www.ga-online.de Open in urlscan Pro
109.239.194.15  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request Cookie set artikel Show response www.ga-online.de/-news/	9 KB 3 KB	222ms 122ms	Document text/html	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Full URL https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 33f625a703863e63766b1527c6a12b04ae9cf8e7b60e1dc66e487b8841cde713 Request headers Host www.ga-online.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Tue, 09 Jun 2020 09:28:53 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie SESSION=f8c87vl6dstvim2o7f94au8mr2; expires=Tue, 09-Jun-2020 13:28:53 GMT; Max-Age=14400; path=/; domain=.ga-online.de; HttpOnly P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-BE 3 X-Cache MISS Content-Encoding gzip
GET H/1.1	200 OK	960-grid.css www.ga-online.de/css/	10 KB 2 KB	32ms 31ms	Stylesheet text/css	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Full URL https://www.ga-online.de/css/960-grid.css?1591185846 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 9f1b3994d8aed12ca593c756ca9c0d0129c4a97f09daad97c42dfd965a208d38 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Content-Encoding gzip Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag W/"2896-5a72cd31f5980-gzip" Vary Accept-Encoding X-Cache HIT Content-Type text/css Connection keep-alive Transfer-Encoding chunked X-BE 3 X-Cache-Hits 35
GET H/1.1	200 OK	layout-ga.css www.ga-online.de/css/	224 KB 33 KB	86ms 52ms	Stylesheet text/css	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Full URL https://www.ga-online.de/css/layout-ga.css?1591186118 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 7787dc5ed8497274cb9225d1fea55adb9f863fc3002071e954fb0ec3b8edcf3b Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Content-Encoding gzip Last-Modified Wed, 03 Jun 2020 12:08:38 GMT Server nginx ETag W/"380d0-5a72ce355bd80-gzip" Vary Accept-Encoding X-Cache HIT Content-Type text/css Connection keep-alive Transfer-Encoding chunked X-BE 3 X-Cache-Hits 32
GET H/1.1	200 OK	layout-custom.css www.ga-online.de/css/	16 KB 3 KB	81ms 27ms	Stylesheet text/css	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Full URL https://www.ga-online.de/css/layout-custom.css?1591185846 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 92ada02ea16ad11d6b21bcc0d4e02da272c83a6acaffc45bc8160b29c426e472 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Content-Encoding gzip Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag W/"402d-5a72cd31f5980-gzip" Vary Accept-Encoding X-Cache HIT Content-Type text/css Connection keep-alive Transfer-Encoding chunked X-BE 3 X-Cache-Hits 33
GET H2	200	css fonts.googleapis.com/	6 KB 768 B	20ms 19ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans:400,700,700italic,400italic Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9bab0b174425982331c71791b61db7a1194be7a08bcad2a265d5ca9e21753dc5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 09 Jun 2020 09:28:50 GMT server ESF date Tue, 09 Jun 2020 09:28:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 09 Jun 2020 09:28:53 GMT
GET H/1.1	200 OK	jquery-1.8.2.min.js Show response code.jquery.com/	91 KB 33 KB	39ms 6ms	Script application/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.8.2.min.js Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Content-Encoding gzip Last-Modified Fri, 24 Oct 2014 00:16:07 GMT Server nginx ETag W/"54499a47-16cfb" Vary Accept-Encoding X-HW 1591694933.dop131.fr8.t,1591694933.cds012.fr8.shn,1591694933.cds012.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 33384
GET H/1.1	200 OK	asyncjs.php Show response www.ga-online.de/openx/www/delivery/	10 KB 10 KB	43ms 40ms	Script text/javascript	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Full URL https://www.ga-online.de/openx/www/delivery/asyncjs.php Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 590bfe5c12b466ad36f5ec8274c0716b4dccbbb567406f08b648d59f94f0cefc Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Server nginx ETag b3d8fe951e505d4e2d366c5853d754d6 Transfer-Encoding chunked P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, max-age=3600 Connection keep-alive Content-Type text/javascript;charset=UTF-8 Expire Tue, 09 Jun 2020 10:28:53 GMT
GET H/1.1	200 OK	logo.png www.ga-online.de/images/layout-ga/	5 KB 6 KB	30ms 27ms	Image image/png	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/images/layout-ga/logo.png Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 69bfcae68324444ff3f70dbcccfe53a988f57a2e862953c4285830f7077aeec0 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "15b1-5a72cd31f5980" X-Cache HIT Content-Type image/png Connection keep-alive X-BE 1 Accept-Ranges bytes Content-Length 5553 X-Cache-Hits 23
