2bec0694dcf13b901e3f0e82b520b4dde96d1235ee0d017

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Language: de-DE
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 697
Expires: Fri, 06 Dec 2019 15:11:09 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 3135ms
48ms XHR
application/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

date: Sat, 07 Dec 2019 13:48:28 GMT
content-encoding: gzip
vary: Origin
age: 4964
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 01 Nov 2019 13:46:13 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VzmSV1d5L9xeUzusqAkmjtVhnqaT0LB0-YtUCnLILjbZSMUxIVTbJA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 71ms
71ms XHR
text/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3287&u=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F&pid=e8F4fE8bYg1xg&cb=0&ws=1600x1200&v=7.44.02&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Forganic%2Fforum%2Ffullbanner2%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Forganic%2Fforum%2Frectangle1%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Forganic%2Fforum%2Fskyscraper1%22%7D%5D&cfgv=0&gdprl=%7B%22cmpTimeout%22%3A200%2C%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

date: Sat, 07 Dec 2019 15:11:08 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.onmeda.de
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: R4PIMsFrOlfTM3uOMY5938LkVjgh3TtjJIVeRBcZSDl3VJ0D2IeYMg==

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 111ms
46ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 14:27:52 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5dc186e8-a744"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 08 Dec 2019 15:11:09 GMT

OPTIONS
H2 204 error-tracking Show response
staging.cerberus.sqrt-5041.de/somtag/logs/ 0
185 B 1121ms
27ms Fetch 35.158.68.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.cerberus.sqrt-5041.de/somtag/logs/error-tracking
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.68.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-158-68-53.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.onmeda.de
Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

status: 204
date: Sat, 07 Dec 2019 15:11:10 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
x-powered-by: Express
vary: Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 363ms
362ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2727619822434185&correlator=2734684576791159&output=ldjh&impl=fifs&adsid=NT&eid=21065270%2C21065272&vrg=2019112101&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191207&iu_parts=5731%2CDE_ONMEDA_de%2Corganic%2Cforum&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C728x180%7C800x250%7C970x250%7C940x250%7C1145x250&prev_scp=v4%3D0%26c7%3D0%26d17%3D1%26i41%3D1%26d23%3D1%26d10%3D5%26d15%3D2%26n8%3D0%26c20%3D1%26c5%3D1%26i46%3D1%26i44%3D1%26d21%3D1%26i53%3D1%26i3%3D1%26i14%3D1%26i13%3D1%26c3%3D0%26d4%3D0%26v3%3D3%26c8%3D0%26d8%3D1%26i15%3D1%26d9%3D4%26c2%3D0%26i18%3D1%26i50%3D1%26c4%3D0%26d12%3D1%26d1%3D2%26n3%3D0%26i9%3D1%26n5%3D0%26d3%3D2%26i52%3D1%26d20%3D0%26c6%3D1%26d16%3D1%26d2%3D2%26n9%3D0%26somtag%3D1%26xx%3Dfb2%2Csub%2Cpb%2Cbb%2Cbb800%2Cbb970%2Cbb940%2Cbb1145%26site%3Donmeda_de%26category%3Dother%26format%3Dorganic%26device%3Ddesktop%26slot%3Dfullbanner2%26fv%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26targetingLog%3DtargetingLogMode_cache%252Cd15_2%252Cd1_2%26zz%3D728x90%2C728x180%2C800x250%2C970x250%2C940x250%2C1145x250%26idf%3Donmeda%26kw%3Dtop_forum_t%2Curlname_%2CForum_fid_1F&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1575731469&dt=1575731469559&dlt=1575731467091&idt=2446&frm=20&biw=1585&bih=1200&oid=3&adxs=208&adys=214&adks=1738775804&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F&dssz=35&icsg=137489287820&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x110&msz=970x90&ga_vid=62224042.1575731468&ga_sid=1575731470&ga_hid=182515522&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

2b61f9c8962c6854e88cb1c9318b3c6b45f8f0572d80799e39756653189ab05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2742
x-xss-protection: 0
google-lineitem-id: 89368701
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138262235173
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmeda.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019112101.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
25 KB 55ms
54ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

a7f95ab25f7a6773bc9d4564f082b02255224493f5f51a00f78e2205d7fea1b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Nov 2019 14:10:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25136
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:09 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
9 KB 225ms
225ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2727619822434185&correlator=328584933641680&output=ldjh&impl=fifs&adsid=NT&eid=21065270%2C21065272&vrg=2019112101&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191207&iu_parts=5731%2CDE_ONMEDA_de%2Corganic%2Cforum&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C200x600%7C300x600&prev_scp=v4%3D0%26c7%3D0%26d17%3D1%26i41%3D1%26d23%3D1%26d10%3D5%26d15%3D2%26n8%3D0%26c20%3D1%26c5%3D1%26i46%3D1%26i44%3D1%26d21%3D1%26i53%3D1%26i3%3D1%26i14%3D1%26i13%3D1%26c3%3D0%26d4%3D0%26v3%3D3%26c8%3D0%26d8%3D1%26i15%3D1%26d9%3D4%26c2%3D0%26i18%3D1%26i50%3D1%26c4%3D0%26d12%3D1%26d1%3D2%26n3%3D0%26i9%3D1%26n5%3D0%26d3%3D2%26i52%3D1%26d20%3D0%26c6%3D1%26d16%3D1%26d2%3D2%26n9%3D0%26somtag%3D1%26xx%3Dscs%2Csc1%2Cws%2Cews%2Csb%26site%3Donmeda_de%26category%3Dother%26format%3Dorganic%26device%3Ddesktop%26slot%3Dskyscraper1%26fv%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26targetingLog%3DtargetingLogMode_cache%252Cd15_2%252Cd1_2%26zz%3D120x600%2C160x600%2C200x600%2C300x600%26idf%3Donmeda%26kw%3Dtop_forum_t%2Curlname_%2CForum_fid_1F&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1575731469&dt=1575731469574&dlt=1575731467091&idt=2446&frm=20&biw=1585&bih=1200&oid=3&adxs=1188&adys=186&adks=3147547619&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F&dssz=36&icsg=563087442709132&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=120x600&msz=120x600&ga_vid=62224042.1575731468&ga_sid=1575731470&ga_hid=182515522&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

bcb705c93a9db3829b59c0d31443c7fcf2330ae8731bdb4f22d81ba2fdb500bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9066
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmeda.de
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=1
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308

0
495 B

128ms
65ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:09 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=15233&ext_id=6767715122356615308
Date: Sat, 07 Dec 2019 15:11:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 8B34
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldlab
https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1cda2a5a-1c6f-4fb2-81c7-d09594cf4383&ssp=yieldlab
https://x.bidswitch.net/ul_cb/sync?dsp_id=29&expires=30&user_id=1cda2a5a-1c6f-4fb2-81c7-d09594cf4383&ssp=yieldlab

