www.dreamies.de Open in urlscan Pro
46.4.15.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://46.4.15.228/
Effective URL:
https://www.dreamies.de/
Submission Tags: falconsandbox
Submission: On April 20 via api (April 20th 2021, 6:33:14 pm UTC) from US

Summary HTTP 199 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 30 domains to perform 199 HTTP transactions. The main IP is 46.4.15.228, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.dreamies.de.
TLS certificate: Issued by Thawte RSA CA 2018 on October 5th 2020. Valid for: a year.

This is the only time www.dreamies.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	46.4.15.228 46.4.15.228	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
26	168.119.242.35 168.119.242.35	24940 (HETZNER-AS) (HETZNER-AS)
4	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.33.139.42 13.33.139.42	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	213.239.232.144 213.239.232.144	24940 (HETZNER-AS) (HETZNER-AS)
23	78.47.1.50 78.47.1.50	24940 (HETZNER-AS) (HETZNER-AS)
1	35.158.179.166 35.158.179.166	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
3	116.202.98.152 116.202.98.152	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
9	51.91.68.112 51.91.68.112	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2 4	104.111.237.88 104.111.237.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
38	2606:4700:303... 2606:4700:3039::6815:c044	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	52.29.148.200 52.29.148.200	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:219... 2600:9000:2190:2600:12:6213:9cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:f800:1f:a1b:34c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	62.209.227.210 62.209.227.210	5588 (GTSCE GTS...) (GTSCE GTS Central Europe / Antel Germany)
1	46.105.199.182 46.105.199.182	16276 (OVH) (OVH)
1 4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:d25f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.29.132.68 185.29.132.68	30419 (MEDIAMATH...) (MEDIAMATH-INC)
12	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2 2	185.33.223.212 185.33.223.212	29990 (ASN-APPNEX) (ASN-APPNEX)
4	13.224.102.19 13.224.102.19	16509 (AMAZON-02) (AMAZON-02)
4	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2 2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	52.213.184.2 52.213.184.2	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2013	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:5200:8:5c85:cdc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	72.247.225.17 72.247.225.17	16625 (AKAMAI-AS) (AKAMAI-AS)
199	35

2 46.4.15.228 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dreamies.de

46.4.15.228	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dreamies.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 168.119.242.35 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s1.dreamies.de

s1.dreamies.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-42.cph50.r.cloudfront.net

cdn-a.yieldlove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 213.239.232.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-232-144.clients.your-server.de

img2.dreamies.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 78.47.1.50 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.1.47.78.clients.your-server.de

img1.dreamies.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.179.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-179-166.eu-central-1.compute.amazonaws.com

hb.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.98.152 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.152.98.202.116.clients.your-server.de

as1.dreamies.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.91.68.112 (France)

ASN16276 (OVH, FR)
PTR: ns3161774.ip-51-91-68.eu

view.webplexmedia.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.237.88 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:3039::6815:c044 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.29.148.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:2600:12:6213:9cc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

si.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:f800:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

nugmw.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.210 (Zlín, Czech Republic) 1 redirects

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
PTR: bbnautid1.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.199.182 (France)

ASN16276 (OVH, FR)

mediaintelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d25f (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.68 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.212 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 819.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.102.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-19.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (Berlin, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.213.184.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5200:8:5c85:cdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sak.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.225.17 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-17.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	dreamies.de www.dreamies.de s1.dreamies.de img2.dreamies.de img1.dreamies.de as1.dreamies.de	1015 KB
38	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	1 MB
16	webgains.com track.webgains.com diapi.webgains.com	304 KB
15	adscale.de hb.adscale.de js.adscale.de ih.adscale.de	15 KB
12	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	211 KB
9	webplexmedia.de view.webplexmedia.de	8 KB
8	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com	318 KB
4	m-t.io w-it.m-t.io	476 B
4	awin1.com 1 redirects www.awin1.com	3 KB
4	ad4mat.net ad4mat.net	4 KB
4	adnxs.com 2 redirects ib.adnxs.com adscale-emea.adnxs.com acdn.adnxs.com	20 KB
4	yieldlab.net ad.yieldlab.net	3 KB
3	adform.net 2 redirects adx.adform.net track.adform.net	1 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	userreport.com nugmw.userreport.com sak.userreport.com	107 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	smartadserver.com prg.smartadserver.com	660 B
2	doubleclick.net securepubads.g.doubleclick.net	126 KB
2	googleapis.com fonts.googleapis.com imasdk.googleapis.com	115 KB
1	criteo.com 1 redirects dis.criteo.com	514 B
1	conrad.ch www.conrad.ch	878 B
1	mediaintelligence.de mediaintelligence.de	1 KB
1	ibillboard.com 1 redirects bbnaut.ibillboard.com	352 B
1	nuggad.net 1 redirects si.nuggad.net	511 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googletagservices.com www.googletagservices.com	21 KB
1	fastly.net confiant-integrations.global.ssl.fastly.net	5 KB
1	yieldlove.com cdn-a.yieldlove.com	100 KB
199	30

	Domain	Requested by
26	s1.dreamies.de	www.dreamies.de
23	img1.dreamies.de	www.dreamies.de
17	assets.ad4m.at	as.ad4m.at
15	ad4m.at	view.webplexmedia.de www.dreamies.de ad4m.at
14	img2.dreamies.de	www.dreamies.de
12	track.webgains.com	as.ad4m.at analytics.webgains.io
12	ih.adscale.de	js.adscale.de ih.adscale.de www.dreamies.de
9	view.webplexmedia.de	as1.dreamies.de view.webplexmedia.de
8	api.webgains.io	analytics.webgains.io
6	as.ad4m.at	ad4m.at as.ad4m.at
4	w-it.m-t.io	analytics-wg.webgains.io
4	diapi.webgains.com	track.webgains.com
4	www.awin1.com	1 redirects as.ad4m.at
4	ad4mat.net	ad4m.at
4	assets.vlitag.com	tag.vlitag.com
4	ad.yieldlab.net	www.dreamies.de as1.dreamies.de
3	as1.dreamies.de	www.dreamies.de s1.dreamies.de
2	tracking.m6r.eu	2 redirects
2	analytics-wg.webgains.io	analytics.webgains.io
2	track.adform.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	analytics.webgains.io	track.webgains.com
2	adscale-emea.adnxs.com	2 redirects
2	sync.mathtag.com	2 redirects
2	js.adscale.de	cdn-a.yieldlove.com ih.adscale.de
2	fonts.gstatic.com	fonts.googleapis.com
2	prg.smartadserver.com	cdn-a.yieldlove.com
2	services.vlitag.com	www.dreamies.de services.vlitag.com
2	securepubads.g.doubleclick.net	www.dreamies.de securepubads.g.doubleclick.net
1	acdn.adnxs.com	cdn-a.yieldlove.com
1	sak.userreport.com	si.nuggad.net
1	dis.criteo.com	1 redirects
1	www.conrad.ch	as.ad4m.at
1	mediaintelligence.de	as.ad4m.at
1	bbnaut.ibillboard.com	1 redirects
1	nugmw.userreport.com	www.dreamies.de
1	si.nuggad.net	1 redirects
1	logs.vlitag.com	www.dreamies.de
1	cdn.jsdelivr.net	assets.vlitag.com
1	imasdk.googleapis.com	tag.vlitag.com
1	www.googletagservices.com	tag.vlitag.com
1	tag.vlitag.com	services.vlitag.com
1	confiant-integrations.global.ssl.fastly.net	cdn-a.yieldlove.com
1	adx.adform.net	cdn-a.yieldlove.com
1	ib.adnxs.com	cdn-a.yieldlove.com
1	hb.adscale.de	cdn-a.yieldlove.com
1	cdn-a.yieldlove.com	www.dreamies.de
1	fonts.googleapis.com	www.dreamies.de
1	www.dreamies.de
199	49

This site contains no links.

Subject Issuer	Validity	Valid
*.dreamies.de Thawte RSA CA 2018	`2020-10-05` - `2021-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
cdn-a.yieldlove.com Amazon	`2020-09-18` - `2021-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-14` - `2021-07-14`	a year	crt.sh
*.adscale.de Amazon	`2020-06-05` - `2021-07-07`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-05` - `2022-04-06`	a year	crt.sh
view.webplexmedia.de R3	`2021-03-03` - `2021-06-01`	3 months	crt.sh
cat.adscale.de DigiCert SHA2 Secure Server CA	`2020-10-23` - `2021-11-21`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
*.userreport.com Amazon	`2021-02-19` - `2022-03-20`	a year	crt.sh
mediaintelligence.de R3	`2021-04-17` - `2021-07-16`	3 months	crt.sh
www.conrad.ch Cloudflare Inc ECC CA-3	`2020-06-17` - `2021-06-17`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-04-09` - `2021-07-09`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.dreamies.de/
Frame ID: A6A6E171E65547CC9C590D2D264131ED
Requests: 93 HTTP requests in this frame

Frame: https://as1.dreamies.de/rs_300250.php
Frame ID: 81C59C50E6C5F35EBA7BFA7F344543D0
Requests: 3 HTTP requests in this frame

Frame: https://as1.dreamies.de/rs_300250.php
Frame ID: CF950BC000D314A3D73EE7396E8585E1
Requests: 3 HTTP requests in this frame

Frame: https://as1.dreamies.de/rs_72890.php
Frame ID: B368E7EA2DDB455C94EA338F6443B249
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
Frame ID: 8636D5F56D9CAF6BEBA2E79B01CAC893
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
Frame ID: 5EB6600B2AF4F283F51C979236F1292C
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Frame ID: CE36012C0CE1B9AA0CA3017CC59099A1
Requests: 4 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Frame ID: E49F2AAB10C807AAB1E718D5EFCD8C54
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B04C953D17FF7425DACE5B44B8B5A19F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D8C11C9D9D0D02E19F1000591BB10693
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0A153BB0F25562069F9B7D7F676A4852
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F45C767DD59D5DE34E4853FD748FA41A
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 41C8E5D31F1A898560CB8400C98A9F4F
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 3871FB9DEDA567EF370873249309DBD3
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 588C3AC078098837547DBD8437BDFFF6
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 152DAB65D26F9001648352087F5C94D6
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1
Frame ID: 5FC1DA1E90C7D4F1AD58D9A50C4F1793
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
Frame ID: 3E97DCC6D8D2F1DD4D34B8393A429C6B
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Frame ID: 5E6580255F70505A9FC230AC96E083BB
Requests: 23 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Frame ID: FDB43D1B0E2FDEB8603EEF8BB880C4E8
Requests: 23 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 74102289C66FA17E0F7B4A06DC1D4D8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://46.4.15.228/ HTTP 301
https://www.dreamies.de/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Yieldlab (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/(?:[^/]+\.)?yieldlab\.net\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

199
Requests

100 %
HTTPS

32 %
IPv6

30
Domains

49
Subdomains

35
IPs

8
Countries

3937 kB
Transfer

6011 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://46.4.15.228/ HTTP 301
https://www.dreamies.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
https://nugmw.userreport.com/rc-ap/c8ee1682-0ded-4a68-b8c5-08b87ef5d9ae/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715

Request Chain 126

https://bbnaut.ibillboard.com/match/AdScale?partneruid=091357a92e6d436eb5dc4d0d3472031b&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=101&tpuid=BBID-01-02936575736129810-16266456

Request Chain 136

https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneid8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8Aoneid__webplexmedia_advancedad_CH_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.ch/ztpv.php?insert=AW

Request Chain 140

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=7e3ad456d722ad77081a51d5bd02511799abfa46e651b5450d503d1a6d84a2fd&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=888d607f-1e55-4700-a9bb-377514ee5267

Request Chain 161

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID HTTP 307
https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F7d65db2b2bb340769075ee9ab307350b%252F1618943573437%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524UID HTTP 302
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=75&tpuid=6994020760736713909

Request Chain 165

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=3d1e7a60b6f24a5ede06780b1dfde0247052271d2219593a438555da9b1325fc&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=3d1e7a60b6f24a5ede06780b1dfde0247052271d2219593a438555da9b1325fc&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg&C=1 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH8eVjg7YEVd2PcsOJk.ygAA%261112

Request Chain 177

https://track.adform.net/serving/cookie/match/?party=9&uid=fd7f55e08af3845cbfa2f162519d3714b6145be7307c4dee00f0bad1725e4877&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=fd7f55e08af3845cbfa2f162519d3714b6145be7307c4dee00f0bad1725e4877&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=42&tpuid=63720990992609433

Request Chain 178

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=5a97176b599c5f2ccf46e687aa6f6ca0aec6bc52be55e4a37b85c9dc4bb8d756&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4b4b7b23-0701-4693-b7d2-1e810a2ae904

Request Chain 179

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=7a2a0ea86837ad84455c53f10bc92cc9795893c702b5edb8bc37148fadb910cb&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=888d607f-1e55-4700-a9bb-377514ee5267

Request Chain 185

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=41a0ada206da0a0c94edbe626949166457ffada7b504d4e3014b56c9aef86be9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fjs HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=41a0ada206da0a0c94edbe626949166457ffada7b504d4e3014b56c9aef86be9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fjs&checkcookies=true HTTP 302
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/js?tpid=48&tpuid=cb7dffc96c9ebd7b410d9c1a554ebc69

199 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.dreamies.de/
Redirect Chain

https://46.4.15.228/
https://www.dreamies.de/

17 KB
4 KB

126ms
42ms

Document
text/html

46.4.15.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.15.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dreamies.de
Software: Apache /
Resource Hash: a7bbd282fc423dd2a9754ef0c18108dd9e5904c0e903caa8bbf3a06621ec5282

Request headers

Host: www.dreamies.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Server: Apache
Set-Cookie: dreamies_ab=1; expires=Wed, 21-Apr-2021 18:32:52 GMT; Max-Age=86400; path=/; domain=dreamies.de
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 4121
Connection: close
Content-Type: text/html; charset=iso-8859-1

Redirect headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Server: Apache
Location: https://www.dreamies.de/
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 0
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 4 KB
739 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: www.dreamies.de
URL: https://www.dreamies.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 17:12:36 GMT
server: ESF
date: Tue, 20 Apr 2021 18:32:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 18:32:52 GMT

GET
H/1.1 200
OK dreamies.css
s1.dreamies.de/rs/css/ 36 KB
8 KB 128ms
44ms Stylesheet
text/css 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.dreamies.de/rs/css/dreamies.css?v=96
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 1254ef935264b35c3f7a70229bee326724c8857bbf2480fd7b11e3db626fc24d

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jan 2021 22:23:14 GMT
Server: Apache
ETag: "8e94-5b842c4e4cd75-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=250
Content-Length: 7365
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
s1.dreamies.de/rs/js/ 86 KB
30 KB 142ms
58ms Script
application/javascript 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.dreamies.de/rs/js/jquery-3.4.1.min.js
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Jul 2019 13:23:11 GMT
Server: Apache
ETag: "15851-58ea98f825ff1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=250
Content-Length: 30677
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK 56669,56667,56651 Show response
ad.yieldlab.net/yp/ 154 B
736 B 112ms
38ms Script
text/javascript 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/56669,56667,56651
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:52 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 129
Expires: Mon, 19 Apr 2021 18:32:52 GMT