GET H/1.1	200 OK	wolkig_small.png www.ga-online.de/img/wetter/wetter_icons/negativ/	2 KB 2 KB	30ms 28ms	Image image/png	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/img/wetter/wetter_icons/negativ/wolkig_small.png?1591185846 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash bf1ddc6b4dfd00cbc039ff8125e7cf629922cba408508367091e17b6ac8368b8 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "64b-5a72cd31f5980" X-Cache HIT Content-Type image/png Connection keep-alive X-BE 3 Accept-Ranges bytes Content-Length 1611 X-Cache-Hits 10
GET H/1.1	200 OK	default-profile-image.png www.ga-online.de/img/24-7/	2 KB 2 KB	56ms 37ms	Image image/png	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/img/24-7/default-profile-image.png Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 527add2c78b4a60c1feee852cfeea6ef9cdb94f6d7e41363002c876aa6e3d4c5 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "6f4-5a72cd31f5980" X-Cache HIT Content-Type image/png Connection keep-alive X-BE 2 Accept-Ranges bytes Content-Length 1780 X-Cache-Hits 12
GET H/1.1	200 OK	navigation.js Show response www.ga-online.de/js/	2 KB 884 B	30ms 28ms	Script application/javascript	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Full URL https://www.ga-online.de/js/navigation.js?1591185846 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash c262c9f8c63f4df45b72696ad6807c80b3c10a1bb68d52aac008ac28e89f0e06 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Content-Encoding gzip Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag W/"640-5a72cd31f5980-gzip" Vary Accept-Encoding X-Cache HIT Content-Type application/javascript Connection keep-alive Transfer-Encoding chunked X-BE 2 X-Cache-Hits 31
GET H/1.1	200 OK	footer-services.png www.ga-online.de/images/	5 KB 5 KB	60ms 29ms	Image image/png	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/images/footer-services.png Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 40d1643918bb98865b43e5799123543863c701adcd82119cdc8ad1046de275d0 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "127b-5a72cd31f5980" X-Cache HIT Content-Type image/png Connection keep-alive X-BE 3 Accept-Ranges bytes Content-Length 4731 X-Cache-Hits 22
GET H/1.1	200 OK	header-bg.jpg www.ga-online.de/images/	352 B 630 B	57ms 29ms	Image image/jpeg	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/images/header-bg.jpg Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash e68cf4188572d8671637409a6b2a2fcb58a7d8c4da2e0bac70997a8cfc18bf16 Request headers Referer https://www.ga-online.de/css/layout-ga.css?1591186118 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "160-5a72cd31f5980" X-Cache HIT Content-Type image/jpeg Connection keep-alive X-BE 3 Accept-Ranges bytes Content-Length 352 X-Cache-Hits 24
GET H/1.1	200 OK	toplink-sep.gif www.ga-online.de/images/	45 B 320 B	72ms 27ms	Image image/gif	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/images/toplink-sep.gif Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 50e5787be9bfcc4728cd1c6252050408e058986522224dfe809cc4a2d151b000 Request headers Referer https://www.ga-online.de/css/layout-ga.css?1591186118 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "2d-5a72cd31f5980" X-Cache HIT Content-Type image/gif Connection keep-alive X-BE 3 Accept-Ranges bytes Content-Length 45 X-Cache-Hits 24
GET H/1.1	200 OK	nav-bg2.jpg www.ga-online.de/img/	352 B 630 B	62ms 29ms	Image image/jpeg	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/img/nav-bg2.jpg?1589131833 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash a8428bf1fe86756cc811709da9d82a15ad4d2163072b4bb0db13eac0a6d7e03d Request headers Referer https://www.ga-online.de/css/layout-ga.css?1591186118 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "160-5a72cd31f5980" X-Cache HIT Content-Type image/jpeg Connection keep-alive X-BE 3 Accept-Ranges bytes Content-Length 352 X-Cache-Hits 24
GET H/1.1	200 OK	block-head.jpg www.ga-online.de/images/	331 B 609 B	66ms 31ms	Image image/jpeg	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/images/block-head.jpg Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 8fcf6eb7c547626582f76c53c52c28d3e0a5223a5e93d43e87fe9d4a7c127031 Request headers Referer https://www.ga-online.de/css/layout-ga.css?1591186118 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "14b-5a72cd31f5980" X-Cache HIT Content-Type image/jpeg Connection keep-alive X-BE 3 Accept-Ranges bytes Content-Length 331 X-Cache-Hits 23
GET H/1.1	200 OK	ico-error.png www.ga-online.de/images/	2 KB 2 KB	64ms 33ms	Image image/png	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/images/ico-error.png Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 088818b88846c87f2ccd9ab34df9d873449d6902346ef56cf26a40bb94f9ddec Request headers Referer https://www.ga-online.de/css/layout-ga.css?1591186118 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "6c7-5a72cd31f5980" X-Cache MISS Content-Type image/png Connection keep-alive X-BE 2 Accept-Ranges bytes Content-Length 1735