43 B
378 B

33ms
33ms

Image
image/gif

35.157.89.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=29&expires=30&user_id=1cda2a5a-1c6f-4fb2-81c7-d09594cf4383&ssp=yieldlab
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.89.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-89-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 07 Dec 2019 15:11:11 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sat, 07 Dec 2019 15:11:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=29&expires=30&user_id=1cda2a5a-1c6f-4fb2-81c7-d09594cf4383&ssp=yieldlab
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm=&google_sc=&google_tc=
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECGPkBps6uDjc75sHDfsQdc&google_cver=1

0
495 B

64ms
64ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECGPkBps6uDjc75sHDfsQdc&google_cver=1

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:12 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:12 GMT
server: HTTP server (unknown)
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECGPkBps6uDjc75sHDfsQdc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ce717a75-c70e-47f1-bf59-93aa50d25825
pr-bh.ybp.yahoo.com/sync/yieldlab/ Frame 8B34
Redirect Chain

https://ad.yieldlab.net/mr?t=2&pid=5222173
https://pr-bh.ybp.yahoo.com/sync/yieldlab/ce717a75-c70e-47f1-bf59-93aa50d25825

43 B
290 B

124ms
39ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/yieldlab/ce717a75-c70e-47f1-bf59-93aa50d25825

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-content-type-options: nosniff
content-length: 43
x-xss-protection: 1; mode=block

Redirect headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Location: https://pr-bh.ybp.yahoo.com/sync/yieldlab/ce717a75-c70e-47f1-bf59-93aa50d25825
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: close
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:09 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID
https://ad.yieldlab.net/m?dt_id=140420&ext_id=8074893154703068891

0
495 B

133ms
64ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=140420&ext_id=8074893154703068891

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:12 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:14 GMT
AN-X-Request-Uuid: 6ad31782-c424-4fc0-a3d2-c83aa6b4edb0
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://ad.yieldlab.net/m?dt_id=140420&ext_id=8074893154703068891
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.87.234; 109.236.87.234; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.201:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1
https://ad.yieldlab.net/m?dt_id=99739&ext_id=5e24f832-0246-4458-be32-bf5607500d20

0
495 B

110ms
63ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=99739&ext_id=5e24f832-0246-4458-be32-bf5607500d20

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:12 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:12 GMT
x-aspnet-version: 4.0.30319
location: https://ad.yieldlab.net/m?dt_id=99739&ext_id=5e24f832-0246-4458-be32-bf5607500d20
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 193

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D
https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=abb05deb-c04a-4700-8bfc-1c2a2c5faaec
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=abb05deb-c04a-4700-8bfc-1c2a2c5faaec

0
495 B

153ms
63ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=6061522&ext_id=abb05deb-c04a-4700-8bfc-1c2a2c5faaec

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:10 GMT

Redirect headers

Date: Sat, 07 Dec 2019 15:11:10 GMT
Server: MT3 1913 979072d master cdg-pixel-x20
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ad.yieldlab.net/m?dt_id=6061522&ext_id=abb05deb-c04a-4700-8bfc-1c2a2c5faaec
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 07 Dec 2019 15:11:09 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
https://us-u.openx.net/w/1.0/cm?cc=1&id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=c9a2d2db-aa27-4c87-834b-adcf91baceaf

0
495 B

68ms
66ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=2448064&ext_id=c9a2d2db-aa27-4c87-834b-adcf91baceaf

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:12 GMT

Redirect headers

date: Sat, 07 Dec 2019 15:11:12 GMT
via: 1.1 google
server: OXGW/16.167.2
location: https://ad.yieldlab.net/m?dt_id=2448064&ext_id=c9a2d2db-aa27-4c87-834b-adcf91baceaf
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
content-type: image/gif
alt-svc: clear
content-length: 0

GET
H2

200

2.gif
dmp.theadex.com/d/817/i/ Frame 8B34
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?dmp=1&xxx=817
https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6767715122356615308

36 B
345 B

571ms
23ms

Image
image/gif

89.163.159.110
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6767715122356615308
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.163.159.110 Cloppenburg, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:10 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
status: 200
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

Redirect headers

Location: https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6767715122356615308
Date: Sat, 07 Dec 2019 15:11:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 8B34
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dactiveagent%26partner_uid%3D%25%25COOKIE%25%25
https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6767715122356615308

0
320 B

602ms
33ms

Image
text/plain

54.229.133.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6767715122356615308
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.133.110 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-133-110.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 07 Dec 2019 15:11:10 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1575731470
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6767715122356615308
Date: Sat, 07 Dec 2019 15:11:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

info2
uip.semasio.net/adition/1/ Frame 8B34
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fuip.semasio.net%2Fadition%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dyl
https://uip.semasio.net/adition/1/info?sType=sync&sExtCookieId=6767715122356615308&sInitiator=yl
https://uip.semasio.net/adition/1/info2?sType=sync&sExtCookieId=6767715122356615308&sInitiator=yl

42 B
594 B

29ms
29ms

Image
image/gif

77.66.11.200
NGDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uip.semasio.net/adition/1/info2?sType=sync&sExtCookieId=6767715122356615308&sInitiator=yl
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 77.66.11.200 , Denmark, ASN16245 (NGDC, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
Frontend-ID: 1
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin: *
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 42
Routing-Server-ID: 1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:09 GMT
Frontend-ID: 4
Access-Control-Allow-Origin: *
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adition/1/info2?sType=sync&sExtCookieId=6767715122356615308&sInitiator=yl
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 0
Routing-Server-ID: 1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D487201%26ext_id%3D%25%25COOKIE%25%25
https://ad.yieldlab.net/m?dt_id=487201&ext_id=6767715122356615308

0
495 B

150ms
67ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=487201&ext_id=6767715122356615308

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:10 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=487201&ext_id=6767715122356615308
Date: Sat, 07 Dec 2019 15:11:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8B34
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=6
https://c1.adform.net/serving/cookie/match?CC=1&party=6
https://ad.yieldlab.net/m?dt_id=4879&ext_id=6137798777903696369

0
495 B

64ms
63ms

Image
text/plain

104.103.89.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=6137798777903696369

