www.qualifizierte-preise.de Open in urlscan Pro
185.3.185.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4
Effective URL:
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=...
Submission Tags: falconsandbox
Submission: On January 30 via api (January 30th 2021, 12:12:35 am UTC) from US

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 14 domains to perform 27 HTTP transactions. The main IP is 185.3.185.190, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is www.qualifizierte-preise.de.
TLS certificate: Issued by R3 on December 4th 2020. Valid for: 3 months.

This is the only time www.qualifizierte-preise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.115.153.221 217.115.153.221	20773 (GODADDY) (GODADDY)
9	185.3.185.190 185.3.185.190	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2.16.186.179 2.16.186.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1 3	18.193.31.194 18.193.31.194	16509 (AMAZON-02) (AMAZON-02)
6 6	18.195.73.36 18.195.73.36	16509 (AMAZON-02) (AMAZON-02)
2	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	51.89.7.198 51.89.7.198	16276 (OVH) (OVH)
2 2	52.29.234.105 52.29.234.105	16509 (AMAZON-02) (AMAZON-02)
1 2	54.228.36.34 54.228.36.34	16509 (AMAZON-02) (AMAZON-02)
1	18.184.181.235 18.184.181.235	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
27	12

1 217.115.153.221 (Germany) 1 redirects

ASN20773 (GODADDY, DE)
PTR: srv21.mailer-service.de

news.ultima-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.3.185.190 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

www.qualifizierte-preise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.179 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-179.deploy.static.akamaitechnologies.com

static2.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.31.194 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-31-194.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.195.73.36 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-36.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom)

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.7.198 (Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: p20.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.234.105 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-234-105.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.36.34 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-36-34.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.181.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-181-235.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	qualifizierte-preise.de www.qualifizierte-preise.de	392 KB
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	creative-serving.com 1 redirects static2.creative-serving.com ads.creative-serving.com	26 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	360yield.com 2 redirects ice.360yield.com	1007 B
2	1rx.io sync.1rx.io	374 B
2	gstatic.com fonts.gstatic.com	22 KB
1	justpremium.com match.justpremium.com	324 B
1	sonobi.com sync.go.sonobi.com	532 B
1	googleapis.com fonts.googleapis.com	1 KB
1	ultima-media.com 1 redirects news.ultima-media.com	595 B
27	14

	Domain	Requested by
9	www.qualifizierte-preise.de	www.qualifizierte-preise.de
6	x.bidswitch.net	6 redirects
3	id5-sync.com	2 redirects www.qualifizierte-preise.de
3	ads.creative-serving.com	1 redirects www.qualifizierte-preise.de
3	ka-f.fontawesome.com	kit.fontawesome.com
3	static2.creative-serving.com	www.qualifizierte-preise.de static2.creative-serving.com
2	cm.g.doubleclick.net	2 redirects
2	dpm.demdex.net	1 redirects www.qualifizierte-preise.de
2	ice.360yield.com	2 redirects
2	sync.1rx.io	www.qualifizierte-preise.de
2	fonts.gstatic.com	fonts.googleapis.com
1	match.justpremium.com	www.qualifizierte-preise.de
1	sync.go.sonobi.com	www.qualifizierte-preise.de
1	kit.fontawesome.com	www.qualifizierte-preise.de
1	fonts.googleapis.com	www.qualifizierte-preise.de
1	news.ultima-media.com	1 redirects
27	16

This site contains no links.