GET H/1.1	200 OK	username.gif www.ga-online.de/images/	46 B 321 B	60ms 29ms	Image image/gif	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/images/username.gif Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 2363895b054587890a636b715e68bb00829d192025887ba0554c0610e3e62f50 Request headers Referer https://www.ga-online.de/css/layout-ga.css?1591186118 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "2e-5a72cd31f5980" X-Cache HIT Content-Type image/gif Connection keep-alive X-BE 1 Accept-Ranges bytes Content-Length 46 X-Cache-Hits 22
GET H/1.1	200 OK	nav-sub-active.gif www.ga-online.de/img/	46 B 321 B	60ms 30ms	Image image/gif	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/img/nav-sub-active.gif?1589131833 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/-news/artikel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 450e1c7ed1f81d1fe2cc938a297cbd79f2d76c0850170429ab8a277616ef5c5e Request headers Referer https://www.ga-online.de/css/layout-ga.css?1591186118 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Last-Modified Wed, 03 Jun 2020 12:04:06 GMT Server nginx ETag "2e-5a72cd31f5980" X-Cache HIT Content-Type image/gif Connection keep-alive X-BE 3 Accept-Ranges bytes Content-Length 46 X-Cache-Hits 23
GET H/1.1	200 OK	asyncspc.php Show response www.ga-online.de/openx/www/delivery/	646 B 928 B	54ms 53ms	XHR application/json	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Full URL https://www.ga-online.de/openx/www/delivery/asyncspc.php?zones=125&prefix=revive-0-&loc=https%3A%2F%2Fwww.ga-online.de%2F-news%2Fartikel Requested by Host: www.ga-online.de URL: https://www.ga-online.de/openx/www/delivery/asyncjs.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 30d95e7a22763201a8291650c504ec18e153551e06000e4ebec1cdbdf95cf13a Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 09 Jun 2020 09:28:53 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="CUR ADM OUR NOR STA NID" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type application/json Expires 0
GET H/1.1	200 OK	g9zffd2nyut8 Show response ad.ad-srv.net/zone/	10 KB 3 KB	69ms 23ms	Script text/html	138.201.64.38 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/zone/g9zffd2nyut8 Requested by Host: www.ga-online.de URL: https://www.ga-online.de/openx/www/delivery/asyncjs.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.38.64.201.138.clients.your-server.de Software Apache / Resource Hash df8819e67f53da6bb5f105108cdef91c777aaec682bb3bdeb94bc8ba193aa612 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 09 Jun 2020 09:28:53 GMT Content-Encoding gzip Server Apache Connection close Content-Length 2625 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	lg.php www.ga-online.de/openx/www/delivery/	43 B 479 B	41ms 40ms	Image image/gif	109.239.194.15 OMG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ga-online.de/openx/www/delivery/lg.php?bannerid=622&campaignid=366&zoneid=305&loc=https%3A%2F%2Fwww.ga-online.de%2F-news%2Fartikel&cb=c87ef0cf1b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.239.194.15 Uplengen, Germany, ASN50621 (OMG-AS, DE), Reverse DNS lb.zgo.de Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://www.ga-online.de/-news/artikel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 09 Jun 2020 09:28:53 GMT Server nginx P3P CP="CUR ADM OUR NOR STA NID" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery undefined| navigation object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync number| tpTmpI object| tpAdtagb5375d6b11 function| tpAdtagBase

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ga-online.de/	1970-01-19 10:08:29	Name: SESSION Value: f8c87vl6dstvim2o7f94au8mr2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
code.jquery.com
fonts.googleapis.com
www.ga-online.de
109.239.194.15
138.201.64.38
2001:4de0:ac19::1:b:1b
2a00:1450:4001:801::200a
088818b88846c87f2ccd9ab34df9d873449d6902346ef56cf26a40bb94f9ddec
2363895b054587890a636b715e68bb00829d192025887ba0554c0610e3e62f50
30d95e7a22763201a8291650c504ec18e153551e06000e4ebec1cdbdf95cf13a
33f625a703863e63766b1527c6a12b04ae9cf8e7b60e1dc66e487b8841cde713
40d1643918bb98865b43e5799123543863c701adcd82119cdc8ad1046de275d0
450e1c7ed1f81d1fe2cc938a297cbd79f2d76c0850170429ab8a277616ef5c5e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e5787be9bfcc4728cd1c6252050408e058986522224dfe809cc4a2d151b000
527add2c78b4a60c1feee852cfeea6ef9cdb94f6d7e41363002c876aa6e3d4c5
590bfe5c12b466ad36f5ec8274c0716b4dccbbb567406f08b648d59f94f0cefc
69bfcae68324444ff3f70dbcccfe53a988f57a2e862953c4285830f7077aeec0
7787dc5ed8497274cb9225d1fea55adb9f863fc3002071e954fb0ec3b8edcf3b
8fcf6eb7c547626582f76c53c52c28d3e0a5223a5e93d43e87fe9d4a7c127031
92ada02ea16ad11d6b21bcc0d4e02da272c83a6acaffc45bc8160b29c426e472
9bab0b174425982331c71791b61db7a1194be7a08bcad2a265d5ca9e21753dc5
9f1b3994d8aed12ca593c756ca9c0d0129c4a97f09daad97c42dfd965a208d38
a8428bf1fe86756cc811709da9d82a15ad4d2163072b4bb0db13eac0a6d7e03d
bf1ddc6b4dfd00cbc039ff8125e7cf629922cba408508367091e17b6ac8368b8
c262c9f8c63f4df45b72696ad6807c80b3c10a1bb68d52aac008ac28e89f0e06
df8819e67f53da6bb5f105108cdef91c777aaec682bb3bdeb94bc8ba193aa612
e68cf4188572d8671637409a6b2a2fcb58a7d8c4da2e0bac70997a8cfc18bf16
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729