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-103-89-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:11 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 06 Dec 2019 15:11:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:11 GMT
server: nginx
access-control-allow-origin: *
location: https://ad.yieldlab.net/m?dt_id=4879&ext_id=6137798777903696369
status: 302
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
4 KB 208ms
207ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2727619822434185&correlator=101466162976347&output=ldjh&impl=fifs&adsid=NT&eid=21065270%2C21065272&vrg=2019112101&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191207&iu_parts=5731%2CDE_ONMEDA_de%2Corganic%2Cforum&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x250%7C800x250%7C800x250%7C800x250%7C800x250%7C800x250%7C800x250%7C800x250%7C728x90%7C728x90%7C728x90%7C728x90%7C728x90%7C728x90%7C728x90%7C940x90%7C970x90%7C970x90%7C970x90&prev_scp=v4%3D0%26c7%3D0%26d17%3D1%26i41%3D1%26d23%3D1%26d10%3D5%26d15%3D2%26n8%3D0%26c20%3D1%26c5%3D1%26i46%3D1%26i44%3D1%26d21%3D1%26i53%3D1%26i3%3D1%26i14%3D1%26i13%3D1%26c3%3D0%26d4%3D0%26v3%3D3%26c8%3D0%26d8%3D1%26i15%3D1%26d9%3D4%26c2%3D0%26i18%3D1%26i50%3D1%26c4%3D0%26d12%3D1%26d1%3D2%26n3%3D0%26i9%3D1%26n5%3D0%26d3%3D2%26i52%3D1%26d20%3D0%26c6%3D1%26d16%3D1%26d2%3D2%26n9%3D0%26somtag%3D1%26xx%3Dpfbb970%2Cpfbb970_2%2Cpfbb800%2Cpfbb800_2%2Cpfbb800_3%2Cpfbb800_4%2Cpfbb800_5%2Cpfbb800_6%2Cpfbb800_7%2Cpfsub%2Cpfsub_2%2Cpfsub_3%2Cpfsub_4%2Cpfsub_5%2Cpfsub_6%2Cpfsub_7%2Cpfsub940%2Cpfsub970%2Cpfsub970_2%2Cpfsub970_3%26site%3Donmeda_de%26category%3Dother%26format%3Dorganic%26device%3Ddesktop%26slot%3DperformanceFullbanner1%26fv%3D0%26targetingLog%3DtargetingLogMode_cache%252Cd15_2%252Cd1_2%26zz%3D970x250%2C970x250%2C800x250%2C800x250%2C800x250%2C800x250%2C800x250%2C800x250%2C800x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C940x90%2C970x90%2C970x90%2C970x90%26idf%3Donmeda%26kw%3Dtop_forum_t%2Curlname_%2CForum_fid_1F&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1575731469&dt=1575731469675&dlt=1575731467091&idt=2446&frm=20&biw=1585&bih=1200&oid=3&adxs=208&adys=11381&adks=3314827754&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmeda.de%2Fforum%2F&dssz=36&icsg=563087442709132&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=62224042.1575731468&ga_sid=1575731470&ga_hid=182515522&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9b97f07b1ff3139d15ab7a2c3b44a66f3df151055096e28dbed87b8cfa90645f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4026
x-xss-protection: 0
google-lineitem-id: 5191343895
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138290359933
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmeda.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ 20 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6970
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7132
x-xss-protection: 0
server: sffe
date: Sat, 07 Dec 2019 13:14:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "796f98bb73f13f89"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Dec 2020 13:14:59 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 3032 200 KB
55 KB 36ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81013
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Fri, 06 Dec 2019 16:40:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Dec 2020 16:40:56 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3032 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 253371
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5592
x-xss-protection: 0
server: sffe
date: Wed, 04 Dec 2019 16:48:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ac5c138bfec1b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Dec 2020 16:48:18 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3032 151 KB
40 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81013
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Fri, 06 Dec 2019 16:40:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Dec 2020 16:40:56 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3032 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 253357
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Wed, 04 Dec 2019 16:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "49ed1549bef9ee2d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Dec 2020 16:48:32 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3032 44 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81049
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14180
x-xss-protection: 0
server: sffe
date: Fri, 06 Dec 2019 16:40:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "15a9b640489a7720"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Dec 2020 16:40:20 GMT

GET
DATA 200
OK truncated
/ Frame 3032 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7454e3c6de9f8c52e51ae479827d66ab9804ff0641476933140982610630f89

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1511460551331325670
tpc.googlesyndication.com/simgad/ Frame 3032 49 KB
49 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1511460551331325670?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkkvxI3c3Jfzt2jOgfsR1rltAyK7w

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b3808b20e362a7e99e0ba285d634b114c34a99b590dca663839caa8326a1f002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Dec 2019 23:43:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 10:53:14 GMT
server: sffe
age: 228442
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 50413
x-xss-protection: 0
expires: Thu, 03 Dec 2020 23:43:47 GMT

GET
H2 200 de.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3032 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/de.png

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d019c2c84c9d83db0fd82790000410f76e2db2b78cbd4cc2e5887aa131c081de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 11:16:52 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 14057
etag: 17463054902215686033
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3131
x-xss-protection: 0
expires: Sun, 08 Dec 2019 11:16:52 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3032 344 B
471 B 8ms
7ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 11:08:44 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 14545
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 08 Dec 2019 11:08:44 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3032 0
0 35ms
34ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeudsDcHrXYjyJZvUgAfz0KqIDLvLmZxY6pDf0vgKFBABILOsjh6gAfGD_ZUDyAEC4AIAqAMByAMIqgTLAU_QnpX3eBvoPzmqksnTgixL_KTmpZVBSo_gCzksRv2pAdjh7DexjHYW-j9yyZu7b678kngnzA_gBy_qbiXifkiWsRUUjXk6ZjL727kVGOLG6RsOZE1NsSIlthwo4b0xt4B3irucDMkbTXw-di5dRTz71ZKS9IzFZQG8NUzVHJrpBO2uELTH5WibB6cFWH-y1et2R51AiuBUXlMU8Xa1adpAeQPRkAGxjeGMZty38cptn_LoNtZiFNzHFr-b5edaXS2AZtlmnZue-AP3wATy9truiQLgBAGSBQQIBBgBkgUECAUYBKAGAoAHlqWke6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAfIHAxCjStIIBwiAYRABGB2ACgPICwHYEww&sigh=iyoY-VVU4uY&tpd=AGWhJmtZLPkX7zERyXZkF4yZyy3ZH2CmJFYQzXCu1D1EKPXuOw
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK mtrcs_873474.js Show response
s265.meetrics.net/bb-mx/prime/ 2 KB
2 KB 112ms
28ms Script
text/javascript 136.243.13.131
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s265.meetrics.net/bb-mx/prime/mtrcs_873474.js?pjid=873474&site=DE_ONMEDA_de&adc=organic&place=1572593421&cpid=2478578367&apa=4937286661&cid=138258514378&size=300x600&cb=3311435865
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h314.meetrics.de
Software: nginx /
Resource Hash: 370211e3f68c8cbdb1daaf8f28e2864948867e28daad450d80425d57980a4635

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1209
Expires: Sat, 07 Dec 2019 15:11:09 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B98A 0
0 38ms
38ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYcQcrjDIAQ1C2q8kT87qyfVkS8KrV1kJqPykoZy4niMzRYKNIbI-noU96b6GVqdAj0hrPfgrkCSEf7P0OmBqdOtNrN4e2ofTPAzjwSB2aPIowctllZ1evC_Yj2PybvggAe04btC3OLq6yqoiyr61Wj7xJavCTrgwVZT66_MmenxrZ241B1CoI7if9tF7pXO9VXUVZ8Y6j1TEwgF6t7mTvSCpCjsuOyIKgeo03YRSqd6e0owMFzGuKzeNpu7i7keyUoJZLJ9LH4z9PLYv815wj&sai=AMfl-YTlIO2Hz37v0tbgLrSSEZTjso9aA_Vh40ODgCqp5ZpXE1KXMVFsimPTXr7o8_ggUeV6TZWYmYDQjN-5ozAUw5y3daxvzzIi6K8gi5LKyg&sig=Cg0ArKJSzOHtw23lp531EAE&urlfix=1&adurl=