GET
H2 200 yieldlove-bidder.js Show response
cdn-a.yieldlove.com/ 335 KB
100 KB 187ms
77ms Script
application/javascript 13.33.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-42.cph50.r.cloudfront.net
Software: / Express
Resource Hash: 32c8126b32c529fa77d6fc9b63b517a7f4d2e7a98d374a4c4fa5aedc9da56d8b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:20:25 GMT
content-encoding: gzip
etag: "53db0-/b51jgbqYXCCV2+dx91f5AHR0O0"
age: 747
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: Sn6ds2R-iAgxZ1gqAwa4c2pfHliWrWGjb850IFIKJJo_XsCVeQB2lw==
via: 1.1 de5c91e6083c20494d32dc8ebe4b652d.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 112ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dreamies.de
URL: https://www.dreamies.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

54e729a5eee76fbdb72a5d16d3aaca8675ded02134f73fbb59534d2297cc11ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "848 / 432 of 1000 / last-modified: 1618932475"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21108
x-xss-protection: 0
expires: Tue, 20 Apr 2021 18:32:52 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 187ms
171ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=9606a3996ea764c9859669b987170dc2

Requested by

Host: www.dreamies.de
URL: https://www.dreamies.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46456be1dc4bed3634d5fb27d0f6a4fc3b1927b1a887f44b9ec0e3192e9daec9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227935300001e479c010000000001
pragma: no-cache
last-modified: Tue, 20 Apr 2021 18:32:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gEeMIIlrffeX2lLSCgTXgVTLpLEVG4%2BQTU2I4lgjWA7KGUfZMhOMoNvxbflzhpQMtP%2FGmppORV1casPwmOZU8LDvFFXokwHyQZWuEWwrJLUiEmeSTM%2Bx6lTw%2FTU1xHoG"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 643075321db01e47-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK DE.js Show response
s1.dreamies.de/rs/js/language/ 2 KB
1 KB 129ms
44ms Script
application/javascript 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.dreamies.de/rs/js/language/DE.js?v=6
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 0e668f902def91b9fec73061a6ce00149a0fdbda93e864de5c2629059756bc20

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2020 12:58:22 GMT
Server: Apache
ETag: "6e3-5ad4eacdb57aa-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=250
Content-Length: 680
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK js.cookie.js Show response
s1.dreamies.de/rs/js/ 2 KB
1 KB 130ms
42ms Script
application/javascript 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.dreamies.de/rs/js/js.cookie.js
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 67fd03d12cd9941745e017cac44870121daf52d7ab971fcc49450e2eebbecc24

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jul 2019 19:13:55 GMT
Server: Apache
ETag: "740-58cf3e55438dc-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=250
Content-Length: 983
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK dreamies.js Show response
s1.dreamies.de/rs/js/ 50 KB
16 KB 155ms
47ms Script
application/javascript 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.dreamies.de/rs/js/dreamies.js?v=46
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: d62f4aee4ce6f84d0eb284f0cc5e748052cdf550720cd9d49ef2c91845f7cc9c

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Apr 2021 22:46:46 GMT
Server: Apache
ETag: "c77c-5bef10195bbc1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=250
Content-Length: 15466
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK logo-full.png
s1.dreamies.de/rs/images/header/ 9 KB
9 KB 51ms
45ms Image
image/png 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/logo-full.png
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 62ae283726b60dca9ab289f0b62ac6bbed46a3c66d8e40d312e94833877f06c6

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Tue, 12 Feb 2019 00:38:50 GMT
Server: Apache
ETag: "22e0-581a7a61d1a80"
Content-Type: image/png
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=249
Content-Length: 8928
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK logo-icon.png
s1.dreamies.de/rs/images/header/ 3 KB
3 KB 52ms
46ms Image
image/png 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/logo-icon.png
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 8ff40f3f42b5316d5f21c0b35f7b5670ec56136578a4b97a1efd97638c4cf00f

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Thu, 14 Feb 2019 01:20:44 GMT
Server: Apache
ETag: "a39-581d077a47300"
Content-Type: image/png
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=249
Content-Length: 2617
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK menu.svg
s1.dreamies.de/rs/images/header/ 310 B
656 B 52ms
46ms Image
image/svg+xml 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/menu.svg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 14d281ee630e468e6fbe88cf29bc8ef978abfd19747d9b6c7b19b6a65f13fb44

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Tue, 12 Feb 2019 00:38:50 GMT
Server: Apache
ETag: "136-581a7a61d1a80"
Content-Type: image/svg+xml
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=249
Content-Length: 310
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK upload-white.svg
s1.dreamies.de/rs/images/header/ 549 B
895 B 51ms
45ms Image
image/svg+xml 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/upload-white.svg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 79e92f64cc840a06b3c100393a4ce1556963142cc20ec80437e022c4c9ec012b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Wed, 11 Sep 2019 15:17:21 GMT
Server: Apache
ETag: "225-5924884764adb"
Content-Type: image/svg+xml
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=249
Content-Length: 549
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK search_white.svg
s1.dreamies.de/rs/images/header/ 3 KB
3 KB 51ms
44ms Image
image/svg+xml 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/search_white.svg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: eb22a5c54d3f3e62db846c44fc9286fdd63b45b93175e0a93a391ac4f69049a8

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Tue, 12 Feb 2019 00:38:50 GMT
Server: Apache
ETag: "b15-581a7a61d1a80"
Content-Type: image/svg+xml
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=249
Content-Length: 2837
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK upload.svg
s1.dreamies.de/rs/images/header/ 549 B
895 B 184ms
38ms Image
image/svg+xml 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/upload.svg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: ad6dccea9accf018923fa6e7d0dce6c9272bfbe9bdd664fbbc7f6339b7bc8f2c

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Wed, 11 Sep 2019 14:59:13 GMT
Server: Apache
ETag: "225-59248439b7e2b"
Content-Type: image/svg+xml
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=246
Content-Length: 549
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK lock.svg
s1.dreamies.de/rs/images/header/ 668 B
1014 B 34ms
34ms Image
image/svg+xml 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/lock.svg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 2bc1f13e1ca9dbdc0a65d2913aea0cf4d500be30d9be2a5821953ef1ab1567ca

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Tue, 12 Feb 2019 00:38:49 GMT
Server: Apache
ETag: "29c-581a7a60dd840"
Content-Type: image/svg+xml
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=249
Content-Length: 668
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK search.svg
s1.dreamies.de/rs/images/header/ 705 B
1 KB 35ms
35ms Image
image/svg+xml 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/header/search.svg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 2f61f4a874b67d088a502359fb874fb9b7fc6ba6dadbdfa905b131fc8f12464e

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Tue, 12 Feb 2019 00:38:50 GMT
Server: Apache
ETag: "2c1-581a7a61d1a80"
Content-Type: image/svg+xml
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=247
Content-Length: 705
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK fp_bg.jpg
s1.dreamies.de/rs/images/ 208 KB
208 KB 64ms
39ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/rs/images/fp_bg.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 792e885389ac9957f7c28e8d8521a6107e9a3b4e9eb320efc701ca1aa52b337d

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 14 Dec 2019 09:42:32 GMT
Server: Apache
ETag: "33e1f-599a6cc2b926d"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=248
Content-Length: 212511
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK se0z5b0f8mc.jpg
img2.dreamies.de/img/550/p/ 12 KB
12 KB 345ms
47ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/550/p/se0z5b0f8mc.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 750b9cbcad3747d1017e537ac2bf18de6a718f90752cc6d35e4d08154201bfab

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:52:07 GMT
Server: dreamies.de
ETag: "2394519998"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 11981
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 5hnb6h7xyu4.jpg
img1.dreamies.de/img/517/p/ 20 KB
20 KB 424ms
36ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/517/p/5hnb6h7xyu4.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 9d922ca87eb58302e69dd1637de627c97fdb163902cc0cbf10cf100800fc7186

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Tue, 04 Aug 2020 14:09:04 GMT
Server: dreamies.de
ETag: "2454891826"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 20532
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 7j4c6jkqexy.jpg
img1.dreamies.de/img/562/p/ 14 KB
14 KB 350ms
43ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/562/p/7j4c6jkqexy.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 37d2a80bf0d8b8e352a98193ec416fd5239148bbb37646ab03fd4684917ebf57

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:36:47 GMT
Server: dreamies.de
ETag: "3099680948"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 14481
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 4avxfjgjsp8.jpg
img2.dreamies.de/img/579/p/ 9 KB
9 KB 302ms
81ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/579/p/4avxfjgjsp8.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: eecaf0ad3b1cc6ad3b2e813a8c95fd6e5d7670947e214e5538d985125764a430

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:41:20 GMT
Server: dreamies.de
ETag: "2727135434"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 9369
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 5h105512aor.jpg
img2.dreamies.de/img/821/p/ 18 KB
18 KB 164ms
53ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/821/p/5h105512aor.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 656f4f84cadbfcbac63f7fae8cb3f3d66dd06fa6e21ed186c1c2b60b8604bf72

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Mon, 10 Aug 2020 21:59:55 GMT
Server: dreamies.de
ETag: "2477387325"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 18107
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK 2e163p7xsb5.jpg
img2.dreamies.de/img/995/p/ 10 KB
10 KB 201ms
69ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/995/p/2e163p7xsb5.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: e0efabc28446e98742f6b7ab3e8e4209e2ccde7a52cdbcd34957bce02cf80b37

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:54:57 GMT
Server: dreamies.de
ETag: "4122568333"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 10074
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK et8mkne38ok.jpg
img1.dreamies.de/img/948/p/ 16 KB
16 KB 387ms
36ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/948/p/et8mkne38ok.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: c6cecd60d4ab0c608085e4935854abf2401cc65909519bcbefdc616e91b1d1e5

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:51:32 GMT
Server: dreamies.de
ETag: "1460780297"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 16006
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK tnqvsaz7lj1.jpg
img2.dreamies.de/img/382/p/ 12 KB
12 KB 328ms
94ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/382/p/tnqvsaz7lj1.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 39184405211ada7ad189013481da2be89d82cd89b4d2083e4279662117800e66

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:57:04 GMT
Server: dreamies.de
ETag: "2374574444"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 12086
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK w23jqqagvwn.jpg
img1.dreamies.de/img/407/p/ 10 KB
10 KB 261ms
93ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/407/p/w23jqqagvwn.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 0a3621e2101358824480ef174bc03f4b4d7547bd82a02c339b688947129d6b86

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 22:06:11 GMT
Server: dreamies.de
ETag: "517029231"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 10174
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK avrla0p5fjg.jpg
img2.dreamies.de/img/44/p/ 18 KB
19 KB 256ms
62ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/44/p/avrla0p5fjg.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: a6c58aee80da786217ac25bde129a17cc05ccbe3188fa3682ab64376b408101a

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Wed, 29 Jul 2020 21:10:57 GMT
Server: dreamies.de
ETag: "3049861409"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 18769
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK uutdpnmmucn.jpg
img2.dreamies.de/img/63/p/ 20 KB
20 KB 310ms
79ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/63/p/uutdpnmmucn.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 4492a67f5b917f223a80f50dcce8df8df9abada9465ceea652c0d97171b3ca88

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:46:04 GMT
Server: dreamies.de
ETag: "668501964"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 20033
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK knaz1w67q8p.jpg
img1.dreamies.de/img/804/p/ 17 KB
18 KB 208ms
42ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/804/p/knaz1w67q8p.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: d64211010570b2be70ded78d18514a9054aae35a22e16fb349cb1be1e68902eb

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:42:17 GMT
Server: dreamies.de
ETag: "3305287214"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 17871
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK dl50ntn3eln.jpg
img2.dreamies.de/img/126/p/ 14 KB
14 KB 229ms
45ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/126/p/dl50ntn3eln.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: d44f838fde83ceadce863bc3eb81c53c98dc71b0e3d0f9e8f60e3c7dadeb2ac9

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:31:23 GMT
Server: dreamies.de
ETag: "2315451327"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 14223
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK o881wk9ejmt.jpg
img1.dreamies.de/img/920/p/ 24 KB
25 KB 307ms
43ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/920/p/o881wk9ejmt.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 07ef92d2549a9cdeb38ba398113168b1d1ef923e5ab8db119d75fb3959623870

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 22:03:45 GMT
Server: dreamies.de
ETag: "2083596012"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 24823
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK qbw8xh57a4o.jpg
img1.dreamies.de/img/953/p/ 5 KB
6 KB 294ms
36ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/953/p/qbw8xh57a4o.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: d5bdd783f4a2cc37b5db069176c2e245247d49ed5470f0f432fc69d1c3dfba53

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 22:00:53 GMT
Server: dreamies.de
ETag: "3588403235"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 5612
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 8j05oka2ja4.jpg
img1.dreamies.de/img/25/p/ 21 KB
21 KB 371ms
41ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/25/p/8j05oka2ja4.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: c229dd8598c0c993f649da6a7abea4926e80e4fc55054625d2bbed24693b8d48

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:32:22 GMT
Server: dreamies.de
ETag: "3082985758"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 21285
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 48mfj0m5dce.jpg
img1.dreamies.de/img/173/p/ 10 KB
10 KB 343ms
40ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/173/p/48mfj0m5dce.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: fbe4261d8b81293955c88a05e0b78d853fe41a6a9cdd262446e1347a45a3effc

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Wed, 29 Jul 2020 08:57:38 GMT
Server: dreamies.de
ETag: "2195924818"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 10177
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 935szt7o7qc.jpg
img1.dreamies.de/img/806/p/ 13 KB
14 KB 295ms
37ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/806/p/935szt7o7qc.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: ff2d0135a9df19463cff355360b91dd20ae88465b6a794ec159d6609cc887b90

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:40:23 GMT
Server: dreamies.de
ETag: "4093815574"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 13658
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 09gjle94szx.jpg
img2.dreamies.de/img/150/p/ 20 KB
20 KB 310ms
83ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/150/p/09gjle94szx.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: ceb443d2e20475530e492f550b6ba7a2be3e9539af79048d767ba81f7f28f951

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 22:05:19 GMT
Server: dreamies.de
ETag: "3638164260"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 20375
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK bfo2aj6j37r.jpg
img1.dreamies.de/img/705/p/ 19 KB
19 KB 205ms
39ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/705/p/bfo2aj6j37r.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 3edfdf0faf72d044a0c7fd9b1f9e884176ba0e5ae1ea531501c62e2c7d3553af

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:40:29 GMT
Server: dreamies.de
ETag: "939621824"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 19080
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK kmf6uzua3gh.jpg
img1.dreamies.de/img/15/p/ 11 KB
11 KB 386ms
37ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/15/p/kmf6uzua3gh.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: b5eb0a372c1a5caf8b619cd0fc6361919c05718e6232aa929faa3de6060d33f3

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:37:43 GMT
Server: dreamies.de
ETag: "351462201"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 11028
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 5h413n51fsm.jpg
img2.dreamies.de/img/562/p/ 23 KB
24 KB 206ms
74ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/562/p/5h413n51fsm.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 05cc18fa9e1eba5a2e597d0433e386b29313fee3e15e4ca5feecbec489cf7186

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:46:16 GMT
Server: dreamies.de
ETag: "1302856170"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 23860
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK snby81uxg9n.jpg
img2.dreamies.de/img/122/p/ 18 KB
19 KB 204ms
67ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/122/p/snby81uxg9n.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 0e2d01c7c16cad136c46c6ad6a13403636e8e6e663dcfd71c8bf764b1688bc59

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:53:09 GMT
Server: dreamies.de
ETag: "2128182005"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 18879
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK g3c439tdt3h.jpg
img1.dreamies.de/img/985/p/ 11 KB
11 KB 258ms
91ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/985/p/g3c439tdt3h.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 4dbf33b46263ff6233515c714b6dbaf23770acb72d505c874ad853aa148c3bbf