Subject Issuer	Validity	Valid
www.qualifizierte-preise.de R3	`2020-12-04` - `2021-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
static2.creative-serving.com R3	`2020-12-24` - `2021-03-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-27` - `2021-04-02`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
tracking.justpremium.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Frame ID: 42A1D583AB66FED44BCD2D9C89E7EA04
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4 HTTP 302
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

27
Requests

100 %
HTTPS

29 %
IPv6

14
Domains

16
Subdomains

12
IPs

6
Countries

467 kB
Transfer

675 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4 HTTP 302
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://ads.creative-serving.com/pixel?id=3155415&type=jsonp&cb=syncResponse HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3155415&type=jsonp&cb=syncResponse

Request Chain 19

https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=402 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=402 HTTP 302
https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=

Request Chain 20

https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=573 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=573 HTTP 302
https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=

Request Chain 21

https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=602 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=602 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21

Request Chain 22

https://id5-sync.com/s/101/76e14bdf-7c2a-42c7-9210-000cc1b3532a/1.gif HTTP 302
https://id5-sync.com/c/101/101/1/1.gif?puid=76e14bdf-7c2a-42c7-9210-000cc1b3532a&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOqsMlc7lYi9x1UcgunfA1SPYwGExJjPEib8oTsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOqsMlc7lYi9x1UcgunfA1SPYwGExJjPEib8oTsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/101/124/0/2.gif?puid=363a86a2-375b-43d7-bcba-0fbcecc3651c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Request Chain 23

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a

Request Chain 25

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm=&google_sc=&google_tc= HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESEHP-n7U1dNyrPNRBawrSjSk&google_cver=1

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/
Redirect Chain

http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hribersc...

12 KB
3 KB

93ms
30ms

Document
text/html

185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: ced36ed863c0a025cc4056236f3d3f7429246d2ce55f2dd3deba164ee95d80a3

Request headers

:method: GET
:authority: www.qualifizierte-preise.de
:scheme: https
:path: /_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Sat, 30 Jan 2021 00:11:57 GMT
content-type: text/html
vary: Accept-Encoding Accept-Encoding
etag: W/"1309380307"
last-modified: Thu, 20 Feb 2020 08:31:59 GMT
expires: Sun, 31 Jan 2021 00:11:57 GMT
cache-control: max-age=86400
content-encoding: gzip

Redirect headers

Date: Sat, 30 Jan 2021 00:11:57 GMT
Server: Apache
Location: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=GrÃ¼ne Mitte&zipcode=72585&city=Riederich
Connection: close
Cache-Control: max-age=7200
Expires: Sat, 30 Jan 2021 02:11:57 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-DNS-Prefetch-Control: off
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 foundation-custom.css
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/ 62 KB
9 KB 52ms
50ms Stylesheet
text/css 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/foundation-custom.css
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 25e5545bc1316cb31f6552d9056dd436d4e1e68362e5d26dbfe1ff843d87b65b

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 08:31:59 GMT
server: nginx
etag: W/"2352216015"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=86400
expires: Sun, 31 Jan 2021 00:11:57 GMT

GET
H2 200 main.css
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/ 3 KB
1 KB 24ms
23ms Stylesheet
text/css 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/main.css
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8af245271d7ebe82f886d6bdbc092b3c9640c58660b9cd290b190b1940148c08

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 08:31:59 GMT
server: nginx
etag: W/"2638920266"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=86400
expires: Sun, 31 Jan 2021 00:11:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 35ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Requested by

Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a29e008c684709e47187b56a861a81009d991926d5419987e4aa9257564acc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 22:40:05 GMT
server: ESF
date: Sat, 30 Jan 2021 00:11:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Jan 2021 00:11:57 GMT

GET
H2 200 mootools-core-1.4.5-full-compat-yc.js Show response
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/ 94 KB
31 KB 35ms
34ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/mootools-core-1.4.5-full-compat-yc.js
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 08:32:00 GMT
server: nginx
etag: W/"2560199360"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sun, 31 Jan 2021 00:11:57 GMT

GET
H2 200 script.js Show response
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/ 2 KB
841 B 48ms
47ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/script.js
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: e5463fb7c6a2161201535da9345108d44be9b1a7f7612d84d5fa6f0c9648cd48

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 08:32:01 GMT
server: nginx
etag: W/"2369690723"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sun, 31 Jan 2021 00:11:57 GMT