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Dec 2019 15:11:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:09 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B98A 77 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:09 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:10 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ 17 KB
17 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb_6fYdxABGAEyCHnqrQafHzD8

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

50aaf3f34fde8c66b12aaea1c04a57f6318ae6b197443baec68318d8f4775fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Dec 2019 10:51:54 GMT
x-content-type-options: nosniff
server: cafe
age: 188356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/jpeg
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17570
x-xss-protection: 0
expires: Thu, 12 Dec 2019 10:51:54 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3032
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sat, 07 Dec 2019 15:11:10 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK mtrcs_873474.js Show response
s265.meetrics.net/bb-mx/prime/ 2 KB
2 KB 28ms
28ms Script
text/javascript 136.243.13.131
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s265.meetrics.net/bb-mx/prime/mtrcs_873474.js?pjid=873474&site=DE_ONMEDA_de&adc=organic&place=4663138943&cpid=2456257167&apa=5191343895&cid=138290359933&size=300x100&cb=3311435865
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h314.meetrics.de
Software: nginx /
Resource Hash: 5a20f54d6c8fcf6058a1c5ba1f6d476e984e74a52e5df04f0437e7d18c0374ee

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1211
Expires: Sat, 07 Dec 2019 15:11:09 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A6C2 0
0 33ms
33ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZXqUxx4R189nvomYs4ilWT5k0WQWGXIYekqThvOFqo-pr8JV0ZEgxXChuuTNtdhb7wSaqhDa_amu1MOweoSjX2YNKNd4Td2JNv3jch8S33_fcW1o6RgKjLLpTGZaj32iQBeLaQ69uXjJ9eJiXi4hUBUkMqPaRThIi692kIntBhrq5AGBCIotx_WOqw4Nf2RMW7OxzCekzoE_m0cFl5PZSc5rJrYhve2N1Ogf9bHEwE-icuoCD2Hy1mR1XIj2zzy0Ejk_4ItTbtMPx&sai=AMfl-YQAX5eOVdzWo14Mwh1ieNw1M-RpB1bt3IRDB2l2uVdzPaAqxhALHD-LFVrO5dpRaslA7c3QMBBwYAqv3Ymeglj4aDQs3g5L6adG1JiJ&sig=Cg0ArKJSzDALul6UQVmNEAE&urlfix=1&adurl=

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Dec 2019 15:11:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6C2 77 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112101.js?21065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 15:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Sat, 07 Dec 2019 15:11:09 GMT

OPTIONS
H2 204 performance-tracking Show response
staging.cerberus.sqrt-5041.de/somtag/logs/ 0
185 B 653ms
29ms Fetch 35.158.68.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.cerberus.sqrt-5041.de/somtag/logs/performance-tracking
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.68.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-158-68-53.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.onmeda.de
Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

status: 204
date: Sat, 07 Dec 2019 15:11:10 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
x-powered-by: Express
vary: Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H/1.1 200
OK mtrcs_873474.js Show response
s265.mxcdn.net/bb-mx/serve/ 123 KB
48 KB 88ms
28ms Script
text/javascript 72.247.224.195
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s265.mxcdn.net/bb-mx/serve/mtrcs_873474.js
Requested by: Host: s265.meetrics.net
URL: https://s265.meetrics.net/bb-mx/prime/mtrcs_873474.js?pjid=873474&site=DE_ONMEDA_de&adc=organic&place=1572593421&cpid=2478578367&apa=4937286661&cid=138258514378&size=300x600&cb=3311435865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.195 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2a08206dec0878afdf4d00d48fbc91805fd70ab53ffb4238765c452fc5270daf

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 07 Dec 2019 15:11:10 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=31529
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 48923
Expires: Sat, 07 Dec 2019 23:56:39 GMT

GET
H/1.1 200
OK submit
dc28.s265.meetrics.net/bb-mx/ 43 B
291 B 114ms
29ms Image
image/gif 144.76.184.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc28.s265.meetrics.net/bb-mx/submit?/mvDWBjAAA7whFo0F0wFz6BvvA33F3uBvuFtlFkhFukElvBmvFy1FtvBfpyF+k2FoywAx5AtxAxtAyyAtxA16Ax5At4A3zA03A0tAyuAxxA1uAytAkzB0zAlkFimFLlnFBLlnFC+qhFnx1A31A3zAx0A3wAx3Az4A3zA03A06Ax1A31A3zAx0A3wAyyA24A3zA03A0BE/k0FPExgAwqFpkF94A3zA03A0mAzpF0lF9EEFfFPOFNFFEBFfkFlmBhkFj9BvyFnhFupFjmBwsFhjFl9Bx1A3yA15Az0AyxAmjEwpFk9By0A34A13A4zA23AmhEwhF90A5zA3yA42A22AxmAjpFk9BxzA4yA14A1xA0zA34AmzEp6Fl9BzwAw4E2wAwmAjiF9zAzxAx0Az1A42A18ExgAwqFpkF94A3zA03A0mAzpF0lF9EEFfFPOFNFFEBFfkFlmBhkFj9BvyFnhFupFjmBwsFhjFl9B02A2zAxzA45A0zAmjEwpFk9By0A12Ay1A3xA23AmhEwhF91Ax5AxzA0zA45A1mAjpFk9BxzA4yA5wAz1A55AzzAmzEp6Fl9BzwAw4ExwAwmAjiF9zAzxAx0Az1A42A1BEMquFiCL2wFBLl1FC/2xFZCylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgBjzFzfF3lFirFp0FgjEw1FfxB2gAyhFtfF4BEUkzF4BFAAAAAAAZwSe5CPAAAAAAAAAOAAAAGBAAAAAAZwSe5CBPAAAAAAAAABpP/APBAAAAAAAABQG/AZgAAFAx8Ex8ExBEGAy1A5wA05Ar4eDAPBAAFAApP/T4eDASksF/FfAAAAAAAAAAAAEAAApP/AAAAAAAKAy0A34A13A4zA23AKAx1A3yA15Az0AyxAMAEFFfPFONFFEFBfFklFHAzwAw4E2wAwBEMAxzA4yA14A1xA0zA34AHAvyFnhFupFjBFAAAAAAKA05Az3Ay4A22A2xAfAAAAAAAAAAAAEAAAQG/AAAAAAAKAy0A12Ay1A3xA23AKA02A2zAxzA45A0zAMAEFFfPFONFFEFBfFklFHAzwAw4ExwAwBEMAxzA4yA5wAz1A55AzzAHAvyFnhFupFjBFAAAAAAKA1xA5xAz0Az4A51AdkSA6CAsEAYJAFAAA4eDAAAQAOPFfTFPVFSDFFfFy1Aw1A35ACAIQFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFMTRsWA
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h359.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 07 Dec 2019 15:11:09 GMT