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:51:56 GMT
Server: dreamies.de
ETag: "3559926190"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 10962
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK xyzwcr7525d.jpg
img1.dreamies.de/img/896/p/ 23 KB
24 KB 306ms
38ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/896/p/xyzwcr7525d.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 5d244d447d95dc4049a75b5fb60d63da02b1665fe75d95d65f5d63cfd9615bf3

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:39:57 GMT
Server: dreamies.de
ETag: "4108500590"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 23851
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK y35eotuxzl3.jpg
img1.dreamies.de/img/928/p/ 11 KB
11 KB 345ms
43ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/928/p/y35eotuxzl3.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: f87d27a4de7ca508f816c4c8620dab37ea52e76a9b9714a1cc21daad7bb9d291

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 22:04:20 GMT
Server: dreamies.de
ETag: "2417049400"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 11148
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 6dzyugie1fo.jpg
img1.dreamies.de/img/79/p/ 18 KB
18 KB 260ms
47ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/79/p/6dzyugie1fo.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 3061749ed3695aa98a54027743dcdddd9d6c6f1c394af4a3d90c1946e55bea16

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:53:03 GMT
Server: dreamies.de
ETag: "2356263371"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 17941
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 3jmph3bq1dq.jpg
img2.dreamies.de/img/34/p/ 12 KB
12 KB 271ms
69ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/34/p/3jmph3bq1dq.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 6fb573110505f7f3ab9d8c33df8795e2efaf7d4fa36a1a76a58f6e9d4d8e8b51

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Sun, 26 Jul 2020 14:23:14 GMT
Server: dreamies.de
ETag: "1422636660"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 12475
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK udwklw0nql7.jpg
img1.dreamies.de/img/212/p/ 15 KB
16 KB 299ms
39ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/212/p/udwklw0nql7.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: a07536074aaa7b4c93639d64e1b24096a1f06734aabb475d57604c876eb2e62b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:34:55 GMT
Server: dreamies.de
ETag: "1523643829"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 15604
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK r4pnwdxlu71.jpg
img2.dreamies.de/img/391/p/ 12 KB
13 KB 191ms
64ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/391/p/r4pnwdxlu71.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 6ee78851a0c89bdea8d51466b8dff6b986494ede365aeebb78d1dd85468b6245

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:40:04 GMT
Server: dreamies.de
ETag: "2375590258"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 12627
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK u4ybfkp8qh9.jpg
img1.dreamies.de/img/890/p/ 21 KB
21 KB 208ms
42ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/890/p/u4ybfkp8qh9.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: f95e51cb0e6b62748710cbc331616d975ed8d8c498fa5da0ee3b1f3e3faeb956

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:56:21 GMT
Server: dreamies.de
ETag: "3691200217"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 21178
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK k723k19fcjs.jpg
img1.dreamies.de/img/310/p/ 12 KB
12 KB 208ms
40ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/310/p/k723k19fcjs.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 6f6c98373e98d09782fd0f9d51861d3f680c3190a14cf359bcc04abbd6149048

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:50:23 GMT
Server: dreamies.de
ETag: "2018602953"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 12390
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK psk84z157ak.jpg
img1.dreamies.de/img/872/p/ 8 KB
8 KB 362ms
43ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/872/p/psk84z157ak.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 70422b0739ca991ded207cc02181739d134fa3c4ab3817c1a7c3db6f744900c8

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:56:09 GMT
Server: dreamies.de
ETag: "1244009331"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 8293
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK bb9tbkzc9yw.jpg
img2.dreamies.de/img/383/p/ 15 KB
15 KB 203ms
73ms Image
image/jpeg 213.239.232.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.dreamies.de/img/383/p/bb9tbkzc9yw.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.239.232.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-232-144.clients.your-server.de
Software: dreamies.de /
Resource Hash: 8add3ea3594724f3829017c906429081d8e7042cc0f91c3e52972f1d3a5e815b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:52:02 GMT
Server: dreamies.de
ETag: "1127839947"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 14943
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK z5pksip1nkt.jpg
img1.dreamies.de/img/494/p/ 19 KB
19 KB 372ms
36ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/494/p/z5pksip1nkt.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 58a06bf74b3f6aa263164e9e7e1343e0d3a651089de016c271bee328eadc8345

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 22:08:18 GMT
Server: dreamies.de
ETag: "1479618704"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 19090
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 5f97lrlb8fq.jpg
img1.dreamies.de/img/62/p/ 11 KB
11 KB 296ms
37ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/62/p/5f97lrlb8fq.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 7e810234645c20a7cba259cc6b6987d2ac6e73b53c85c674f0525037dbabef17

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:47:59 GMT
Server: dreamies.de
ETag: "282158343"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 10950
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK 5o5r7fn0iq2.jpg
img1.dreamies.de/img/338/p/ 10 KB
10 KB 332ms
37ms Image
image/jpeg 78.47.1.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.dreamies.de/img/338/p/5o5r7fn0iq2.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.1.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.1.47.78.clients.your-server.de
Software: dreamies.de /
Resource Hash: 151aa465fff6b9cc55e27cb13b0cb607adc9fe667c1ac7f010fd2a13d4de107b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Mon, 10 Aug 2020 21:42:55 GMT
Server: dreamies.de
ETag: "55681387"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 10305
Expires: Sun, 17 Oct 2021 18:32:53 GMT

GET
H/1.1 200
OK nfjrycqwbdxc.jpg
s1.dreamies.de/galerien/274/ 8 KB
9 KB 69ms
44ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/274/nfjrycqwbdxc.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 31cef39edfaf7e460f1f0e458c53acc2c52fb42ee98c0a7c8f8b723120877e13

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 05:45:54 GMT
Server: Apache
ETag: "2152-4d16a7a36e880"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=248
Content-Length: 8530
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK fugnhrisi3mm.jpg
s1.dreamies.de/galerien/284/ 11 KB
11 KB 107ms
35ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/284/fugnhrisi3mm.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: f71bbeb2e2d71d720e8c9d6d6b01223ec75e83df7805bc834d2ee1e66e15dc32

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 02:40:16 GMT
Server: Apache
ETag: "2c41-4d167e2568400"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=247
Content-Length: 11329
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK uvvstdpbhu62.jpg
s1.dreamies.de/galerien/891/ 11 KB
11 KB 104ms
34ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/891/uvvstdpbhu62.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 68711ca36b2fcbbd1a32399f6f4b95493b9b969f2502adb73ab1e46a4f5fcd68

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 03:54:19 GMT
Server: Apache
ETag: "2aa4-4d168eb2950c0"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=247
Content-Length: 10916
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK eyetqivdyqv2.jpg
s1.dreamies.de/galerien/93/ 20 KB
21 KB 103ms
34ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/93/eyetqivdyqv2.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 14445c0ed5260e30f4631a5021ce091a408fdff87e0f6a43dabbd4404b091821

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 02:49:15 GMT
Server: Apache
ETag: "50c9-4d168027700c0"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=247
Content-Length: 20681
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK iydwxesi1uuv.jpg
s1.dreamies.de/galerien/817/ 10 KB
10 KB 149ms
38ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/817/iydwxesi1uuv.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 347f7e44457829eb4f3789014a93f0bc92b13deb362c4cc6f3e21a1cb49fd439

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 04:03:41 GMT
Server: Apache
ETag: "278c-4d1690ca8c140"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=246
Content-Length: 10124
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK zgqydklamonj.jpg
s1.dreamies.de/galerien/486/ 17 KB
18 KB 64ms
40ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/486/zgqydklamonj.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 34501bcafc89e50a1a74eb9a5500200dec0fbabf2f48e7252d643eeebaf28c37

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 02:34:59 GMT
Server: Apache
ETag: "458d-4d167cf717ac0"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=248
Content-Length: 17805
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK fmiwocxq982o.jpg
s1.dreamies.de/galerien/9/ 21 KB
22 KB 149ms
37ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/9/fmiwocxq982o.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 284636f525c924ae12b7750343864d270783bae4418be2af74e64cb41da8f045

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 02:36:16 GMT
Server: Apache
ETag: "5532-4d167d4086800"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=246
Content-Length: 21810
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK urcswnawqv6y.jpg
s1.dreamies.de/galerien/895/ 13 KB
13 KB 104ms
34ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/895/urcswnawqv6y.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: fd07e6ca07cc12251069b28597c6c90260258915aa059f37e7829c1cfb80f09f

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 04:09:58 GMT
Server: Apache
ETag: "34a5-4d16923215180"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=250
Content-Length: 13477
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK kjigqejd41kc.jpg
s1.dreamies.de/galerien/643/ 18 KB
18 KB 148ms
37ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/643/kjigqejd41kc.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 60b395b3721e8fe7282ffb033ffaeb7f1bcb6c790af701327f0a70a8f72faf7b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 03:35:03 GMT
Server: Apache
ETag: "47b9-4d168a64227c0"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=246
Content-Length: 18361
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK rysfojdnr5y6.jpg
s1.dreamies.de/galerien/166/ 11 KB
12 KB 112ms
43ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/166/rysfojdnr5y6.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 3a384af1fd82f401c78f865442e0a0948d5584d4d918804d22396e5f48dd63dd

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Tue, 16 Apr 2013 16:07:13 GMT
Server: Apache
ETag: "2cb3-4da7c8ff76e40"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=247
Content-Length: 11443
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK ghbgbqaqk8lc.jpg
s1.dreamies.de/galerien/31/ 10 KB
10 KB 69ms
44ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/31/ghbgbqaqk8lc.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: c3a04987d84151975efc565b525b850c95873b737c9d98375da8b80aa67fcdda

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 03:25:04 GMT
Server: Apache
ETag: "280c-4d168828e2400"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=248
Content-Length: 10252
Expires: Sun, 17 Oct 2021 18:32:52 GMT

GET
H/1.1 200
OK jkmwjsuy9i9e.jpg
s1.dreamies.de/galerien/396/ 8 KB
9 KB 64ms
40ms Image
image/jpeg 168.119.242.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dreamies.de/galerien/396/jkmwjsuy9i9e.jpg
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.242.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.dreamies.de
Software: Apache /
Resource Hash: 0b4f1c17d2d59ef197f77e5ca9c3c8fd6d1fc5c9f70e946c4a44dcd1a8ec7a61

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Last-Modified: Sat, 22 Dec 2012 02:58:46 GMT
Server: Apache
ETag: "215f-4d168247fc580"
Content-Type: image/jpeg
Cache-Control: max-age=15552000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=248
Content-Length: 8543
Expires: Sun, 17 Oct 2021 18:32:52 GMT

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
460 B 372ms
300ms XHR
text/plain 35.158.179.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.179.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-179-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: gzip
p3p: CP=NOI PSA OUR
content-type: text/plain
access-control-allow-origin: https://www.dreamies.de
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 127ms
37ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 18:32:52 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dreamies.de
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 148ms
43ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 18:32:52 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.dreamies.de
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 248 B
943 B 174ms
80ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

21d7321724a975f1100ca1bebf8b35538f2ad375ba25f4717f5be292cb37ffcc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:52 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: aafba0a4-6590-411b-8c54-a89a64a0914a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dreamies.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 248
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
449 B 466ms
332ms XHR
application/json 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc4NTEzMyZ0cmFuc2FjdGlvbklkPTRkNGFjZDU3LTgxNDUtNDViMC1hZDU0LWZhY2U5NGY4N2E3Yw%3D%3D&pt=gross&stid=1681d152-9a9f-431c-bd96-a1153eb6a457&fd=1

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 18:32:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.dreamies.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H/1.1 200
OK rs_300250.php Show response
as1.dreamies.de/ Frame 81C5 764 B
730 B 131ms
37ms Document
text/html 116.202.98.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as1.dreamies.de/rs_300250.php
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.98.152 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.98.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 840f913f3cae9407139b452ee9dd6b05604d1aad7855238b437e0bbc55ceb88e

Request headers

Host: as1.dreamies.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dreamies.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: dreamies_ab=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dreamies.de/

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 405
Connection: close
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK rs_300250.php Show response
as1.dreamies.de/ Frame CF95 764 B
730 B 130ms
37ms Document
text/html 116.202.98.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as1.dreamies.de/rs_300250.php
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.98.152 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.98.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 840f913f3cae9407139b452ee9dd6b05604d1aad7855238b437e0bbc55ceb88e

Request headers

Host: as1.dreamies.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dreamies.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: dreamies_ab=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dreamies.de/

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 405
Connection: close
Content-Type: text/html; charset=ISO-8859-1

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dreamies.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:50:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 499315
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Thu, 14 Apr 2022 23:50:57 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dreamies.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 203354
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid_v3l/202003181643/ 9 KB
5 KB 88ms
23ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid_v3l/202003181643/wrap.js
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cdfd11eeff2c617a795c4e0404e2c9fe3a200bf0ea64dbde36737a7046e8a26

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Content-Encoding: gzip
Age: 126
X-Cache: HIT
Connection: keep-alive
Content-Length: 4026
x-amz-id-2: OiZZTKcqwgsXHcQ7paQsE2CKZAcgtEs6toAIbxfxZeu/0wczONFkFiDZnrguwKlbSVjEtSd2AKs=
X-Served-By: cache-fra19149-FRA
Last-Modified: Thu, 19 Mar 2020 13:45:42 GMT
Server: AmazonS3
X-Timer: S1618943573.946975,VS0,VE0
ETag: "3fd29b71b30816563db55ec396d140b6"
x-amz-request-id: 12C6411B857D9717
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 195

GET
H/1.1 200
OK rs_72890.php Show response
as1.dreamies.de/ Frame B368 647 B
677 B 127ms
41ms Document
text/html 116.202.98.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as1.dreamies.de/rs_72890.php
Requested by: Host: s1.dreamies.de
URL: https://s1.dreamies.de/rs/js/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.98.152 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.98.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 43b0243ce7bc5de2e665cc766cfbddfad5c6e12c53653e7c9aab5260372ccf8d

Request headers

Host: as1.dreamies.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dreamies.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: dreamies_ab=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dreamies.de/

Response headers

Date: Tue, 20 Apr 2021 18:32:52 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 352
Connection: close
Content-Type: text/html; charset=ISO-8859-1

GET
H3-29 200 pubads_impl_2021041501.js Show response
securepubads.g.doubleclick.net/gpt/ 299 KB
105 KB 40ms
40ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 08:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107555
x-xss-protection: 0
expires: Tue, 20 Apr 2021 18:32:52 GMT

GET
H/1.1 200
OK 56669,56667,56651 Show response
ad.yieldlab.net/yp/ Frame 81C5 154 B
736 B 77ms
76ms Script
text/javascript 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/56669,56667,56651
Requested by: Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer: https://as1.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 129
Expires: Mon, 19 Apr 2021 18:32:53 GMT

GET
H2 200 banner.php Show response
view.webplexmedia.de/ Frame 81C5 221 B
361 B 122ms
44ms Script
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=4

Requested by

Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

b91de2ff4353c3fd241fba92e56a44f0e1a34c58bffdc23b745d728c598e43cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as1.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
cache-control: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 56669,56667,56651 Show response
ad.yieldlab.net/yp/ Frame CF95 154 B
736 B 128ms
60ms Script
text/javascript 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/56669,56667,56651
Requested by: Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer: https://as1.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 129
Expires: Mon, 19 Apr 2021 18:32:53 GMT

GET
H2 200 banner.php Show response
view.webplexmedia.de/ Frame CF95 221 B
362 B 119ms
43ms Script
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=4

Requested by

Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_300250.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

b91de2ff4353c3fd241fba92e56a44f0e1a34c58bffdc23b745d728c598e43cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as1.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
cache-control: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
792 B 151ms
139ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.dreamies.de%2F&mtk=12294

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=9606a3996ea764c9859669b987170dc2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
cf-request-id: 099227940400004eafa6090000000001
pragma: no-cache
last-modified: Tue, 20 Apr 2021 18:32:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JDIZQmTRZqmN86mw1ZvmSbRy%2BnfMUdi75FuvlrOQQ%2FJFiDrhENXVf6lUf3LuowzEpsw%2F4yF%2Fp6u%2FVFqDd85NkYJRTdzTgx2M5YP8kT5Idm5mgxwCGOyaZW96W2VLhgbB"}],"max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.dreamies.de
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 643075333e414eaf-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 9606a3996ea764c9859669b987170dc2.js Show response
tag.vlitag.com/v1/1618916913/ 549 KB
113 KB 46ms
44ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1618916913/9606a3996ea764c9859669b987170dc2.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=9606a3996ea764c9859669b987170dc2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af208842453b8fccc7156284e97f7606705b0d3d2d4c3495f4918cea135dcc19

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 26658
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09922793fc00001e47db9ab000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6buOx%2FGylsD517sw0R%2Bs4vMFGGHeXpqPgC3mMYTScZWJm7nXcQ7cLxrnPlNJob5c7zs02qu9wv12n%2FDtlgb1dWOj20Z5oYXtA8RF7CevNpWbm%2BlL5MU5jT6riQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 643075332fc11e47-FRA

GET
H/1.1 200
OK 56669,56667,56651 Show response
ad.yieldlab.net/yp/ Frame B368 154 B
736 B 167ms
133ms Script
text/javascript 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/56669,56667,56651
Requested by: Host: as1.dreamies.de
URL: https://as1.dreamies.de/rs_72890.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer: https://as1.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 129
Expires: Mon, 19 Apr 2021 18:32:53 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 53ms
50ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618916913/9606a3996ea764c9859669b987170dc2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1697553
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227947600001e47c5104000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DXAKwy5ObawoZIFj%2B%2FckgNEt3KM6ZxA94fCF80eManJR5tjUB91UCDNeb1hS3HiQDPad5umYlR7%2F3oek1tlPm3Fp54Cgc2JdR%2BKFdkQzDM0OqWdskUen593qthkTyw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 64307533e9681e47-FRA
expires: Thu, 01 Apr 2021 03:30:20 GMT

GET
H2 200 prebid-v4.28.4.js Show response
assets.vlitag.com/prebid/default/ 399 KB
114 KB 73ms
71ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618916913/9606a3996ea764c9859669b987170dc2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9e261fab8c586b16dc1831b34f9391bcb94b8fca0bfdcf369e8de3a19947d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 122701
cf-polished: origSize=409186
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227949000001e47db9b5000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 19 Mar 2021 08:27:45 GMT
server: cloudflare
etag: W/"60546081-63e62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a4shmPh0XeKW59XlSM1z0tjrgMRSz8JlXiaMF60Ug10l3QYHnFGkIBcYIWM4fsbvnlkXAE3fIC7OgKhVC6NSbqL7F%2Bhy8rT5dsEVXpQPuU%2B4%2F9Wqu4Sne5E%2FE3CSwQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 64307533e96f1e47-FRA
expires: Mon, 19 Apr 2021 08:57:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618916913/9606a3996ea764c9859669b987170dc2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb6ea6aa551f7224894917bdec3fe7e41f422d4d24c5146d792b6558b0490678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "848 / 333 of 1000 / last-modified: 1618932475"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21111
x-xss-protection: 0
expires: Tue, 20 Apr 2021 18:32:53 GMT

GET
H2 200 viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 54ms
53ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618916913/9606a3996ea764c9859669b987170dc2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 121257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227949100001e47a60dc000000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 26 Nov 2020 03:46:23 GMT
server: cloudflare
etag: W/"5fbf250f-33d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FEXsegpj3fdDAfVizmx%2BYtLq80AkzSP6id5V2ZrWnZuRESowGwXa1HQRbhrwKOf39zeoqG57oAuhA725mnHthbUC1TwpQsdAxoGot74uGIKujJUnZ%2Bc8FoGZ6Q9Lqw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 64307533e9da1e47-FRA
expires: Mon, 19 Apr 2021 09:21:56 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618916913/9606a3996ea764c9859669b987170dc2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117037
x-xss-protection: 0
expires: Tue, 20 Apr 2021 18:32:53 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618916913/9606a3996ea764c9859669b987170dc2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 121257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227949200001e47c1ab5000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U41sgXQgUTSgYWkZlM%2BzLqSlrSU%2FSw%2Bdc19j%2FS7QqHRVxAGl6LsQkyceD7kgMh0xmRkAtTHE2nps6sJWqbTnFUPMtY425litmPYYyCxD9Ip39zqzBwf4FAcVJVfbdw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 64307533e9de1e47-FRA
expires: Mon, 19 Apr 2021 09:21:56 GMT

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame 8636 740 B
592 B 39ms
37ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

4efcba0f9c87558f05983085941c34d3b9b5e99cc2900d384748f8438ed061cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as1.dreamies.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as1.dreamies.de/

Response headers

server: nginx
date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame 5EB6 740 B
592 B 38ms
37ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=333004898&e=0&p=0&s=0&sid=867&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

4efcba0f9c87558f05983085941c34d3b9b5e99cc2900d384748f8438ed061cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as1.dreamies.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as1.dreamies.de/

Response headers

server: nginx
date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H/1.1 200
OK userconnect.js Show response
js.adscale.de/ 14 KB
5 KB 93ms
30ms Script
application/javascript 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Vg_Jp.ZJ2u3YbQXNKkA7T4fbgrmEYgFi
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 00:56:54 GMT
Server: AmazonS3
x-amz-request-id: FSVMN4NAT29K7A67
ETag: "98f37b242862929d9aef4bde91abc8ad"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Date: Tue, 20 Apr 2021 18:32:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4485
x-amz-id-2: 6QUOYCNbvtUL3ZhmW7J9md43BdYE0qwmy68DuImMhfbKvjQThSpN/VcdIjXp9gsf6kQf986OZ48=

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 5EB6 1 KB
2 KB 35ms
35ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame CE36 909 B
588 B 42ms
42ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

16f17449dcbe22d55b8d05438eb8ed8f8fb9bccf54b1734824103952d0597330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 8636 1 KB
2 KB 34ms
33ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame E49F 909 B
588 B 40ms
39ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

16f17449dcbe22d55b8d05438eb8ed8f8fb9bccf54b1734824103952d0597330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 7ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210420

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c5306756f69dd3edf6c62dd9bc5bc2775fe262632775ca1161ea28b4895b176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37551
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 919
etag: W/"674-f41fuenk8BdFfSGJke4vlKuc2BM"
x-served-by: cache-fra19137-FRA, cache-hhn4021-HHN
date: Tue, 20 Apr 2021 18:32:53 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
logs.vlitag.com/sub/ 0
339 B 130ms
129ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=dreamies.de&h=www.dreamies.de
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BNWtyLOurjrM35AcK3UYgyJkSC6t1udJm%2FH93%2Bpf%2BiuOsoNIs0b3dwCbBr6b62VQ%2FL7OGl%2BOvsJstCf%2Bp%2BtHGnOmFyBkZa7BKKdR8O70DKcp5pU2JQCljRItUVQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 64307534fb991e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 099227951b00001e47df28a000000001

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 5EB6 1 KB
2 KB 34ms
34ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=333004898&e=0&s=0&p=0&w=300&h=250&sid=867&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 57fgjj6v.js Show response
ad4m.at/ Frame CE36 51 KB
15 KB 50ms
35ms Script
application/javascript 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91ef50af10e49e2638fd5147b9d2e9fdbde03166b0d5e84f26e005a7671c784

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=aD+7vw==, md5=9TSdUhTd/cCFVfIVebtr/Q==
date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7616
cf-polished: origSize=51820
x-guploader-uploadid: ABg5-UzTz9at0-Ym7Mp20hRamiHqlBuwphvilbFSRfTh1r4fd_QTlN9zmZZFAGFgd5O4vqQY0-wOd9GRF8EFhM3QEg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227953600002b1e5f2e4000000001
last-modified: Tue, 20 Apr 2021 16:24:41 GMT
server: cloudflare
etag: W/"f5349d5214ddfdc08555f21579bb6bfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=84S%2FH5KN%2BDf49X%2FVwzP2CynCd%2BAi275JktApkiZk88steUsO7hI2ErefbVQitc5aRPCUnTMcaCOMmTnQBiQS7v9wL9R%2F%2BsIuB%2Fe8xZ97OkhdImce"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618935881602224
content-type: application/javascript; charset=utf-8
expires: Tue, 20 Apr 2021 16:25:57 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 15961
cf-ray: 643075352c122b1e-FRA
cf-bgj: minify

GET
H2 200 57fgjj6v.js Show response
ad4m.at/ Frame E49F 51 KB
16 KB 35ms
20ms Script
application/javascript 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=333004898&e=0&s=0&p=0&sid=867&size=4&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91ef50af10e49e2638fd5147b9d2e9fdbde03166b0d5e84f26e005a7671c784

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=aD+7vw==, md5=9TSdUhTd/cCFVfIVebtr/Q==
date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7616
cf-polished: origSize=51820
x-guploader-uploadid: ABg5-UzTz9at0-Ym7Mp20hRamiHqlBuwphvilbFSRfTh1r4fd_QTlN9zmZZFAGFgd5O4vqQY0-wOd9GRF8EFhM3QEg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227953600002b1e840bf000000001
last-modified: Tue, 20 Apr 2021 16:24:41 GMT
server: cloudflare
etag: W/"f5349d5214ddfdc08555f21579bb6bfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f11zdHgeTlaQ54IJIsK%2FoNP0cRiVazYmrjHDW1ffMFTvclfk2U0zIu%2F3hYiWO2bcHyNUhyYSefbHg9NPo4xPGNwL5gQ3qwMTh%2Foux271Zbt2iuHw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618935881602224
content-type: application/javascript; charset=utf-8
expires: Tue, 20 Apr 2021 16:25:57 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 15961
cf-ray: 643075352c152b1e-FRA
cf-bgj: minify

GET
H2 200 userconnect Show response
ih.adscale.de/ 181 B
340 B 85ms
28ms Script
application/javascript 52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=9682701e-acf7-46d9-9d91-0fec4a25e31e&cbfn=stroeerCoreConnect&ts=1618943573326&umd=false&gdpr=1&gdpr_consent=&gdpr_version=2
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-length: 181
content-type: application/javascript

GET
H3-29 200 57fgjj6v.js
ad4m.at/ Frame E49F 51 KB
16 KB 35ms
25ms Other
application/javascript 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91ef50af10e49e2638fd5147b9d2e9fdbde03166b0d5e84f26e005a7671c784

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=aD+7vw==, md5=9TSdUhTd/cCFVfIVebtr/Q==
date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7616
cf-polished: origSize=51820
x-guploader-uploadid: ABg5-UzTz9at0-Ym7Mp20hRamiHqlBuwphvilbFSRfTh1r4fd_QTlN9zmZZFAGFgd5O4vqQY0-wOd9GRF8EFhM3QEg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099227956600004a79230bd000000001
last-modified: Tue, 20 Apr 2021 16:24:41 GMT
server: cloudflare
etag: W/"f5349d5214ddfdc08555f21579bb6bfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WGip%2BvB78EimJBx1CsmUdd0u%2BitfJ5OZcBvpd0GmvHiuXU5Jynx8w5U9h8k674FQtJnFkUz9VnE26X2qXf7rWGXVLa%2B6YrwIJNl5BPlpY5Ug8R1o"}],"max_age":604800}
x-goog-generation: 1618935881602224
content-type: application/javascript; charset=utf-8
expires: Tue, 20 Apr 2021 16:25:57 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 15961
cf-ray: 6430753569544a79-FRA
cf-bgj: minify

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame B04C 2 KB
2 KB 41ms
34ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d4915ec3134cf2d65e77af6254fc9bfb91618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 20 Apr 2021 19:32:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2202218
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 099227956600004a79749e8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D9gcRHXRKxmNOT%2Fx6v%2BAeNeUvU9rH9qpyEyTbFI4hRaAi1vAKK%2F%2FJc4%2BMFg0cty6rRcHTFEJ%2B%2FTtgdRaQ2HngzE4eAffKAENqAqW20tP%2Bq%2FWQCTi"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6430753569584a79-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame D8C1 2 KB
2 KB 37ms
31ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d4915ec3134cf2d65e77af6254fc9bfb91618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 20 Apr 2021 19:32:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2202218
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 099227956b00004a794a250000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bqNUskkEmIMK3ttVLObNgli1RCVEzKh19nyKWicUMrLewgxIVohQGVPMxttGm8GJl0j2Rpw%2FoNRZAGPoPt4MVp%2Bgd96jCUODLWOIXk4okUDT%2BBKr"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6430753569594a79-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 0A15 2 KB
2 KB 30ms
30ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d4915ec3134cf2d65e77af6254fc9bfb91618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 20 Apr 2021 19:32:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2202218
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 099227956b00004a79f90b4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nu9GG4Hii6XfzqaHQsfXIyC3%2FwbdnVao6S6K%2Br1SESfKbaLy%2B5HVR1WplkOT4MG4NHXOSGEQeTiLrkgrBUdj%2FFbjVxZ6eI8tB4VG%2BEFD0OIlTRHK"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6430753579754a79-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame F45C 2 KB
2 KB 31ms
30ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d4915ec3134cf2d65e77af6254fc9bfb91618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 20 Apr 2021 19:32:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2202218
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 099227956d00004a7917bc6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zIJ15zXpo3vNC7MLOltzNRldjdo0h1nvirHpRpv5qLP7lQEUHXBRlRd5%2FoxVyDwqcpP3un4xSxgaufj2ASjZe%2Fh%2BxRc8f5HEfEQDqbRjeueikF%2FX"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64307535797a4a79-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 41C8 1 KB
1 KB 37ms
19ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d624d150bb5ee23b2640b7f84c8e27a411618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 5086
cf-request-id: 09922795b300004ed9d080d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjC4ArR2VviRwagRSm6sydY3Nqv47zLl4yaquAbBfkWw3KRs1bpxYUTOHL1W1V5D9pPpjUst4QEypY%2BXFQ%2B0qcx%2FwRTuX2Y%2Bno%2FbWBvPkhq7pawZ8duR"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64307535eb284ed9-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 3871 1 KB
922 B 39ms
22ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d624d150bb5ee23b2640b7f84c8e27a411618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 5086
cf-request-id: 09922795b400004ed9bdbea000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A8qM0xurIS9hK6WfRrPGA8gFAm%2BYRi%2BtMZDNtf1KyDKfe6Q7mTQbwRGqLKGTFuJV62xI%2FgXur3oxmusVUOdFU907um79Ck8ybHLIUyqRM4S%2F2zrueUdK"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64307535eb2b4ed9-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 588C 1 KB
922 B 47ms
32ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d624d150bb5ee23b2640b7f84c8e27a411618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 5086
cf-request-id: 09922795b300004ed986809000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cC%2FSYjG0rfjizLZruP2QhKE1TujoGwitv00pwxSO2oin%2FUy9EYCBUh85LDgvJymekax0PkUy%2FAJaRZu%2FNGi6HKNvHkZteZ3NzolzU7l7hjLbGjoD5SEL"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64307535eb2d4ed9-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 152D 1 KB
921 B 52ms
38ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html
set-cookie: __cfduid=d624d150bb5ee23b2640b7f84c8e27a411618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 5086
cf-request-id: 09922795b400004ed9e4a74000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7GqL4RnnKyYyZnVPnPr5LCD1D249OGVyzKNunsLzyctiMCIGzFHRfPUk1s1taX5z30%2FmEa6%2FVRk4Jfm6NEcSYpV6Y99MK2RstYP5BpN7DEOOO%2BZKONCw"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64307535eb304ed9-FRA
content-encoding: br