GET
H2 200 0722a600ec.js Show response
kit.fontawesome.com/ 11 KB
4 KB 50ms
32ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/0722a600ec.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a95f057038068689c4ac417e82203b34f1106500b3bd8ce6a8aa47e860bca445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://www.qualifizierte-preise.de
Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 07f23ae62600004a6140a97000000001
x-request-id: Fl7aGPVTWzglzYpRf10B
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 6196fa836f454a61-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 prize.png
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ 179 KB
179 KB 26ms
26ms Image
image/png 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/prize.png
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: ce23e320279a9e57052e7479ca9c68a5aec6bbdb0fff4e31945e5d1d377547b4

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
last-modified: Thu, 20 Feb 2020 08:32:00 GMT
server: nginx
etag: "3136563678"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 183184
expires: Sun, 31 Jan 2021 00:11:57 GMT

GET
H2 200 loader.gif
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ 7 KB
7 KB 33ms
32ms Image
image/gif 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/loader.gif
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: ba85596b84eccd6b23d0c66f63bdf0f8addeeba09d8454b9c41695d00e305d83

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
last-modified: Thu, 20 Feb 2020 08:31:59 GMT
server: nginx
etag: "2941340025"
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7247
expires: Sun, 31 Jan 2021 00:11:57 GMT

GET
H/1.1 200
OK pixel_loader.js Show response
static2.creative-serving.com/ 527 B
847 B 68ms
22ms Script
application/x-javascript 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/pixel_loader.js
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 00:11:57 GMT
Last-Modified: Mon, 07 Jan 2019 15:46:58 GMT
Server: AkamaiNetStorage
ETag: "68faa1738e44f8aabb6f53cba51f29d3:1546876018"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 527

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
13 KB 45ms
26ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=0722a600ec
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0722a600ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07f23ae671000005bf41236000000001
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZDL21sLknMUgxTBsyCc2AO%2FJAAgtURhBNS3HKSsyqje95%2F6PdHIouppry04ViFIGjNqIVUs2hQqWVJ21MDEw6x7bXJGj2cVVsGK9yqlN%2BT%2F9oq2OX%2BVLoU7V6W%2FzX%2BGNIw%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6196fa83ec8505bf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: omJwOg6DTlcM6Rt3B6rgVzNCGKbh4_6iOJrDTMVMYX4ZHOm0ttXBOw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
4 KB 44ms
25ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=0722a600ec
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0722a600ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07f23ae671000005bf628c8000000001
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IUtD83Yryg2m8cBN60DTRbN2ImnB56%2FydQEY73f81Vlarbd8AYu34ddXmQpMDxehEjHSS9iRFApVNgIHKk1WnFhubg0pGrwH%2FoaGSYajpqd5pi7divfyoQOB4Y%2FJAo4HHQ%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6196fa83ec8605bf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: PmH3daZpezylds2ekelzxPdEKEJ_7Tc6KdU4FbMWb3H1vhTpzNBUMg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 3 KB
2 KB 40ms
21ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-font-face.min.css?token=0722a600ec
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0722a600ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07f23ae672000005bf74205000000001
last-modified: Wed, 13 Jan 2021 18:32:16 GMT
server: cloudflare
etag: W/"252773908df2cc3deb0e09dc1817e64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hsuuU82SwpapyqpunuzPbtI%2BeqXXed%2FoQw3hG9tnNKPnYmO0bSp03PJbn%2BgMcZLsJGQuARQ8zQEXi0%2BaFxcdEKwXOF7mRU%2FbRdBg95O9ZjJKBrQ4VAKRnsmBSvgtDfZdgg%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6196fa83ec8805bf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: HFm3BLhgRrInJQkidIsxme0e3oYQgi-Q3JIJeRf3Njfgrymm52EIsA==

GET
H2 200 bg.jpg
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ 161 KB
162 KB 42ms
41ms Image
image/jpeg 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/bg.jpg
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: dd09fdcb2259ab9499133f8fd5c508f3eb2ddf106f0ac997a9d671e28a2ecccc

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
last-modified: Thu, 20 Feb 2020 08:31:59 GMT
server: nginx
etag: "3155671779"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 165138
expires: Sun, 31 Jan 2021 00:11:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 25ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.qualifizierte-preise.de
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 21:58:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 180790
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
expires: Thu, 27 Jan 2022 21:58:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 29ms
10ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.qualifizierte-preise.de
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:56:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 15322
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 29 Jan 2022 19:56:35 GMT