GET
H/1.1 200
OK data
dc28.s265.meetrics.net/ 43 B
308 B 30ms
29ms Image
image/gif 144.76.184.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc28.s265.meetrics.net/data?/mvDWCgEAAKktFLkqFFlqwF43Az0A30ATkzFARksFAQtjFVcXNSA
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h359.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 07-Dec-19 15:11:09 GMT

GET
H/1.1 200
OK data
dc28.s265.meetrics.net/ 43 B
308 B 58ms
27ms Image
image/gif 144.76.184.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc28.s265.meetrics.net/data?/mvDWDgEAATkzFASksF4adqTA6CAgCAYJAAAAAaQ6AAA+Co0F0wFz6BvvA0wFjuBnvFvnFslFz5FukFpjFh0FpvFuuBjvFtvBzpFtnFhkFvxA1xAx0A2wA11AxzAzxAzyA12A3wA/zExwF90AzxFQ5FRRF3REqrFxOF4BFCIFRBFB0FFJFnBFTnFCNFBrF0BEwEE3rF3sFZBFXCFmjFBLFBBFRHFJBFRHFkBFRBFBnFEtBvBFRHF3BFZDF00BnTF0BEWfFGBFTyB5uFU0BmyEz9BBPFnhF0xErrF24FJzBjzBKmF60FyqEPnFmzFSxBysF0BF5LF33EGATDFfxB2wAAAAAAAAAAAAAVOo0F0wFz6BvvAnvFvnFslFhkFzuBnuBkvF1iFslFjsFpjFruBulF0vBhjFsrF/zEh9BsmBhpF9DEVoF2vFEjFIyFYZFq5FKaF2VFnBFm6FwLExJFEMF2MFtaF4ZF2wEEmFw2EnLFGCFBCFJMFPzFqoF2nEBmFHEFfaFVEF5BFFDF0BEJBFxBFNCF5BFNJFxnFUPFBVFfRFuwFYzBlCF2vFQ6FtxFrzFuUFnpF4MFfLFUtFwaFWCFTvFfnFD6FrzFS2FywEBkFqoF3EEl4FqIFZXFtqE55E5aF13Bi2B34AruFnuF6BFfnFC5FfxFipFYpFmrFpXFzSFVVFqYFr2BaqFM3By3ArWFHPFMHF2SEzPFaFFxOEzTFJsF0oF3vF0iEw4E00BCzBpyF1jFENFriFUYF3tBkpF1kESUF63BxaELTF5JE6GFaRFH4BOVF6WFIKFywFCPFy1EFMFUIF1XEpiFC2BjGFXIFt5ExlE0yBS1BxBEp1FCVFYsFNVF4YEhxBhkFwBFlRFQSFrBFH4FqlFHNFa0F5zB4jEw0FufFMvFO0FapFGOF6IFGyFtiEwtBWVF64B03B02AXGFHPFV4BNHF0VF10BuxF3BFU5F50Ey1FpRFMnFCBFHnFCnFLBFC1BhsFwIF1vFC0B3PEH2BnIFxjEriFxBFlUFyCE1vFC3BvHFxBFmaF54F1vFC4BfNFH2BnIFwyF0iExBFmzFxSE1vFCfFQSFH2BnIF3OEViFyBEjCFwnEnIFDJFCoFFBFFZFIiFFKFfyBp5FIWFxxBtjEtBEDnFQJFD3FIZFF3F3mBhlF9xAmuE1tF9xAmzEpnF9BEPEF20AfyBwEFu3BnwB45FmSF5HFIkFsOFUNFIXFIrF3QFitBRmBjsFplFu0F9jEhtBw1FitBy2A3xAy1A42A35Aw3Az3Aw5AmuE49BDMFJDFLfFYmBu5F9DEMJFDLFfZFmuEi9BymAhkF1yFs9Bo0F0wFz6BvvA33F3uBulF3jFopFjuBjvFtvB0oFltFltBjoFypFz0FthFztB0tBzzAwwAy4AvlAzGE10FtfFzvF1yFjlFlzAEnFvvFnsFllBy2A10FtfFtlFkpF1tFlzAEjFwjFfhFkzFylAy2A10FtfFjhFtwFhpFnuFlzAEuF2tBjuFl3Ft3EztButB3vFytBwwAylAy2A10FtfFjvFu0FluF0lBzEEslFlyFlyA21E0tFfkFlzFpnFulBzEE25AlyA2hEkfFpkFlzAE0BwyA11AywAwyA4wA2lAy2AnjFspFklBzEEFBFJhFJRFviFDoFNJF5LF5JFsPFtqF1nEJWFH5FynFDoFx6ExBFyCFFBFFZFBTFBBFFnFL4BKQFEfFC3FFBFDAJNFHBFQtjF81kqZA
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h359.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 07-Dec-19 15:11:09 GMT

GET
H/1.1 200
OK data
dc28.s265.meetrics.net/ 43 B
308 B 86ms
27ms Image
image/gif 144.76.184.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc28.s265.meetrics.net/data?/mvDWEhEAA+qhFnx1A31A3zAx0A3wAx3Az4A3zA03A06Ax1A31A3zAx0A3wAyyA24A3zA03A0BE/k0FPExgAwqFpkF94A3zA03A0mAzpF0lF9EEFfFPOFNFFEBFfkFlmBhkFj9BvyFnhFupFjmBwsFhjFl9Bx1A3yA15Az0AyxAmjEwpFk9By0A34A13A4zA23AmhEwhF90A5zA3yA42A22AxmAjpFk9BxzA4yA14A1xA0zA34AmzEp6Fl9BzwAw4E2wAwmAjiF9zAzxAx0Az1A42A18ExgAwqFpkF94A3zA03A0mAzpF0lF9EEFfFPOFNFFEBFfkFlmBhkFj9BvyFnhFupFjmBwsFhjFl9B02A2zAxzA45A0zAmjEwpFk9By0A12Ay1A3xA23AmhEwhF91Ax5AxzA0zA45A1mAjpFk9BxzA4yA5wAz1A55AzzAmzEp6Fl9BzwAw4ExwAwmAjiF9zAzxAx0Az1A42A1BEOprFCQVDOqwFCQVDlqwF43Az0A30ALkmFBTkzFARksFAQtjFMpc5SA
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h359.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:10 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 07-Dec-19 15:11:09 GMT

POST
H2 200 error-tracking Show response
staging.cerberus.sqrt-5041.de/somtag/logs/ 35 B
317 B 30ms
29ms Fetch
image/gif 35.158.68.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.cerberus.sqrt-5041.de/somtag/logs/error-tracking

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.68.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-158-68-53.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 07 Dec 2019 15:11:10 GMT
x-content-type-options: nosniff
status: 200
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
content-length: 35
x-xss-protection: 1; mode=block

POST
H2 200 performance-tracking Show response
staging.cerberus.sqrt-5041.de/somtag/logs/ 35 B
317 B 30ms
30ms Fetch
image/gif 35.158.68.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.cerberus.sqrt-5041.de/somtag/logs/performance-tracking

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.68.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-158-68-53.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 07 Dec 2019 15:11:10 GMT
x-content-type-options: nosniff
status: 200
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
content-length: 35
x-xss-protection: 1; mode=block

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3032 42 B
111 B 19ms
18ms Image
image/gif 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn3glEDy_yKOCkcCNgZCTga5HgGUIVxbOmcPXcODU4iqZJNbqqxlx4jsVUqLTszDzSSf5CeUT3ld-cnzQ7YjCxx5ZCQDWQ6NN8WWXSp0QMniP8nYEPqCpEUNc&sai=AMfl-YQh-_owBWWjxtAgyMvRP7zCX1uKr9za4wMkjbtuwxnrmvhDycxBLbvcNBTSmv_HCLZ8r3PsGZb13YkJ17nJ1XY4o3nwN8oubTbBaeEq&sig=Cg0ArKJSzNzppmSeG3n3EAE&id=ampim&o=1188,186&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=118&tls=1119&g=100&h=100&tt=1119&r=v&adk=3147547619&avms=ampa

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Dec 2019 15:11:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html
aufeminin.demdex.net/ Frame BC4C 0
0 146ms
32ms Document
text/html 52.209.113.171
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://aufeminin.demdex.net/dest5.html?d_nsid=0

Requested by

Host: i.onmeda.de
URL: https://i.onmeda.de/nav/dil_v6.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.113.171 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-209-113-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: aufeminin.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.onmeda.de/forum/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.onmeda.de/forum/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 28 Nov 2019 11:44:47 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: GvsuoRZLTBk=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK event Show response
aufeminin.demdex.net/ 5 KB
2 KB 139ms
42ms Script
application/javascript 52.209.113.171
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://aufeminin.demdex.net/event?d_mid=20576884824983243842158219648702269703&d_nsid=0&d_ld=_ts%3D1575731472951&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1575731472951&c_sid=&c_platform=onmeda.de&c_uaid=UA-32616126-1&c_lang=de&c_geo=&c_contentType=Forum&c_ops=none&c_section=_forum_&c_additional=&c_tag=none&c_thematic=none&c_userInfo=&c_device=desktop&c_logged=&c_hashedUserId=&c_referer=&c_utmMedium=&c_utmSource=&c_utmCampaign=&c_share=1

Requested by

Host: i.onmeda.de
URL: https://i.onmeda.de/nav/dil_v6.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.113.171 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-209-113-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a6de7a5643dda3480698187a00f0c7db08584996695c2297aad43a03e55aa823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v055-0bb07e4c6.edge-irl1.demdex.com 5.64.1.20191128093837 5ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: M5maorCPR58=
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 1552
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK data
dc28.s265.meetrics.net/ 43 B
308 B 80ms
28ms Image
image/gif 144.76.184.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc28.s265.meetrics.net/data?/mvDWFKOBALl1FDKq1FKq2FMq3FSyMq4FbwKq6FLkqFKtkyB43Az0A30A6wEylF0pFtlF2qoFx1A31A3zAx0A22A53AylEu3BzhEm1By4FoBFTkzFPPbnAAZAwSAcAAAARksFAQtjFMD4PSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.184.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h359.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Dec 2019 15:11:15 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 07-Dec-19 15:11:14 GMT

OPTIONS
H2 204 monitor-targeting Show response
staging.cerberus.sqrt-5041.de/somtag/logs/ 0
185 B 28ms
28ms Fetch 35.158.68.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.cerberus.sqrt-5041.de/somtag/logs/monitor-targeting
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.debug.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.68.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-158-68-53.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.onmeda.de
Referer: https://www.onmeda.de/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

status: 204
date: Sat, 07 Dec 2019 15:11:18 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
x-powered-by: Express
vary: Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 monitor-targeting Show response
staging.cerberus.sqrt-5041.de/somtag/logs/ 35 B
317 B 27ms
27ms Fetch
image/gif 35.158.68.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.cerberus.sqrt-5041.de/somtag/logs/monitor-targeting

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.68.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-158-68-53.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/forum/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 07 Dec 2019 15:11:18 GMT
x-content-type-options: nosniff
status: 200
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
content-length: 35
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