GET
H2 200 map Show response
ih.adscale.de/ Frame 5FC1 3 KB
3 KB 29ms
29ms Document
text/html 52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68262aa736a042a6286fe535f0fac315fe0b18fd95f5aafa24518b0ae25939ce

Request headers

:method: GET
:authority: ih.adscale.de
:scheme: https
:path: /map?format=display&ssl=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dreamies.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uu=091357a92e6d436eb5dc4d0d3472031b; cct=1618943573187; ng=2#72674083#26982392#89381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dreamies.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2646
set-cookie: tu=4#1606819987#48~~449706~449706~1#101~~449706~449706~1#39~~449706~449706~1#40~~449706~449706~1#42~~449706~449706~1#75~~449706~449706~1#108~~449706~449706~1#63~~449706~449706~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None

GET
H2

200

nuggad Show response
nugmw.userreport.com/rc-ap/c8ee1682-0ded-4a68-b8c5-08b87ef5d9ae/si.nuggad.net/
Redirect Chain

https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
https://nugmw.userreport.com/rc-ap/c8ee1682-0ded-4a68-b8c5-08b87ef5d9ae/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715

2 KB
2 KB

66ms
27ms

Script
text/javascript

2600:9000:206f:f800:1f:a1b:34c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nugmw.userreport.com/rc-ap/c8ee1682-0ded-4a68-b8c5-08b87ef5d9ae/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f800:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bd6d48079009931c0845d251427a98fa978ead509c0f29d41e8385afe872a14b

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
server: nginx/1.18.0
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: get, post, options
content-type: text/javascript
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 1922
x-amz-cf-id: sOt3ua7djz8X1iXTq-06E9zqHHmo-YtI-Tw-RIVRvQK-P0k7BXJrIw==

Redirect headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
server: nginx/1.18.0
x-amz-cf-pop: ZRH50-C1
access-control-allow-methods: get, post, options
location: https://nugmw.userreport.com/rc-ap/c8ee1682-0ded-4a68-b8c5-08b87ef5d9ae/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 0
x-amz-cf-id: dcNB45VuTilIdS-hZApJ76-mZrkuGeF8ok57rAR-GenGDyYbUw6dxg==

GET
H/1.1 200
OK match.js Show response
js.adscale.de/ Frame 5FC1 4 KB
2 KB 39ms
38ms Script
application/javascript 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wLpT08_wLXVkyJ1J8XFuEEwEpe2lwEj_
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 00:56:54 GMT
Server: AmazonS3
x-amz-request-id: 0CJGEPQ2ZKSDZJTR
ETag: "b75124846aec28a28b7a3441813682d5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Date: Tue, 20 Apr 2021 18:32:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1700
x-amz-id-2: rTeXxEVlmwvubu+6mFW79yFbR/gN1X2gq0lQgaMPHQj754I0ueECxgXGlb1NT3Jw/38xunNd2r8=

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 60ms
50ms Preflight
text/plain 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-1tg8
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09922795ee0000bed846101000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CgLTGQ7QcsrCurcZCwRmuHbTuA3EV3r3q5RlZeL8e9UMpC1r5bQ%2FHEde2SoQiED24K0YBF%2BiZmBAkQqXZMnfz%2F1AZfq6ydxQrqnW0iq%2FYKuh6D0s"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 643075364d08bed8-FRA

POST
H3-29 200 rs Show response
ad4m.at/ Frame E49F 423 B
989 B 71ms
70ms XHR
text/plain 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ce9750d5e58a46bd3c2bfc83798c69613290b798e88664716be7725d3f5310

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 643075369d49bed8-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BNNF5GsWk1gcSHACKF8ejGOwtuPyLPaKh6eyxBvJP0tkL8RUyWDA2XNsVevHqBDtkX8e1NDZdGVug5IOt9VD7rSfEtc4R2uMCY3SZJPbjidUiUDk"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8
cf-request-id: 09922796260000bed83d862000000001

POST
H3-29 400 rs Show response
ad4m.at/ Frame E49F 47 B
682 B 44ms
44ms XHR
application/json 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15144996e7b2cd4071415163d5c85752c301381e2f84430b4724d0eb71d3a6f9

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SB8bm8CHPwKoPb6Y34n2VrgdPuA06GhUy0uY36Rk6hRfZZ24zs73hO09u%2F6ucICUHlpMVb9hye1gRanHvx1sO9egAsaZLzX5L89sg%2BP5qPop8Rwe"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
cf-ray: 643075367d34bed8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47
cf-request-id: 099227960b0000bed846102000000001

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 40ms
30ms Preflight
text/plain 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-1tg8
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09922795ed0000bed85495b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HHjYGEZ0Pnp2EKc9ap8x99tl%2BwP1qL7VqKXFlWCv3bY76rKyCOBvwgKETB0lXwE1DTYkUOfHxzpShI4rbqNwG6CFQbs4ndN9zhUyvxu6EycfUQWz"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 643075364d07bed8-FRA

POST
H3-29 200 rs Show response
ad4m.at/ Frame CE36 430 B
992 B 46ms
45ms XHR
text/plain 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 221f375c14d2aa95cabdee4e27f2a2f03b0df7ac3f965efcd7336e6ab18b5f79

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 643075368d3cbed8-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qfmYCQPSR1XWq8bhM3MmnsRE0umv0rSeAqCMweL6wRWnc7%2BH4uxDaHtCV6M9JOWmGxPBWkr3GVnwpahosHMRTu8jAdBA03UilETSgxx18UE84q50"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8
cf-request-id: 09922796160000bed84e310000000001

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 41ms
39ms Preflight
text/plain 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-1tg8
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09922795f20000bed84e30e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ow6cN0HcD0UVVGGzp9FC8mZM%2BqIyAxnyANvhCVoYVLzC%2BewGDrwCY5%2F56xLv8pTj7NBo2wZshfJ8TzH3QCI3u2pOflM2IFXWQxTDhchUmi46fGQa"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 643075364d0abed8-FRA

POST
H3-29 200 rs Show response
ad4m.at/ Frame CE36 424 B
991 B 69ms
69ms XHR
text/plain 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150a1b05b01c7697292cc65bcc03d38514f2f68142079d5a5f741ae62f1edd2a

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 643075369d4abed8-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y2Ex8Z1zueNVTlB%2Fy5MWrxRTA6jhqgB1LH%2Fs0NHCn8dNKycDoNnkbKfoyDjTJAUFzj2dJrg4lSr3Znof1xuKq801lG9q%2BTDxrqvSoqAh1115G3pF"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8
cf-request-id: 099227963e0000bed83e892000000001

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 52ms
51ms Preflight
text/plain 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-1tg8
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09922795f30000bed843b74000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e7qIf8ZEYSHtpP1RAkwykprLzorSj7DzRu4YoOQ1qFzKzCjQ4W3V%2FXnyy%2BiqrxG6RLGU7AeNahh1PpztlLItLP6FaacTe92cm4bzvWSumPx9A3yj"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 643075364d0dbed8-FRA

GET
H2

200

img
ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/ Frame 5FC1
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=091357a92e6d436eb5dc4d0d3472031b&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=101&tpuid=BBID-01-02936575736129810-16266456

49 B
465 B

29ms
28ms

Image
image/gif

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=101&tpuid=BBID-01-02936575736129810-16266456
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Location: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=101&tpuid=BBID-01-02936575736129810-16266456
Date: Tue, 20 Apr 2021 18:32:53 GMT
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Server: nginx
Connection: close
Transfer-Encoding: chunked

GET
H2 200 nuggad
ih.adscale.de/ 49 B
266 B 27ms
27ms Image
image/gif 52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/nuggad?/nvars/d7=2&d10=2&d2=3&d4=4&d11=3&d8=2&d9=3&d12=5&d1=2&d3=2
Requested by: Host: www.dreamies.de
URL: https://www.dreamies.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 3E97 6 KB
3 KB 36ms
34ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3406ade506ced27d82b8773a8658bea249bdf037edaf45428bca99bc429ef3b0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dd0888e0409674b2bfc47e4dd2419d0471618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 099227964e00002b1e523e4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64307536d8402b1e-FRA
content-encoding: br

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 5E65 7 KB
4 KB 48ms
46ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fb88fb34b361ebb246505d1ea42c77d5bec3c0816f3624b435c034b4262747

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d4915ec3134cf2d65e77af6254fc9bfb91618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 099227966900004a79643a1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 643075370db34a79-FRA
content-encoding: br

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame FDB4 7 KB
4 KB 58ms
58ms Document
text/html 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed444d54ec295ab94bbc7b5fa62f48ff5815337d0819df4af04d53be7841ee7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d4915ec3134cf2d65e77af6254fc9bfb91618943573; expires=Thu, 20-May-21 18:32:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 099227966900004a796221a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 643075370db74a79-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.4/one-ad/ Frame 3E97 58 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.4/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 9955
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 099227966d00004a79f90d3000000001
cf-ray: 643075371dcc4a79-FRA
expires: Tue, 20 Apr 2021 19:32:53 GMT

GET
H2 200 4C410DBBA52FEF87353621EDABE0AF0F1BD069C8A4CAF086C3643CD1444D99C29454362908C65442828FE322D8C5E6EFC32F593A66FA2AB0DCD666E889ACF675
assets.ad4m.at/product_image/ Frame 3E97 45 KB
46 KB 49ms
38ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4C410DBBA52FEF87353621EDABE0AF0F1BD069C8A4CAF086C3643CD1444D99C29454362908C65442828FE322D8C5E6EFC32F593A66FA2AB0DCD666E889ACF675
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 590bb9e8d733f197f636374bbbfabf3e1301813f5ec1107f8619cccbf98a4dff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=rsWTjA==, md5=/wg1mH0etO92ZapSzLoINQ==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 90776
cf-polished: qual=85, origFmt=jpeg, origSize=143068
x-guploader-uploadid: ABg5-UyfKK6p-S5VhOfWo3Ao57nNI2TtxzPRXc4Qwf-G5BmZ20BQKeWTXB2tPYG9OO-D4tdlSOiDDnotHeKi-vpctmE_GHNGSA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46074
cf-request-id: 099227967900002b1e88878000000001
last-modified: Tue, 23 Mar 2021 09:32:35 GMT
server: cloudflare
etag: "ff0835987d1eb4ef7665aa52ccba0835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qzukKfb7zPMwzWvq2ul95nha%2BmnIdrCqsNYXsSmO92HkWgbDUVnk44fm0N7uVPgw06ij1hj1hLxvVWseawdnV9i4NpOnjC8ZfcxMazw%2BrAEKgJ9pBEFsaX9vHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1616491955447224
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 143068
accept-ranges: bytes
cf-ray: 6430753728ce2b1e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 301 449f5b35d42da361c664d2acf8aa7188
mediaintelligence.de/trck/epv/ Frame 3E97 0
1 KB 147ms
78ms Image
text/html 46.105.199.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaintelligence.de/trck/epv/449f5b35d42da361c664d2acf8aa7188?t=htlp&subid=oneid187bCbfKfMjRf9HdH9tAtb3WcetVt7xoneid__webplexmedia_advancedad_CH_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.199.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: gzip
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-request-id: 906630714
pragma: no-cache
x-cdn-pop-ip: 51.254.41.128/26
location
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
assets.ad4m.at/logo/ Frame 3E97 11 KB
12 KB 31ms
21ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=uBT5pw==, md5=m/nGsGI7MZjl8qFjDucXXA==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 512792
cf-polished: origFmt=png, origSize=14365
x-guploader-uploadid: ABg5-Ux73AXmtfkVTCu3S5NGMOwCLZV0jJUDoRAFisrOzazjDjKYdFb10oYI1_tFi6eXlggetASm3CS6VYO8V36xXN8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10826
cf-request-id: 099227967900002b1e7e8dd000000001
last-modified: Wed, 22 Jan 2020 13:11:42 GMT
server: cloudflare
etag: "9bf9c6b0623b3198e5f2a1630ee7175c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=44af4xxAqs%2BL0jSzonLXE030Wimx0Y9o%2BxmgjVUMUzCuZ2w%2BlxDsji3PmV1D7SJLBEmEfYEqE4OvGu3WqxRVnvsdNGL4W%2FmEn5HxfK%2Fycm8nkLVXnTq2p95PNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698702621217
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 14365
accept-ranges: bytes
cf-ray: 6430753728d42b1e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 3E97 14 KB
15 KB 40ms
30ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=N32OnA==, md5=J6Z7SGxOZh06HAZkoms1TA==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 514945
cf-polished: origFmt=png, origSize=17719
x-guploader-uploadid: ABg5-UzzS5Y0j4TaewfgAgpdCLV9jIF-c-zoAKR5aKAn3lFP7Gfycz6aPnlwRuseFKXK5PJ01SrK1CcvsvAtJaD9uRAaMRd5HA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14118
cf-request-id: 099227967900002b1e9906e000000001
last-modified: Tue, 29 Oct 2019 13:02:31 GMT
server: cloudflare
etag: "27a67b486c4e661d3a1c0664a26b354c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dWz6iwvJBPOP34XeXHEoowZwUlaiup4IkKDfNVuWunwmK1vzkJUJ1gVUvIn%2Fma6EWtJTj7SbGW3Z8XRERfhxdXkpkaibM04ZKOfW%2BZ0unFAoEDAKwxjrE9%2B%2Bcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572354151547305
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17719
accept-ranges: bytes
cf-ray: 6430753728d12b1e-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.ch/ Frame 3E97
Redirect Chain

https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneid8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8Aoneid__webplexmedia_advancedad_CH_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.ch/ztpv.php?insert=AW

3 B
878 B

104ms
75ms

Image
text/html

2606:4700::6812:d25f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.ch/ztpv.php?insert=AW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d25f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=56379668d9f99d27, intid;desc=a44acdf69f9c73e6
cf-ray: 64307537fb4f3248-FRA
cf-request-id: 09922796fa00003248c5b5b000000001
expires: -1

Redirect headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 B56EA35AC8EB60F19BDEC01A6A2A39BCA114E3A49F4BAA76FAA72D0D161F21EA30E4E4C1AE5BA1566C4CEBAB7DA85E884180B32D3A88A2DFE9F80117E2F1CB58
assets.ad4m.at/logo/ Frame 3E97 8 KB
9 KB 39ms
29ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B56EA35AC8EB60F19BDEC01A6A2A39BCA114E3A49F4BAA76FAA72D0D161F21EA30E4E4C1AE5BA1566C4CEBAB7DA85E884180B32D3A88A2DFE9F80117E2F1CB58
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5ac6770869745ba8c9df9132170654804a3dd4ca9c7c1ce4acae7142df070b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KEPzvQ==, md5=9Fdy6/rgEPKZzVzsanQycw==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1018774
cf-polished: qual=85, origFmt=jpeg, origSize=28217
x-guploader-uploadid: ABg5-UzP10z_tFU61dtYLDhFi1da4D3cGy3olbB-xO5gaqZ71bstnN_BdT2ZQMjsJg_rSTGKbMF4wP_PThA-6UISjGIASjmIeQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8632
cf-request-id: 099227967a00002b1ebca1d000000001
last-modified: Wed, 22 Jan 2020 13:12:35 GMT
server: cloudflare
etag: "f45772ebfae010f299cd5cec6a743273"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8wmtojSx1xFdJgRWnmeOHUX0ugY2qhNhWCDFw0Ufm1e3qD6sy4ui2Ahhs8JM2x0pt2DTxRPgH1uNkvJNgASBeKl4tBC1Jj3TlDIADgy%2FpG9chk5KjQ32sqqTrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698755442063
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 28217
accept-ranges: bytes
cf-ray: 6430753728d72b1e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B4A556216843755B84196F19BD0AF1EB5579910BBECEFAF89D3857C5B2CA36DA2E493140CC4E5B89760C7EF227AB385191A251DB81CD22647CD727DDF31107E7
assets.ad4m.at/product_image/ Frame 3E97 132 KB
133 KB 32ms
22ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B4A556216843755B84196F19BD0AF1EB5579910BBECEFAF89D3857C5B2CA36DA2E493140CC4E5B89760C7EF227AB385191A251DB81CD22647CD727DDF31107E7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=37012%2C14222%2C15096&b=187bCbfKfMjRf9HdH9tAtb3WcetVt7x%2C8W29hDf8fZ7pUgHJHEtxtjMxtwt5t8A%2CbGe9UQfZfepetYHbHztKtp8Afet3t5B&f=wxVzHdfjfBdGCEHRH2tEC85gtYt9tD7%2CZZEdHwfBf84dtmHDHDtDC84dcXtJtxP%2C3rMdUpf4fkgkf7HrHAtXCp7xfMtztAG&c=300&d=250&e=&g=1c62474d3799922e17caae73c28b19c6%2F8240509855229903846&i=27370%2C17712%2C25573&j=39%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_CH_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d01d9da7e4c3ebd4da4e0667a37780b4b4552aeb457005f0550f653c7e4567

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GptXSQ==, md5=W4ePAdJn/Q3oP14GdPNL3w==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 743608
cf-polished: origFmt=png, origSize=196642
x-guploader-uploadid: ABg5-UycoaGKZb-ifH9Y40zau7iDvtDGKxnDVIvoFOgE2ZblSe5aPmzg0jIphJ3CAnD1OzvHELJDOsGNDQjapmugFgs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135356
cf-request-id: 099227967c00002b1ec2aa1000000001
last-modified: Thu, 25 Mar 2021 07:13:36 GMT
server: cloudflare
etag: "5b878f01d267fd0de83f5e0674f34bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oJLeHox7EcnXLfyJ2IYMdmWxJsmEQPj7YWoG3C9gSPbQB7Vy3WcOexkGZt%2Fry%2B%2FBuhcMCBkIlaBrPtCgmP8WFsoOdbPyqqTaNYjAL9Y4Rzy%2FdpjlRnob6TR1og%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1616656416311224
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 196642
accept-ranges: bytes
cf-ray: 6430753728cb2b1e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3E97 43 B
703 B 116ms
48ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2528695&v=13872&q=368718&r=412871&pv=1&pref3=oneidbGe9UQfZfepetYHbHztKtp8Afet3t5Boneid__webplexmedia_advancedad_CH_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 5FC1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=7e3ad456d722ad77081a51d...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=888d607f-1e55-4700-a9bb-377514ee5267

49 B
489 B

35ms
34ms

Image
image/gif

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=888d607f-1e55-4700-a9bb-377514ee5267
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Tue, 20 Apr 2021 18:32:53 GMT
Server: MT3 3660 495c301 master zrh-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=888d607f-1e55-4700-a9bb-377514ee5267
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Apr 2021 18:32:52 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.4/one-ad/ Frame 5E65 58 KB
7 KB 32ms
30ms Stylesheet
text/css 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.4/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 9955
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 09922796a100004a79f7b64000000001
cf-ray: 643075376ea64a79-FRA
expires: Tue, 20 Apr 2021 19:32:53 GMT

GET
H3-29 200 DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame 5E65 46 KB
47 KB 32ms
30ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7369
cf-polished: origFmt=png, origSize=74333
x-guploader-uploadid: ABg5-Uwr9rR-xAF5GsBAErf-MNUPVnp6RC5ZOPmu0u-qlUsw5QAVVnmczyIFILfj0vZ8TLkfU4VNWnXnBZQT5bJhl7OETTN3-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47320
cf-request-id: 09922796a100004a79230de000000001
last-modified: Mon, 11 May 2020 10:44:44 GMT
server: cloudflare
etag: "51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cqUvHH1t4YnurVdRbH3NFu%2BJ2FUui5O%2BuMfoG%2FLdsyXFCOBD1GNmiRg3V4Fdt53GWCc%2FSl7VVnJcMe1mMrKXjawHvXOMJcA9VRnchou7K1WtXeORVeWkbYDXEg%3D%3D"}],"max_age":604800}
x-goog-generation: 1589193884048730
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 74333
accept-ranges: bytes
cf-ray: 643075376ea84a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame 5E65 290 KB
291 KB 24ms
21ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 514762
cf-polished: origFmt=png, origSize=489686
x-guploader-uploadid: ABg5-UyM_4FtYVi58VaAS1v8g6LCzsx3Bda44iw1n4NBaIDAPnAj_zMcuAeKwiFreuqA_F0kmyvjTJ3Kwuvjb_8AL40
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 296674
cf-request-id: 09922796a200004a79719e9000000001
last-modified: Tue, 17 Nov 2020 11:24:27 GMT
server: cloudflare
etag: "e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UwwBD3%2BPWCtd6F2eWQBQTw8QJ0tIa43lyFnYG8uAEbfjfS89W1jlcZZKASE1S12hwsi4rPdkGPJEx0SJVFn1GPqpqVfvFTUzcXs1mv1DzeUxPAPu0iJf56GDqQ%3D%3D"}],"max_age":604800}
x-goog-generation: 1605612267020757
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 489686
accept-ranges: bytes
cf-ray: 643075376eaa4a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 5E65 38 KB
39 KB 51ms
49ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508807
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-UzoVAfxQFgz6L9HcmHPW2e7eCBHNd0a2b8Kvrug8-8oPgzdAE-ChRdy7eBzZNRyXD7MxjB9gF3gK83zeR6hUB0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 09922796a200004a793b2ae000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ne%2FWjKASiLBcvKAtg6UYnVfCLOS65OvtP0KPfQmHFh%2Fuu3J4fCjZXHQc2TDUY%2Bz8YO%2BT9Q0Vy6sehpC8iOI5eulbNz%2FDnWDoUFJInhKWxfCyR%2B7csx1PFSJgRA%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 643075376eac4a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 5E65 84 KB
85 KB 18ms
16ms Image
image/jpeg 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643805
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 09922796a200004a79712cb000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rpgoeaRVbNLSTKWJhE%2FxCeLV2KLVwnz6tejyFcsg4PEG1atuufbdH6lJGjq0HQZkzXQqFgd1juW8IZLAgeN8%2BwOP0XQlurSL8qnBpoZNnebRcK1vi4kFPaBB1Q%3D%3D"}],"max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 643075376ead4a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 5E65 38 KB
39 KB 56ms
54ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1014942
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-UxQBpR50aLTfOHTnSolKDlUk4esqIgcvgor__-JXe_yS5iySdGbUs6i2A3EHDTR6EQTlF7njUYFEOs7OJevlQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 09922796a300004a795bbd0000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BM5VoH%2FrPVgOKekNSX5PhMeEzksylP0kV3nZwuTDm4tqQu7y8Ab1%2Bhi2FkvPu%2B%2FgZDXG4zA3%2FEQyvE50w6h%2BCROtBt8qcNoCTfl3pWTLfA3BGKL1r3%2FIDzHu1Q%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 643075376eaf4a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 5E65 113 KB
114 KB 58ms
56ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 659042
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 09922796a300004a791220a000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T1H7GvAu7xZUF44E4K75bjjQ2Sp2SZKkTD3boXXJWmGhEok3eMDrViKkSyyGxDZkigT9tYIWFqlK%2FHKgGSeVlFcBicED9HQuiOHv6NfVpgE%2FfTu%2Fmy4W3hCflg%3D%3D"}],"max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 643075376eb24a79-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5E65 43 B
704 B 93ms
34ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneiddr4tEfkfDGtEHjHwtEtkYZsKtRtGg7oneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.4/one-ad/ Frame FDB4 58 KB
7 KB 54ms
54ms Stylesheet
text/css 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.4/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 9955
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 09922796a900004a7917be2000000001
cf-ray: 643075377ec64a79-FRA
expires: Tue, 20 Apr 2021 19:32:53 GMT

GET
H3-29 200 DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame FDB4 46 KB
47 KB 55ms
55ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7369
cf-polished: origFmt=png, origSize=74333
x-guploader-uploadid: ABg5-Uwr9rR-xAF5GsBAErf-MNUPVnp6RC5ZOPmu0u-qlUsw5QAVVnmczyIFILfj0vZ8TLkfU4VNWnXnBZQT5bJhl7OETTN3-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47320
cf-request-id: 09922796aa00004a793e34b000000001
last-modified: Mon, 11 May 2020 10:44:44 GMT
server: cloudflare
etag: "51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w1cRztgHBE%2BN%2B2gxlsjhURugmAG%2F0mQoPv5U%2BHv1i0wo0UxN9%2FzhUDq4CvQzTYD6g5Q6eSeTT15BrfWxjpsReiQpI78LyvXKflzn9RozRvLO7qelNlrdolVJpA%3D%3D"}],"max_age":604800}
x-goog-generation: 1589193884048730
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 74333
accept-ranges: bytes
cf-ray: 643075377eca4a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame FDB4 290 KB
291 KB 56ms
55ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 514762
cf-polished: origFmt=png, origSize=489686
x-guploader-uploadid: ABg5-UyM_4FtYVi58VaAS1v8g6LCzsx3Bda44iw1n4NBaIDAPnAj_zMcuAeKwiFreuqA_F0kmyvjTJ3Kwuvjb_8AL40
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 296674
cf-request-id: 09922796aa00004a794b255000000001
last-modified: Tue, 17 Nov 2020 11:24:27 GMT
server: cloudflare
etag: "e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QAx6nYu%2BYmyiAz7b0Ev169zZqPKQyTX%2Fxlk57%2FIsTvFvG93l6eyjTnP5MOYgDYCh%2BMUzGvnss3Rdx4KP5BP%2Bw4ZXrwD3ku%2FTUSbt%2F7nrN9oZBa90Wl6%2F1eWcyg%3D%3D"}],"max_age":604800}
x-goog-generation: 1605612267020757
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 489686
accept-ranges: bytes
cf-ray: 643075377ecc4a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame FDB4 38 KB
39 KB 70ms
68ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508807
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-UzoVAfxQFgz6L9HcmHPW2e7eCBHNd0a2b8Kvrug8-8oPgzdAE-ChRdy7eBzZNRyXD7MxjB9gF3gK83zeR6hUB0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 09922796ac00004a791ebf4000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bc0GeQzhSZuDOVc897KJGs9DZtUZJ69fw3UjmJ4fsPlxTH4YEK0Af78UWuMEbHTMt8bQd6E%2Fer9TwrJBVYskc4w1oVX0x1XL%2BN3u6yg1sTG9R8XgmBvBoiZ8DA%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 643075377ecf4a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame FDB4 84 KB
85 KB 71ms
70ms Image
image/jpeg 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643805
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 09922796ab00004a793a15b000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2FoeSZ2XC3DLZxM3VAnc2bnvNf%2BrWzaetXfGL5ylriHNDdonWcizylTQHx%2Fw9EtKhA5biZwdEOobKO4EOca0cbacWCP1nDSjLuwqtopVs%2BfTGEfl%2F1Cdu%2BxpkQ%3D%3D"}],"max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 643075377ed14a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame FDB4 38 KB
39 KB 74ms
73ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1014942
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-UxQBpR50aLTfOHTnSolKDlUk4esqIgcvgor__-JXe_yS5iySdGbUs6i2A3EHDTR6EQTlF7njUYFEOs7OJevlQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 09922796ab00004a793b2af000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fuDIKcYK2NBZzPtxfIZQYLuMON7AOb8PUJUu1eUN7FpY2UQQv4C8l6t78io2m1luXBBtu77LdqLP%2Fl5mpF84yfsljdY%2FySdLBd%2FlZpwBj4TVSLZ6niy%2F8YtO9A%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 643075377ed34a79-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame FDB4 113 KB
114 KB 76ms
74ms Image
image/webp 2606:4700:3039::6815:c044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 20 Apr 2021 18:32:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 659042
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 09922796ac00004a79712cc000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fhPpN%2FAfW9utn64T8mNcizETUyfxIc%2BZPLWExA8%2Bb%2BmnaWD2oBcSBRc9wDYJjUg8dx7OxWDdNj3NNhtAaMcdBfUiM%2Fy%2BNp2hcAJrmR9W6ZNRTplqdLHbBUFBSA%3D%3D"}],"max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 21 Apr 2021 18:32:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 643075377ed44a79-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame FDB4 43 B
704 B 96ms
37ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneiddr4tEfkfDGtEHjHwtEtkYZsKtRtGg7oneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 5E65 12 KB
13 KB 279ms
124ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksw3bc8r09cfq2kpr3cwbhp6cw24v1zz34tvb8k2h5jg94a6r66z6smwggr7d4xmmfdgp5yr7gm38hj7y06mqzacb7qd2mr3m2yq4z6e4h912xhdtvma5s2wcfc7kg0e2abgx9r46jb9pj0wqf122a736s8fg03n0q5qnv0kjrwqsvtjehyp3ed0m1gpvxg6g3mdx3j96eb0v09rn7s069q6fckwt61h7x0%26a%3D&clickref=oneidgYRa8frfkkJxtPHbH8txCP5Wh9tjtm5Joneid__webplexmedia_advancedad_300x250&viewref=oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: cd743aceeae01143ffb5cd43774550b32a2723540e637a72e6d0a078c417e4b9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:53 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 5E65 12 KB
12 KB 291ms
132ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid391Fpf4fgXEt7HrHAtXC9DmsMtztA3Poneid__webplexmedia_advancedad_300x250&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__webplexmedia_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: dd6b13ba624853857d1b60c76d9e3a63c8be32e055e26b2314131738ca9df4fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:53 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame FDB4 12 KB
12 KB 287ms
133ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfd5s0dt2w66rrkjtgaeg7fmn5bg8xfb49d15rtfp5q4s7bax4sbrmmpqj3n20gey7r08qfw3kehjnv0mt81n991rf2zhkqec8x4qcv5jevye6yhrspark7yg8r9cd1m1db9rq6jevnd4s4zp85pgbc4x4mvbhmhvmxxb7h1myyj8qt4555n93ctp8mtg94brffnzbggkt94r1gdgtgef7hbh763ktznajr0%26a%3D&clickref=oneidgYRa8frfkkJxtPHbH8txCP5Wh9tjtm5Joneid__webplexmedia_advancedad_300x250&viewref=oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: cb58a02109cbb0157ee63a8141f03ee4995b6ba0271ee80036736131be88edda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:53 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame FDB4 12 KB
13 KB 287ms
128ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid391Fpf4fgXEt7HrHAtXC9DmsMtztA3Poneid__webplexmedia_advancedad_300x250&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__webplexmedia_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 42935ce0b71ff194f2eb79915810e3dbd08a52605124b456656eaf960e4cb815

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:53 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/ Frame 5FC1
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee9ab307350b%2F1618943573437%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID
https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F7d65db2b2bb340769075ee9ab307350b%252F1618943573437%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524UID
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=75&tpuid=6994020760736713909

49 B
499 B

36ms
36ms

Image
image/gif

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=75&tpuid=6994020760736713909
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:54 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:53 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 819.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: 78e8fefd-c6b1-4dda-8729-0715936e506a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=75&tpuid=6994020760736713909
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 5E65 60 KB
60 KB 73ms
28ms Script
application/javascript 13.224.102.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksw3bc8r09cfq2kpr3cwbhp6cw24v1zz34tvb8k2h5jg94a6r66z6smwggr7d4xmmfdgp5yr7gm38hj7y06mqzacb7qd2mr3m2yq4z6e4h912xhdtvma5s2wcfc7kg0e2abgx9r46jb9pj0wqf122a736s8fg03n0q5qnv0kjrwqsvtjehyp3ed0m1gpvxg6g3mdx3j96eb0v09rn7s069q6fckwt61h7x0%26a%3D&clickref=oneidgYRa8frfkkJxtPHbH8txCP5Wh9tjtm5Joneid__webplexmedia_advancedad_300x250&viewref=oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-19.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 640369f6c6077f653b23e771413d37faa76a6ec7d06bc240313dd974fbe02cad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:04:58 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 11:04:49 GMT
server: AmazonS3
age: 26877
etag: "3cdddcb8ff5d7e818040764d312aec0c"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61104
x-amz-cf-id: P05Ykp3eQpqR2FPdTihvkYqWTtDzhNG4dKI-QcfVKEMcJwqLXG8eyQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 5E65 79 B
374 B 204ms
68ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHWWJatQVD_DJhCizgzH_y3EjNpmVWN9dPBSmmrk.Nk4Jk3tJ8mcK4rUpUx2wkUTlfe2Rc7L1eWNNW5BNlYiJ4uy.5zw&wgcookie=%7B%22wgifp10475%22%3A%5B%22205795%22%2C%2210475%22%2C%222647615%22%2C%22%22%2C%221618943573%22%2C%22%22%2C%22%22%2C%22%22%2C%221626719573%22%2C%22oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=3bd45b80266b96fb44f6437ea524da2e&userIP=185.156.175.107&doAffectv=1&wgtime=1618943573
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksw3bc8r09cfq2kpr3cwbhp6cw24v1zz34tvb8k2h5jg94a6r66z6smwggr7d4xmmfdgp5yr7gm38hj7y06mqzacb7qd2mr3m2yq4z6e4h912xhdtvma5s2wcfc7kg0e2abgx9r46jb9pj0wqf122a736s8fg03n0q5qnv0kjrwqsvtjehyp3ed0m1gpvxg6g3mdx3j96eb0v09rn7s069q6fckwt61h7x0%26a%3D&clickref=oneidgYRa8frfkkJxtPHbH8txCP5Wh9tjtm5Joneid__webplexmedia_advancedad_300x250&viewref=oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:54 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 5E65 40 KB
40 KB 132ms
48ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneidq7ZumfWfzzbqCZHgHDtJtrBbhzt3tAz9oneid__asuidya1B44Yo0j6CG0EuhNTyrRrAQaC6Qzk8asuid__webplexmedia_advancedad_Desktop_728x90&wglinkid=2647615
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:54 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:54 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 5FC1
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=3d1e7a60b6f24a5ede06780b1...
https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=3d1e7a60b6f24a5ede06780b1...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH8eVjg7YEVd2PcsOJk.ygAA%261112

49 B
517 B

30ms
30ms

Image
image/gif

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH8eVjg7YEVd2PcsOJk.ygAA%261112
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:54 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH8eVjg7YEVd2PcsOJk.ygAA%261112
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 299
Expires: Tue, 20 Apr 2021 18:32:54 GMT

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 5E65 79 B
374 B 387ms
59ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHWWHkLs2dI_AIQjvEodUW2vqCRc7L1eLY6SCw.5B0KB0DK1Re4GSrxMzFzB6rgPuVr914VecL57GY5BNv_0TjV.5EC&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221618943573%22%2C%22%22%2C%22%22%2C%22%22%2C%221774463573%22%2C%22oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=15e7de64317de8605913b79dd2cab53e&userIP=185.156.175.107&doAffectv=1&wgtime=1618943573
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid391Fpf4fgXEt7HrHAtXC9DmsMtztA3Poneid__webplexmedia_advancedad_300x250&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__webplexmedia_advancedad_300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:54 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 5E65 85 KB
85 KB 1162ms
48ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid6zjtef3fmMVskCmHYtktWQZSmt1Tp2oneid__asuidRoX90P192gRFcbEeMp5ZwVNEEGUQAfk3asuid__Promiflash_Desktop_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=618a8e8c6bad189a691a476ac365901b%2F408065555342516795&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:55 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame FDB4 60 KB
60 KB 26ms
26ms Script
application/javascript 13.224.102.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfd5s0dt2w66rrkjtgaeg7fmn5bg8xfb49d15rtfp5q4s7bax4sbrmmpqj3n20gey7r08qfw3kehjnv0mt81n991rf2zhkqec8x4qcv5jevye6yhrspark7yg8r9cd1m1db9rq6jevnd4s4zp85pgbc4x4mvbhmhvmxxb7h1myyj8qt4555n93ctp8mtg94brffnzbggkt94r1gdgtgef7hbh763ktznajr0%26a%3D&clickref=oneidgYRa8frfkkJxtPHbH8txCP5Wh9tjtm5Joneid__webplexmedia_advancedad_300x250&viewref=oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-19.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 640369f6c6077f653b23e771413d37faa76a6ec7d06bc240313dd974fbe02cad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:04:58 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 11:04:49 GMT
server: AmazonS3
age: 26877
etag: "3cdddcb8ff5d7e818040764d312aec0c"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61104
x-amz-cf-id: JbGNTtdyBJa7U6hlUxlOE6qXTeg-tIpEsDOhAf8ThEuAc_BFdZ2htw==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame FDB4 79 B
374 B 1118ms
58ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHWWBPtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4Jk3tJ8mcK4rUpUx2wkUTlfe2Rc7L1eWNNW5BNlYiJ4uy.CLt&wgcookie=%7B%22wgifp10475%22%3A%5B%22205795%22%2C%2210475%22%2C%222647615%22%2C%22%22%2C%221618943573%22%2C%22%22%2C%22%22%2C%22%22%2C%221626719573%22%2C%22oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=3bd45b80266b96fb44f6437ea524da2e&userIP=185.156.175.107&doAffectv=1&wgtime=1618943573
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfd5s0dt2w66rrkjtgaeg7fmn5bg8xfb49d15rtfp5q4s7bax4sbrmmpqj3n20gey7r08qfw3kehjnv0mt81n991rf2zhkqec8x4qcv5jevye6yhrspark7yg8r9cd1m1db9rq6jevnd4s4zp85pgbc4x4mvbhmhvmxxb7h1myyj8qt4555n93ctp8mtg94brffnzbggkt94r1gdgtgef7hbh763ktznajr0%26a%3D&clickref=oneidgYRa8frfkkJxtPHbH8txCP5Wh9tjtm5Joneid__webplexmedia_advancedad_300x250&viewref=oneidw4mudfjfDDqZUEHRH2tXtEdQsYt9tDBjoneid__webplexmedia_advancedad_300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:55 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame FDB4 40 KB
40 KB 1139ms
50ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneidpm1f1fgfVVwMhkH4Hmtztx6PHbtRT6oneid__asuidPvB-_N9Ex6EJpZsGCrcjHF1ogfsz-dPlasuid__adf_Netmix_Reach12_Single&wglinkid=2647615
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:55 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame FDB4 79 B
374 B 1153ms
64ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHWW.kLs2dI_AIQjvEodUW2vqCRc7L1eLY6SKw.5B0KB0DK1Re4GSrxMzFzB6rgPuVr914VecL57GY5BNv_0TjV.7G7&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221618943573%22%2C%22%22%2C%22%22%2C%22%22%2C%221774463573%22%2C%22oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=15e7de64317de8605913b79dd2cab53e&userIP=185.156.175.107&doAffectv=1&wgtime=1618943573
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid391Fpf4fgXEt7HrHAtXC9DmsMtztA3Poneid__webplexmedia_advancedad_300x250&viewref=oneidbWPSQfZfp5QFYHbHztKtwr5uet3t5Ajoneid__webplexmedia_advancedad_300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:55 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame FDB4 85 KB
85 KB 1140ms
53ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidJ6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7oneid__asuidbkQKlyrMR2qNHz-lqNvcz6CxRJl9_ZlZasuid__webplexmedia_advancedad_Desktop_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C24673%2C823&b=w4mudfjfDDqZUEHRH2tXtEdQsYt9tDBj%2CbWPSQfZfp5QFYHbHztKtwr5uet3t5Aj%2Cdr4tEfkfDGtEHjHwtEtkYZsKtRtGg7&f=gYRa8frfkkJxtPHbH8txCP5Wh9tjtm5J%2C391Fpf4fgXEt7HrHAtXC9DmsMtztA3P%2CKAzuRfZfedT5HMHktzCVmAFKtrtwQr&c=300&d=250&e=&g=d9bc126308d873382de84f9d1d27e55e%2F1411246719007342276&i=22427%2C20430%2C9719&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 18:32:55 GMT
Last-Modified: Tue, 20 Apr 2021 18:32:55 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 5E65 63 B
270 B 218ms
64ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHW9JCmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvejV.lV9dV8mcI_FeAizezu6tVyxYMJ5tFFg4K1kl1BNlY6RcApw.3vm
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:54 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 5E65 63 B
270 B 404ms
68ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHW9LLtQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jk3tJ8mcK4rUpUx2wkUTlfe2Rc7L1eWNNW5BNlYiJ4uy.19T
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:54 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame FDB4 63 B
270 B 1155ms
67ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHW9c4mr.S9RdPQSzOy_Aw7UTlf_01kKHoNvgN.BN1eN1Re3tJ9XvjujyWyNEjNpp0iJ3A0KFgBFY5BNlr91xU..1zE
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:55 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame FDB4 63 B
270 B 1158ms
68ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TjN9IHW9ffRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtQs.BN1eN1Re3tJ9XvjujyWyNEjNpp0iJ3A0KFgBFY5BNlr91xU..78b
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Apr 2021 18:32:55 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2

200

img
ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/ Frame 5FC1
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=fd7f55e08af3845cbfa2f162519d3714b6145be7307c4dee00f0bad1725e4877&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769075ee...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=fd7f55e08af3845cbfa2f162519d3714b6145be7307c4dee00f0bad1725e4877&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340769...
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=42&tpuid=63720990992609433

49 B
525 B

42ms
41ms

Image
image/gif

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=42&tpuid=63720990992609433
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:54 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 18:32:54 GMT
server: nginx
location: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/img?tpid=42&tpuid=63720990992609433
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 5FC1
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4b4b7b23-0701-4693-b7d2-1e810a2ae904

49 B
547 B

42ms
41ms

Image
image/gif

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4b4b7b23-0701-4693-b7d2-1e810a2ae904
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:54 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Tue, 20 Apr 2021 18:32:53 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4b4b7b23-0701-4693-b7d2-1e810a2ae904
cache-control: no-cache
server-processing-duration-in-ticks: 3171
content-type: text/html; charset=utf-8
content-length: 237
expires: Tue, 20 Apr 2021 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 5FC1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=7a2a0ea86837ad84455c53f1...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=888d607f-1e55-4700-a9bb-377514ee5267

49 B
569 B

28ms
28ms

Image
image/gif

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=888d607f-1e55-4700-a9bb-377514ee5267
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:54 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Tue, 20 Apr 2021 18:32:54 GMT
Server: MT3 3660 495c301 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=888d607f-1e55-4700-a9bb-377514ee5267
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Apr 2021 18:32:53 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 138ms
42ms Preflight 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 5E65 16 B
232 B 78ms
78ms Fetch
application/json 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 5E65 44 KB
45 KB 23ms
21ms Script
application/javascript 13.224.102.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-19.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:04:59 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 26875
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: f7gG9XdroKFFGJas6CbK7ufQUME45I4w9Lp0GAetKgi3vEg1HmtbPA==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 5E65 16 B
232 B 78ms
78ms Fetch
application/json 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 138ms
43ms Preflight 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2

200

js Show response
ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/ Frame 5FC1
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=41a0ada206da0a0c94edbe626949166457ffada7b504d4e3014b56c9aef86be9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=41a0ada206da0a0c94edbe626949166457ffada7b504d4e3014b56c9aef86be9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7d65db2b2bb340...
https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/js?tpid=48&tpuid=cb7dffc96c9ebd7b410d9c1a554ebc69

44 B
586 B

39ms
38ms

Script
text/javascript

52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/js?tpid=48&tpuid=cb7dffc96c9ebd7b410d9c1a554ebc69
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c104a96e53afa261764c36bf31e626e40196ba8ca903d808c0f3e9deb9629a42

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

Location: https://ih.adscale.de/sium/7d65db2b2bb340769075ee9ab307350b/1618943573437/0/js?tpid=48&tpuid=cb7dffc96c9ebd7b410d9c1a554ebc69
Date: Tue, 20 Apr 2021 18:32:55 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 147
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 5E65 18 B
205 B 41ms
19ms Script
application/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1618943575006
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 76c7ab94b7c46c8821664d9ae221c111
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame 5E65 0
75 B 19ms
19ms Script
application/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16189435738894_e7acdb6e55&programId=12607&expiry=1774463573&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 2834890074031117adbf019e6fc6f7d4
server: Google Frontend
date: Tue, 20 Apr 2021 18:32:55 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

POST
H2 200 sium Show response
ih.adscale.de/ Frame 5FC1 0
190 B 32ms
31ms XHR
application/json 52.29.148.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-148-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Tue, 20 Apr 2021 18:32:55 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 45ms
45ms Preflight 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FDB4 16 B
232 B 84ms
84ms Fetch
application/json 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame FDB4 44 KB
45 KB 23ms
23ms Script
application/javascript 13.224.102.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-19.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:04:59 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 26876
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: G7oJeMvlrh7ZVpew4pUkNJ5O5Yyz9theNjxLo5FDPgd6LiexheoYuw==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FDB4 16 B
232 B 93ms
92ms Fetch
application/json 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 46ms
46ms Preflight 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 tag Show response
w-it.m-t.io/ Frame FDB4 18 B
124 B 20ms
20ms Script
application/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1618943575314
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:32:55 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 978f46b2ca431ddc37f97d57ef359ba6
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame FDB4 0
72 B 19ms
19ms Script
application/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16189435739304_e61b7e80ca&programId=12607&expiry=1774463573&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 63ffaac1b1aa8adff609c7905c6900ad
server: Google Frontend
date: Tue, 20 Apr 2021 18:32:55 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H/1.1 200
OK launcher.js Show response
sak.userreport.com/sdm/ 104 KB
105 KB 50ms
7ms Script
application/javascript 2600:9000:206f:5200:8:5c85:cdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sak.userreport.com/sdm/launcher.js
Requested by: Host: si.nuggad.net
URL: https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5200:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d2926558dfb0319d469dca744d932a1934b0194213838a4c9529f4bd6887a23

Request headers

Referer: https://www.dreamies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sWrYSLqsQlcXCNntUF8JvkdB.T4gE7_S
Via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 19 Apr 2021 08:08:31 GMT
Server: AmazonS3
Age: 8
ETag: "bda6d36d4c7e0a8c7cdcadbef248c9f4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=7200, s-maxage=60
Date: Tue, 20 Apr 2021 18:32:48 GMT
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 106718
X-Amz-Cf-Id: ptEiTGSfWaDHuAiM5Pwb1FlwNqL9EsSbN6_5ZKfexoE0TDBbOLFOxw==

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7410 52 KB
17 KB 196ms
66ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?dreamies.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dreamies.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dreamies.de/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 21 Apr 2021 18:32:58 GMT
Date: Tue, 20 Apr 2021 18:32:56 GMT
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ih.adscale.de/	1970-01-20 02:24:39	Name: tu Value: 4#3217019141#48~cb7dffc96c9ebd7b410d9c1a554ebc69~449706~0~0#101~BBID-01-02936575736129810-16266456~449706~0~0#39~888d607f-1e55-4700-a9bb-377514ee5267~449706~0~0#40~4b4b7b23-0701-4693-b7d2-1e810a2ae904~449706~0~0#42~63720990992609433~449706~0~0#75~6994020760736713909~449706~0~0#108~888d607f-1e55-4700-a9bb-377514ee5267~449706~0~0#63~YH8eVjg7YEVd2PcsOJk.ygAA&1112~449706~0~0
.adscale.de/	1970-01-20 02:24:39	Name: ng Value: 2#596571579#26982392#89381#d7~2&d10~2&d2~3&d4~4&d11~3&d8~2&d9~3&d12~5&d1~2&d3~2
.dreamies.de/	1970-01-19 17:43:49	Name: dreamies_ab Value: 1
.adscale.de/	1970-01-20 02:24:39	Name: cct Value: 1618943573187
.adscale.de/	1970-01-20 02:24:39	Name: uu Value: 091357a92e6d436eb5dc4d0d3472031b
www.dreamies.de/	1970-01-19 17:42:30	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1618950773073}

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.yieldlab.net
ad4m.at
ad4mat.net
adscale-emea.adnxs.com
adx.adform.net
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
as1.dreamies.de
assets.ad4m.at
assets.vlitag.com
bbnaut.ibillboard.com
cdn-a.yieldlove.com
cdn.jsdelivr.net
confiant-integrations.global.ssl.fastly.net
diapi.webgains.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
hb.adscale.de
ib.adnxs.com
ih.adscale.de
imasdk.googleapis.com
img1.dreamies.de
img2.dreamies.de
js.adscale.de
logs.vlitag.com
mediaintelligence.de
nugmw.userreport.com
prg.smartadserver.com
s1.dreamies.de
sak.userreport.com
securepubads.g.doubleclick.net
services.vlitag.com
si.nuggad.net
ssum.casalemedia.com
sync.mathtag.com
tag.vlitag.com
track.adform.net
track.webgains.com
tracking.m6r.eu
view.webplexmedia.de
w-it.m-t.io
www.awin1.com
www.conrad.ch
www.dreamies.de
www.googletagservices.com
104.111.218.85
104.111.237.88
104.111.239.217
116.202.98.152
13.224.102.19
13.33.139.42
142.250.186.98
151.101.13.194
168.119.242.35
178.250.0.163
185.29.132.68
185.33.220.240
185.33.223.212
185.86.138.121
213.239.232.144
2600:9000:206f:5200:8:5c85:cdc0:93a1
2600:9000:206f:f800:1f:a1b:34c0:93a1
2600:9000:2190:2600:12:6213:9cc0:93a1
2606:4700:20::681a:eee
2606:4700:3032::ac43:aa7a
2606:4700:3039::6815:c044
2606:4700::6812:d25f
2a00:1450:4001:801::2013
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a04:4e42:1b::621
35.158.179.166
37.157.4.40
46.105.199.182
46.236.13.147
46.4.15.228
51.91.68.112
52.213.184.2
52.29.148.200
62.209.227.210
72.247.225.17
72.247.225.98
78.47.1.50
81.29.72.47
0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4
05cc18fa9e1eba5a2e597d0433e386b29313fee3e15e4ca5feecbec489cf7186
07ef92d2549a9cdeb38ba398113168b1d1ef923e5ab8db119d75fb3959623870
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a3621e2101358824480ef174bc03f4b4d7547bd82a02c339b688947129d6b86
0b4f1c17d2d59ef197f77e5ca9c3c8fd6d1fc5c9f70e946c4a44dcd1a8ec7a61
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8
0cdfd11eeff2c617a795c4e0404e2c9fe3a200bf0ea64dbde36737a7046e8a26
0e2d01c7c16cad136c46c6ad6a13403636e8e6e663dcfd71c8bf764b1688bc59
0e668f902def91b9fec73061a6ce00149a0fdbda93e864de5c2629059756bc20
1254ef935264b35c3f7a70229bee326724c8857bbf2480fd7b11e3db626fc24d
14445c0ed5260e30f4631a5021ce091a408fdff87e0f6a43dabbd4404b091821
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
14d281ee630e468e6fbe88cf29bc8ef978abfd19747d9b6c7b19b6a65f13fb44
150a1b05b01c7697292cc65bcc03d38514f2f68142079d5a5f741ae62f1edd2a
15144996e7b2cd4071415163d5c85752c301381e2f84430b4724d0eb71d3a6f9
151aa465fff6b9cc55e27cb13b0cb607adc9fe667c1ac7f010fd2a13d4de107b
16f17449dcbe22d55b8d05438eb8ed8f8fb9bccf54b1734824103952d0597330
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
21d7321724a975f1100ca1bebf8b35538f2ad375ba25f4717f5be292cb37ffcc
221f375c14d2aa95cabdee4e27f2a2f03b0df7ac3f965efcd7336e6ab18b5f79
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
284636f525c924ae12b7750343864d270783bae4418be2af74e64cb41da8f045
2bc1f13e1ca9dbdc0a65d2913aea0cf4d500be30d9be2a5821953ef1ab1567ca
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed444d54ec295ab94bbc7b5fa62f48ff5815337d0819df4af04d53be7841ee7
2f61f4a874b67d088a502359fb874fb9b7fc6ba6dadbdfa905b131fc8f12464e
3061749ed3695aa98a54027743dcdddd9d6c6f1c394af4a3d90c1946e55bea16
31cef39edfaf7e460f1f0e458c53acc2c52fb42ee98c0a7c8f8b723120877e13
32c8126b32c529fa77d6fc9b63b517a7f4d2e7a98d374a4c4fa5aedc9da56d8b
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
3406ade506ced27d82b8773a8658bea249bdf037edaf45428bca99bc429ef3b0
34501bcafc89e50a1a74eb9a5500200dec0fbabf2f48e7252d643eeebaf28c37
347f7e44457829eb4f3789014a93f0bc92b13deb362c4cc6f3e21a1cb49fd439
37d2a80bf0d8b8e352a98193ec416fd5239148bbb37646ab03fd4684917ebf57
39184405211ada7ad189013481da2be89d82cd89b4d2083e4279662117800e66
3a384af1fd82f401c78f865442e0a0948d5584d4d918804d22396e5f48dd63dd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3edfdf0faf72d044a0c7fd9b1f9e884176ba0e5ae1ea531501c62e2c7d3553af
42935ce0b71ff194f2eb79915810e3dbd08a52605124b456656eaf960e4cb815
43b0243ce7bc5de2e665cc766cfbddfad5c6e12c53653e7c9aab5260372ccf8d
4492a67f5b917f223a80f50dcce8df8df9abada9465ceea652c0d97171b3ca88
46456be1dc4bed3634d5fb27d0f6a4fc3b1927b1a887f44b9ec0e3192e9daec9
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
46ce9750d5e58a46bd3c2bfc83798c69613290b798e88664716be7725d3f5310
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
4dbf33b46263ff6233515c714b6dbaf23770acb72d505c874ad853aa148c3bbf
4efcba0f9c87558f05983085941c34d3b9b5e99cc2900d384748f8438ed061cc
54e729a5eee76fbdb72a5d16d3aaca8675ded02134f73fbb59534d2297cc11ee
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
58a06bf74b3f6aa263164e9e7e1343e0d3a651089de016c271bee328eadc8345
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
590bb9e8d733f197f636374bbbfabf3e1301813f5ec1107f8619cccbf98a4dff
5d244d447d95dc4049a75b5fb60d63da02b1665fe75d95d65f5d63cfd9615bf3
60b395b3721e8fe7282ffb033ffaeb7f1bcb6c790af701327f0a70a8f72faf7b
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
62ae283726b60dca9ab289f0b62ac6bbed46a3c66d8e40d312e94833877f06c6
640369f6c6077f653b23e771413d37faa76a6ec7d06bc240313dd974fbe02cad
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
656f4f84cadbfcbac63f7fae8cb3f3d66dd06fa6e21ed186c1c2b60b8604bf72
67fd03d12cd9941745e017cac44870121daf52d7ab971fcc49450e2eebbecc24
68262aa736a042a6286fe535f0fac315fe0b18fd95f5aafa24518b0ae25939ce
68711ca36b2fcbbd1a32399f6f4b95493b9b969f2502adb73ab1e46a4f5fcd68
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6d2926558dfb0319d469dca744d932a1934b0194213838a4c9529f4bd6887a23
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570
6ee78851a0c89bdea8d51466b8dff6b986494ede365aeebb78d1dd85468b6245
6f6c98373e98d09782fd0f9d51861d3f680c3190a14cf359bcc04abbd6149048
6fb573110505f7f3ab9d8c33df8795e2efaf7d4fa36a1a76a58f6e9d4d8e8b51
70422b0739ca991ded207cc02181739d134fa3c4ab3817c1a7c3db6f744900c8
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
750b9cbcad3747d1017e537ac2bf18de6a718f90752cc6d35e4d08154201bfab
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
792e885389ac9957f7c28e8d8521a6107e9a3b4e9eb320efc701ca1aa52b337d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
79e92f64cc840a06b3c100393a4ce1556963142cc20ec80437e022c4c9ec012b
7e810234645c20a7cba259cc6b6987d2ac6e73b53c85c674f0525037dbabef17
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635
840f913f3cae9407139b452ee9dd6b05604d1aad7855238b437e0bbc55ceb88e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8add3ea3594724f3829017c906429081d8e7042cc0f91c3e52972f1d3a5e815b
8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9
8ff40f3f42b5316d5f21c0b35f7b5670ec56136578a4b97a1efd97638c4cf00f
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c5306756f69dd3edf6c62dd9bc5bc2775fe262632775ca1161ea28b4895b176
9d922ca87eb58302e69dd1637de627c97fdb163902cc0cbf10cf100800fc7186
a07536074aaa7b4c93639d64e1b24096a1f06734aabb475d57604c876eb2e62b
a6c58aee80da786217ac25bde129a17cc05ccbe3188fa3682ab64376b408101a
a7bbd282fc423dd2a9754ef0c18108dd9e5904c0e903caa8bbf3a06621ec5282
ad6dccea9accf018923fa6e7d0dce6c9272bfbe9bdd664fbbc7f6339b7bc8f2c
af208842453b8fccc7156284e97f7606705b0d3d2d4c3495f4918cea135dcc19
b5eb0a372c1a5caf8b619cd0fc6361919c05718e6232aa929faa3de6060d33f3
b91de2ff4353c3fd241fba92e56a44f0e1a34c58bffdc23b745d728c598e43cd
b9fb88fb34b361ebb246505d1ea42c77d5bec3c0816f3624b435c034b4262747
bd6d48079009931c0845d251427a98fa978ead509c0f29d41e8385afe872a14b
c104a96e53afa261764c36bf31e626e40196ba8ca903d808c0f3e9deb9629a42
c1d01d9da7e4c3ebd4da4e0667a37780b4b4552aeb457005f0550f653c7e4567
c229dd8598c0c993f649da6a7abea4926e80e4fc55054625d2bbed24693b8d48
c3a04987d84151975efc565b525b850c95873b737c9d98375da8b80aa67fcdda
c6cecd60d4ab0c608085e4935854abf2401cc65909519bcbefdc616e91b1d1e5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb58a02109cbb0157ee63a8141f03ee4995b6ba0271ee80036736131be88edda
cb5ac6770869745ba8c9df9132170654804a3dd4ca9c7c1ce4acae7142df070b
cd743aceeae01143ffb5cd43774550b32a2723540e637a72e6d0a078c417e4b9
ceb443d2e20475530e492f550b6ba7a2be3e9539af79048d767ba81f7f28f951
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d44f838fde83ceadce863bc3eb81c53c98dc71b0e3d0f9e8f60e3c7dadeb2ac9
d5bdd783f4a2cc37b5db069176c2e245247d49ed5470f0f432fc69d1c3dfba53
d62f4aee4ce6f84d0eb284f0cc5e748052cdf550720cd9d49ef2c91845f7cc9c
d64211010570b2be70ded78d18514a9054aae35a22e16fb349cb1be1e68902eb
d91ef50af10e49e2638fd5147b9d2e9fdbde03166b0d5e84f26e005a7671c784
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dd6b13ba624853857d1b60c76d9e3a63c8be32e055e26b2314131738ca9df4fa
e0efabc28446e98742f6b7ab3e8e4209e2ccde7a52cdbcd34957bce02cf80b37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
e9e261fab8c586b16dc1831b34f9391bcb94b8fca0bfdcf369e8de3a19947d4d
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
eb22a5c54d3f3e62db846c44fc9286fdd63b45b93175e0a93a391ac4f69049a8
eecaf0ad3b1cc6ad3b2e813a8c95fd6e5d7670947e214e5538d985125764a430
f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664
f71bbeb2e2d71d720e8c9d6d6b01223ec75e83df7805bc834d2ee1e66e15dc32
f87d27a4de7ca508f816c4c8620dab37ea52e76a9b9714a1cc21daad7bb9d291
f95e51cb0e6b62748710cbc331616d975ed8d8c498fa5da0ee3b1f3e3faeb956
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
fb6ea6aa551f7224894917bdec3fe7e41f422d4d24c5146d792b6558b0490678
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fbe4261d8b81293955c88a05e0b78d853fe41a6a9cdd262446e1347a45a3effc
fd07e6ca07cc12251069b28597c6c90260258915aa059f37e7829c1cfb80f09f
ff2d0135a9df19463cff355360b91dd20ae88465b6a794ec159d6609cc887b90

www.dreamies.de Open in urlscan Pro 46.4.15.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

100 %HTTPS

32 %IPv6

30 Domains

49 Subdomains

35 IPs

8 Countries

3937 kBTransfer

6011 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dreamies.de Open in urlscan Pro
46.4.15.228 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

100 %
HTTPS

32 %
IPv6

30
Domains

49
Subdomains

35
IPs

8
Countries

3937 kB
Transfer

6011 kB
Size

6
Cookies

199 HTTP transactions
0 data transactions