GET
H/1.1 200
OK pixel.js Show response
static2.creative-serving.com/ 2 KB
3 KB 22ms
21ms Script
application/x-javascript 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/pixel.js
Requested by: Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel_loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 60bc771e751017a6116e7223cef3bc5792b1f3c64044bf13141482edbed116ca

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 00:11:57 GMT
Last-Modified: Mon, 25 Jan 2021 09:54:00 GMT
Server: AkamaiNetStorage
ETag: "8aa7371fb7069f7b6276854584a0d506:1611568439.989547"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2455

GET
H2 200 global.pl
www.qualifizierte-preise.de/cgi-bin/ 77 B
169 B 43ms
42ms Image
image/gif 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qualifizierte-preise.de/cgi-bin/global.pl?todo=log_clicks_prelander&source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
server: nginx
x-map-context: de
content-type: image/gif
content-length: 77
x-served-by: a-03

GET
H/1.1 200
OK id5-api.js Show response
static2.creative-serving.com/ 20 KB
20 KB 27ms
26ms Script
application/x-javascript 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/id5-api.js
Requested by: Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1ed5f2fc1e66035303acba9525aeae50f4b303e9dc137c6e1ced3c240048dddd

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 00:11:57 GMT
Last-Modified: Tue, 19 Jan 2021 13:33:29 GMT
Server: AkamaiNetStorage
ETag: "104098c2d3abc12737111a2df710f503:1611063209.670055"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20257

GET
H/1.1

200
OK

pixel Show response
ads.creative-serving.com/ul_cb/
Redirect Chain

https://ads.creative-serving.com/pixel?id=3155415&type=jsonp&cb=syncResponse
https://ads.creative-serving.com/ul_cb/pixel?id=3155415&type=jsonp&cb=syncResponse

805 B
1 KB

23ms
23ms

Script
application/javascript

18.193.31.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/ul_cb/pixel?id=3155415&type=jsonp&cb=syncResponse
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.31.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-31-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b2821ef489e0b363c0543b364635401c9e7d6163928b516f73404ef8176c3dc1

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 00:11:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 805
Content-Type: application/javascript

Redirect headers

Location: https://ads.creative-serving.com/ul_cb/pixel?id=3155415&type=jsonp&cb=syncResponse
Date: Sat, 30 Jan 2021 00:11:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21
sync.1rx.io/usersync/bidswitch/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=402
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=402
https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=

0
187 B

66ms
16ms

Image
text/plain

213.19.147.151
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.147.151 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Jan 2021 00:11:57 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Tengine
Connection: keep-alive
Expires: 0

Redirect headers

location: //sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=
date: Sat, 30 Jan 2021 00:11:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21
sync.1rx.io/usersync/bidswitch/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=573
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=573
https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=

0
187 B

63ms
15ms

Image
text/plain

213.19.147.151
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.147.151 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Jan 2021 00:11:57 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Tengine
Connection: keep-alive
Expires: 0

Redirect headers

location: //sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=
date: Sat, 30 Jan 2021 00:11:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=602
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=602
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21

49 B
532 B

63ms
15ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Jan 2021 00:11:57 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21
date: Sat, 30 Jan 2021 00:11:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

2.gif
id5-sync.com/cq/101/124/0/
Redirect Chain

https://id5-sync.com/s/101/76e14bdf-7c2a-42c7-9210-000cc1b3532a/1.gif
https://id5-sync.com/c/101/101/1/1.gif?puid=76e14bdf-7c2a-42c7-9210-000cc1b3532a&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOqsMlc7lYi9x1UcgunfA1SPYwGExJjPEib8oTsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOqsMlc7lYi9x1UcgunfA1SPYwGExJjPEib8oTsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fp...
https://id5-sync.com/cq/101/124/0/2.gif?puid=363a86a2-375b-43d7-bcba-0fbcecc3651c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