77 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: [object Object]
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: fullbanner2
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: performanceRectangle1
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: performanceRectangle2
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: performanceRectangle3
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: rectangle1
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: performanceFullbanner1
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: skyscraper1
console-api	log	URL: https://www.onmeda.de/forum/(Line 244) Message: load slot: dhtml
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 2544) Message: PM Dropdown not detected, skipping init.
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 2544) Message: PM Chat window not detected, skipping init.
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 382) Message: vBulletin.loadingIndicator.show Counter: 1 Source: ajaxStart
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 382) Message: vBulletin.loadingIndicator.hide Counter: 0 Source: ajaxStop
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 382) Message: Skipping security token for external url (form action): https://www.onmeda.de/suche/
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 382) Message: Securitytoken updated
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 382) Message: vBulletin.loadingIndicator.show Counter: 1 Source: ajaxStart
console-api	log	URL: https://www.onmeda.de/forum/js/footer-rollup-555.js(Line 382) Message: vBulletin.loadingIndicator.hide Counter: 0 Source: ajaxStop
console-api	log	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 29204) Message: adtec-core 2.31.4
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: eraseDisplaySlots: reset all display slots
console-api	warning	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Validation errors in 'publisherConfig': Unknown property in the config: ´display.slots.dhtml´
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://ad.71i.de/somtag/config/onmedade-staging/default.js
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: core.init [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://www.googletagservices.com/tag/js/gpt.js
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Init privacy info
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized infonline [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized rogator [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized consentMgt [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://sak.userreport.com/71i/launcher.js
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://ad.71i.de/somtag/prebid/prebid.js
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://c.amazon-adsystem.com/aax2/apstag.js
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://71i.nuggad.net/rc?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade-staging_organic_forum_content&nuggrid=&ios=0
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized emetriq [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized neustar [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized theAdex [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialize xaxis succeeded [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized xaxis [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialize nuggAd succeeded [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized nuggAd [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL FETCH] https://probe.yieldlab.net/yp/7526572,7526644,7526012,7526627,7526293,7526019?t=d17%3D1%26i41%3D1%26d10%3D5%26d15%3D2%26n8%3D0%26i46%3D1%26i44%3D1%26i53%3D1%26i3%3D1%26i13%3D1%26d4%3D0%26d8%3D1%26i15%3D1%26d9%3D4%26i18%3D1%26i50%3D1%26d12%3D1%26d1%3D2%26n3%3D0%26i9%3D1%26n5%3D0%26d3%3D2%26i52%3D1%26d20%3D0%26d16%3D1%26n9%3D0&pvid=1&ts=1575731468449&json=true
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL FETCH] https://probe.yieldlab.net/yp/7548568?t=d17%3D1%26i41%3D1%26d10%3D5%26d15%3D2%26n8%3D0%26i46%3D1%26i44%3D1%26i53%3D1%26i3%3D1%26i13%3D1%26d4%3D0%26d8%3D1%26i15%3D1%26d9%3D4%26i18%3D1%26i50%3D1%26d12%3D1%26d1%3D2%26n3%3D0%26i9%3D1%26n5%3D0%26d3%3D2%26i52%3D1%26d20%3D0%26d16%3D1%26n9%3D0&pvid=1&ts=1575731468449&json=true
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized sevenPass [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL DOCUMENT_WRITE] https://ad.yieldlab.net/d/724079/6629/2x2?&ts=1575731468452
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialize amazon succeeded [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized amazon [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialize audienceProject succeeded [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized audienceProject [object Object]
console-api	warning	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialize prebid timeout [object Object]
console-api	warning	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialize activeAgent timeout [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized later prebid [object Object]
console-api	warning	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialize yieldProbe timeout [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Core initialized
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: target container is inside friendly iframe: true
console-api	error	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [CONTAINER_NOT_FOUND] insertAd: performanceRectangle1 aborted, because referenced container not found in DOM: '#on-performance-rectangle-1'
console-api	error	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [CONTAINER_NOT_FOUND] insertAd: performanceRectangle2 aborted, because referenced container not found in DOM: '#on-performance-rectangle-2'
console-api	error	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [CONTAINER_NOT_FOUND] insertAd: performanceRectangle3 aborted, because referenced container not found in DOM: '#on-performance-rectangle-3'
console-api	warning	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [UNKNOWN_SLOTNAME] insertAd command with unknown slotName dhtml
console-api	error	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [CONTAINER_NOT_FOUND] insertAd: rectangle1 aborted, because referenced container not found in DOM: '#on-rectangle'
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: target container is inside friendly iframe: true
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: target container is inside friendly iframe: true
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Created display transportConfig fullbanner2 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [INSERT] performInsert fullbanner2 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Created display transportConfig skyscraper1 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [INSERT] performInsert skyscraper1 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized later yieldProbe [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Created display transportConfig performanceFullbanner1 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [INSERT] performInsert performanceFullbanner1 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: Initialized later activeAgent [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://s265.meetrics.net/bb-mx/prime/mtrcs_873474.js?pjid=873474&site=DE_ONMEDA_de&adc=organic&place=1572593421&cpid=2478578367&apa=4937286661&cid=138258514378&size=300x600&cb=3311435865
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [RENDERED] insertIFrameAd slot skyscraper1 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [INSERT] insertAd: slot skyscraper1 is rendered. ad inserted on slot: skyscraper1
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.onmeda.de/forum/
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [REQUESTED_URL LOAD_SCRIPT] https://s265.meetrics.net/bb-mx/prime/mtrcs_873474.js?pjid=873474&site=DE_ONMEDA_de&adc=organic&place=4663138943&cpid=2456257167&apa=5191343895&cid=138290359933&size=300x100&cb=3311435865
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [RENDERED] insertIFrameAd slot performanceFullbanner1 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [INSERT] insertAd: slot performanceFullbanner1 is rendered. ad inserted on slot: performanceFullbanner1
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [#somtag-slot_1] (slot fullbanner2) collapsed because received ad has null dimensions (0x0)
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [FALLBACK] insertIFrameAd slot fullbanner2 [object Object]
console-api	info	URL: https://ad.71i.de/somtag/loader/loader.debug.js(Line 30717) Message: [INSERT] insertAd: slot fullbanner2 is rendered. ad inserted on slot: fullbanner2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

71i.nuggad.net
ad.71i.de
ad.yieldlab.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
aufeminin.demdex.net
beacon.krxd.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
dc28.s265.meetrics.net
de-gmtdmp.mookie1.com
de.ioam.de
dmp.theadex.com
dpm.demdex.net
dsp.adfarm1.adition.com
eu6.heatmap.it
googleads.g.doubleclick.net
i.onmeda.de
ib.adnxs.com
irqs.ioam.de
match.adsrvr.org
nugmw.userreport.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
probe.yieldlab.net
r.scoota.co
s265.meetrics.net
s265.mxcdn.net
sak.userreport.com
script.ioam.de
securepubads.g.doubleclick.net
staging.cerberus.sqrt-5041.de
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
u.heatmap.it
uip.semasio.net
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.honcode.ch
www.onmeda.de
x.bidswitch.net
ib.adnxs.com
104.103.89.20
13.225.78.6
136.243.13.131
143.204.90.242
144.76.184.162
149.202.74.47
172.217.16.130
172.217.18.162
178.250.0.130
178.250.0.165
185.29.135.227
193.46.63.75
195.70.1.181
2600:9000:20eb:4200:14:3756:4880:93a1
2600:9000:20eb:4800:12:6213:9cc0:93a1
2600:9000:20eb:f800:1f:a1b:34c0:93a1
2a00:1288:110:c305::8000
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:816::2002
2a00:1450:4001:819::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:4001:824::2001
2a00:1450:4001:825::2003
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9c
34.95.120.147
35.157.89.106
35.158.68.53
35.186.238.175
37.157.4.39
37.252.173.38
46.105.202.39
52.19.114.209
52.209.113.171
52.210.59.27
54.229.133.110
54.77.236.71
72.247.224.195
72.247.224.239
77.66.11.200
78.35.17.134
85.114.159.93
89.163.159.110
91.215.100.39
91.215.103.65
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08342df56f5f718245c2a6f71716fe6cb37d36f4ef5223362c15f35c5d7d8556
0d4ecda727a37e81276066117a94cf21170a060102f9e73b03fc4fcdee90bab5
1189c79d038ae52072530179c2ace528e8e527d5e93a2d319e4996870c5563af
12a7eac08be278a985f79a9efd151f79985beb0383b6c3342222c685ccf84e5d
1412d7245072504d1975da264074e475485b5bab1edab58938a536542a4f3dd5
156083bfc71114b3f418142505c9a0523d9578370d690154b2b9b89031ddabc3
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20f72d711a9fa45790128ad75317ebaaf79c8c5d7031d85ae0d137416295faba
21b6f9f75b9afad52abc2b6139f274e75b09a8ad025bd8e306cc454ba54f1db6
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
293c7ee2201ff94fe316e7c082b16c57fb217ee1b73d4e5a92f63e7ba2a8587e
2a08206dec0878afdf4d00d48fbc91805fd70ab53ffb4238765c452fc5270daf
2b61f9c8962c6854e88cb1c9318b3c6b45f8f0572d80799e39756653189ab05d
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
31c968410517169576e44de1435745d7fd6889a99d618dea011be9a9539d2a2a
343c2438d8dc8d19d126ae7eb501b1bcb1aa54b0c8c7dd25475a203cfe8961c1
370211e3f68c8cbdb1daaf8f28e2864948867e28daad450d80425d57980a4635
3a3bf2b611dc6399dd7797033cbb8cf88499c772540715b1d9f8da3f597b789b
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
438b62e8eb15ed39fd6230912a9ec83b25d371bf7d0e28ab2560996375f9652c
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
45b6de65fc34aa42a2bec0694dcf13b901e3f0e82b520b4dde96d1235ee0d017
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50aaf3f34fde8c66b12aaea1c04a57f6318ae6b197443baec68318d8f4775fbb
5167d983ce3208a3ed2d17298bb5758ffe7d6e4664083e2d2e44ed3bb2debe96
53ae800a03c811abef9e19dddd64988d564457e9de12fd3a914e4d9d06f09f6a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548819da190b08c330048cbe2b18c05d966247290a236d4f52199c40cf38a856
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57b34d094c8609cb7d241ec02e482a4327101964ac2d043201ba209ec19b4445
59bd9554f6e56d52888f776649f6dc86cc5ce3ea7ed96789b0908d6eec02b8d5
5a1c1e2e178bcbdcb21d84f40ee31ec81d0f2fd8167c4bc8d2baa025a41d533b
5a20f54d6c8fcf6058a1c5ba1f6d476e984e74a52e5df04f0437e7d18c0374ee
5ab0376964f6a5af89c4a98c537048e71e6c30fe29f54bcf7e181fa6e8c4a6ab
60fdd101d180b6e3126a85b0c6ea4c2fb1ff85eb752ddafb17e391458e883016
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
69c25b7926b8ef1bbcb58e2474271f76aecb1bfbf42071e89896bf7ae9d49037
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e2ab455a05f1e1c22d6f0c38cb6e15464e035c1d01f727683c01ddb32a971c0
7090e72d3f1ddccdc2921ed16e1c8daa9ef9cbbe5ec61ec2f62707ab8f3ed946
715ed7fc2a8fbf7bc53e08ce7362e3228e488847a94607a67368e78ffa4ee258
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
7243dc6bcdd3c2e324fbc29c6e969e0a7504646b21045b4817556dd26fb20243
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
82ea74bb791f425559fd747275a3fa38ca27de17ab2e1a658b29b5ee7fed591a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
9186ef61893bf4f9655b5c73f84769f66481119c527339e2bff07aac93e5ce8a
98f857ece56fc82fd1cd36605bdda34e6756bde229df236de008183f98807199
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b97f07b1ff3139d15ab7a2c3b44a66f3df151055096e28dbed87b8cfa90645f
9efa53ec1a261a8576a66a71befaf9d03c1a108aac36271f4599b87597b8a71e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f15f06bef7b933daafe155e1983cb8d4e2ba1615bda99d83330905d72af5a
a3e0bc6c6f49fdd6c2ffbc01c1535e29e6f17ae55e7ab0c9ba760320fa2d2801
a6cfee8c9eb10fd231a4a295e56763a15c5839273c13a47c909443e3f992b4fc
a6de7a5643dda3480698187a00f0c7db08584996695c2297aad43a03e55aa823
a7f95ab25f7a6773bc9d4564f082b02255224493f5f51a00f78e2205d7fea1b3
aff729cc50281f24e5b736d4a4a696a89cf129b73af5156b74755d3be6f73f12
b1a7dbf8c72ff70cdfbca9c53d2a8580730f382836d18da12d8a801f7c7f47c7
b3808b20e362a7e99e0ba285d634b114c34a99b590dca663839caa8326a1f002
b508fabbaa58cf12252dff60303bc9982ab57891b86f63fa5059f40f305fba93
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6
bcb705c93a9db3829b59c0d31443c7fcf2330ae8731bdb4f22d81ba2fdb500bc
be1053c98883cfda957be58a4bec5df0d3ea1c4d4074a73591841f4d8e005147
c11e32c9cd4db85c1bc87d1bba0871a0572bf6a397abe9918ada77978e2da318
c29b90ffd8074da0fb7d2b3b2ce38498d98dd5a72732b62f5364df8f31c5d46d
c392522a2462bab82c0a7c3b5cd2de7493945bcaa62a08fce95e03bca62acfd7
c6c98bb33d21c737d6ee19c3dbf23055dbb50cebee32e808af49a7aaeff4fd18
c7454e3c6de9f8c52e51ae479827d66ab9804ff0641476933140982610630f89
c92a1fe17d5c643abf757bf1222cbeb438bad946c83f23a2957f719eb422efbb
d019c2c84c9d83db0fd82790000410f76e2db2b78cbd4cc2e5887aa131c081de
d094dd35621b1528eb3847231a675903cc626fa9474d6bb13cf87ee0cd708939
d2d4e851d6f61bb2adbc10d777db617fa0882b0414e5f8ecce5d1fccbe6d244b
d31c364910c2a4f56f3d2e2f0165efd0c4bb1d939a80cb304dce342dcea06430
d5b78ab32de97034c5ff6160ce2edbe4e2052e6b665846cfa3156fbd7472f10f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbe35ab244bf2a9c28cde1529db62bd560222ead30f7310bafb6a96016b884cf
e31ccacfd8cf8d7da4c473925327a930713c89e543e1f38d7bbb000586d2fef3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f442d91b64075698838acae446400516824e015ed9b144b0b5fb136629e67
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
e61ec675dbc1fa4cc8e27ff78aaa9cbe267ab71026ba41d8a0eb36991498fb17
e997f8f9139dbc927bc207ea8a0ba368d793b2e261f8d71b9880d9ad741e5c21
ea093d5d236a3668c9a94b179e3d40055f310d9411e33304219700f373587816
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcfad245934d067687f3b6e0f0a3601477fe92bc4f1738188a57dc51b0ae267
f11a6eadb09938b06740a6fc1892c2af56d72218c937a4d4d7ade7b2da7eaa46
f3eedf80f3052829cda1c34719886ac29030a9801bda53b23df6a2d293c7bcf3
f4f47ff6cc8be9945d3f9d74b15fd1ad4117d426a50737a092e8f8b9a810aa98
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61

www.onmeda.de Open in urlscan Pro 78.35.17.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

132 Requests

99 %HTTPS

31 %IPv6

37 Domains

51 Subdomains

38 IPs

10 Countries

1990 kBTransfer

7592 kBSize

0 Cookies

12 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onmeda.de Open in urlscan Pro
78.35.17.134 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

99 %
HTTPS

31 %
IPv6

37
Domains

51
Subdomains

38
IPs

10
Countries

1990 kB
Transfer

7592 kB
Size

0
Cookies

132 HTTP transactions
2 data transactions