43 B
1 KB

24ms
23ms

Image
image/gif

51.89.7.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/101/124/0/2.gif?puid=363a86a2-375b-43d7-bcba-0fbcecc3651c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.198 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p20.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 00:11:56 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/101/124/0/2.gif?puid=363a86a2-375b-43d7-bcba-0fbcecc3651c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date: Sat, 30 Jan 2021 00:11:57 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a

42 B
915 B

33ms
33ms

Image
image/gif

54.228.36.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.36.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-36-34.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-079256acc.edge-irl1.demdex.com 5.80.5.20210120122710 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: MJAS4D4wShY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 87zt2tX1Q9E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p161
match.justpremium.com/match/ 43 B
324 B 77ms
22ms Image
image/gif 18.184.181.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/p161?ex_uid=76e14bdf-7c2a-42c7-9210-000cc1b3532a
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.181.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-181-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 00:11:57 GMT
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm=&google_sc=&google_tc=
https://ads.creative-serving.com/gcm?google_gid=CAESEHP-n7U1dNyrPNRBawrSjSk&google_cver=1

43 B
220 B

23ms
22ms

Image
image/gif

18.193.31.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESEHP-n7U1dNyrPNRBawrSjSk&google_cver=1
Requested by: Host: www.qualifizierte-preise.de
URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.31.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-31-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 00:11:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 30 Jan 2021 00:11:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.creative-serving.com/gcm?google_gid=CAESEHP-n7U1dNyrPNRBawrSjSk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
cm.g.doubleclick.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ice.360yield.com
id5-sync.com
ka-f.fontawesome.com
kit.fontawesome.com
match.justpremium.com
news.ultima-media.com
static2.creative-serving.com
sync.1rx.io
sync.go.sonobi.com
www.qualifizierte-preise.de
x.bidswitch.net
142.250.185.226
178.162.133.149
18.184.181.235
18.193.31.194
18.195.73.36
185.3.185.190
2.16.186.179
213.19.147.151
217.115.153.221
2606:4700::6812:1734
2606:4700:e6::ac40:cb1c
2a00:1450:4001:80e::200a
2a00:1450:4001:817::2003
2a00:1450:4001:82a::2002
51.89.7.198
52.29.234.105
54.228.36.34
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1ed5f2fc1e66035303acba9525aeae50f4b303e9dc137c6e1ced3c240048dddd
25e5545bc1316cb31f6552d9056dd436d4e1e68362e5d26dbfe1ff843d87b65b
4a29e008c684709e47187b56a861a81009d991926d5419987e4aa9257564acc2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60bc771e751017a6116e7223cef3bc5792b1f3c64044bf13141482edbed116ca
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e
8af245271d7ebe82f886d6bdbc092b3c9640c58660b9cd290b190b1940148c08
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a95f057038068689c4ac417e82203b34f1106500b3bd8ce6a8aa47e860bca445
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b2821ef489e0b363c0543b364635401c9e7d6163928b516f73404ef8176c3dc1
ba85596b84eccd6b23d0c66f63bdf0f8addeeba09d8454b9c41695d00e305d83
ce23e320279a9e57052e7479ca9c68a5aec6bbdb0fff4e31945e5d1d377547b4
ced36ed863c0a025cc4056236f3d3f7429246d2ce55f2dd3deba164ee95d80a3
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
dd09fdcb2259ab9499133f8fd5c508f3eb2ddf106f0ac997a9d671e28a2ecccc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5463fb7c6a2161201535da9345108d44be9b1a7f7612d84d5fa6f0c9648cd48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.qualifizierte-preise.de Open in urlscan Pro 185.3.185.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

29 %IPv6

14 Domains

16 Subdomains

12 IPs

6 Countries

467 kBTransfer

675 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.qualifizierte-preise.de Open in urlscan Pro
185.3.185.190 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

29 %
IPv6

14
Domains

16
Subdomains

12
IPs

6
Countries

467 kB
Transfer

675 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions