Submitted URL: https://onmeda.de
Effective URL: https://www.onmeda.de/
Submission: On March 18 via automatic, source alexatop100k

Summary

This website contacted 26 IPs in 9 countries across 31 domains to perform 66 HTTP transactions. The main IP is 78.35.17.134, located in Cologne, Germany and belongs to NETCOLOGNE, DE. The main domain is www.onmeda.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 7th 2019. Valid for: a year.
This is the only time www.onmeda.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 78.35.17.134 8422 (NETCOLOGNE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2600:9000:200... 16509 (AMAZON-02)
1 91.215.103.64 43407 (INFONLINE-AS)
2 2600:9000:200... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.17.182.129 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2.18.233.126 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:200... 16509 (AMAZON-02)
2 46.105.202.39 16276 (OVH)
1 2a00:cd0:1005... 48173 (UNBELIEVA...)
1 99.86.1.198 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS)
1 15 104.109.68.123 20940 (AKAMAI-ASN1)
1 18.195.82.173 16509 (AMAZON-02)
1 149.202.74.47 16276 (OVH)
1 80.82.201.86 48173 (UNBELIEVA...)
1 80.82.201.94 48173 (UNBELIEVA...)
3 3 85.114.159.93 24961 (MYLOC-AS)
1 54.247.163.81 16509 (AMAZON-02)
1 2 89.163.159.112 24961 (MYLOC-AS)
1 1 216.58.210.2 15169 (GOOGLE)
2 2 176.34.134.126 16509 (AMAZON-02)
2 2 37.252.172.70 29990 (ASN-APPNEXUS)
1 1 37.157.4.40 198622 (ADFORM)
1 1 85.215.5.31 6724 (STRATO ST...)
3 3 18.153.11.9 16509 (AMAZON-02)
2 2 146.148.8.25 15169 (GOOGLE)
1 1 185.31.128.128 54312 (ROCKETFUEL)
2 2 185.29.135.227 30419 (MEDIAMATH...)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
4 18.194.109.215 16509 (AMAZON-02)
1 13.32.221.90 16509 (AMAZON-02)
1 52.94.220.16 16509 (AMAZON-02)
66 26
Domain
Subdomains
Transfer
20 onmeda.de
464 KB
15 yieldlab.net
9 KB
5 adition.com
2 KB
4 sqrt-5041.de
1004 B
4 gstatic.com
39 KB
3 bidswitch.net
2 KB
3 amazon-adsystem.com
23 KB
3 nuggad.net
2 KB
3 heatmap.it
11 KB
3 71i.de
108 KB
2 mathtag.com
1 KB
2 volvelle.tech
1 KB
2 adnxs.com
2 KB
2 adsrvr.org
834 B
2 theadex.com
696 B
2 doubleclick.net
292 B
2 google-analytics.com
17 KB
2 afcdn.com
140 KB
1 yahoo.com
90 B
1 rfihub.com
683 B
1 twiago.com
542 B
1 adform.net
189 B
1 krxd.net
453 B
1 mookie1.com
673 B
1 google.de
109 B
1 google.com
180 B
1 demdex.net
2 KB
1 googletagmanager.com
25 KB
1 ioam.de
de.ioam.de Failed
10 KB
1 fonts.googleapis.com
848 B
0 weborama.com Failed
dx.bigsea.weborama.com Failed
0 B
66 31
Domain Requested by
17 i.onmeda.de www.onmeda.de
14 ad.yieldlab.net 1 redirects www.onmeda.de
ad.71i.de
5 dsp.adfarm1.adition.com 5 redirects
4 cerberus.sqrt-5041.de ad.71i.de
www.onmeda.de
4 fonts.gstatic.com www.onmeda.de
3 x.bidswitch.net 3 redirects
3 ad.71i.de static.afcdn.com
ad.71i.de
2 sync.mathtag.com 2 redirects
2 a.volvelle.tech 2 redirects
2 ib.adnxs.com 2 redirects
2 match.adsrvr.org 2 redirects
2 dmp.theadex.com 1 redirects www.onmeda.de
2 c.amazon-adsystem.com ad.71i.de
c.amazon-adsystem.com
2 u.heatmap.it www.onmeda.de
u.heatmap.it
2 www.google-analytics.com www.onmeda.de
2 static.afcdn.com www.onmeda.de
2 www.onmeda.de 1 redirects
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 p.rfihub.com 1 redirects
1 a.twiago.com 1 redirects
1 c1.adform.net 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 beacon.krxd.net www.onmeda.de
1 probe.yieldlab.net ad.71i.de
1 axdget-sync.nuggad.net www.onmeda.de
1 ad-sync.nuggad.net www.onmeda.de
1 eu6.heatmap.it www.onmeda.de
1 de-gmtdmp.mookie1.com www.onmeda.de
1 71i.nuggad.net ad.71i.de
1 www.google.de www.onmeda.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 dpm.demdex.net i.onmeda.de
1 www.googletagmanager.com www.onmeda.de
1 script.ioam.de www.onmeda.de
1 fonts.googleapis.com www.onmeda.de
1 onmeda.de 1 redirects
0 dx.bigsea.weborama.com Failed www.onmeda.de
0 de.ioam.de Failed script.ioam.de
66 40
Subject / Issuer Validity Valid
*.onmeda.de
Sectigo RSA Domain Validation Secure Server CA
2019-03-07 -
2020-03-06
a year
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
i.onmeda.de
Amazon
2018-05-10 -
2019-06-10
a year
*.ioam.de
COMODO RSA Organization Validation Secure Server CA
2017-12-22 -
2020-12-21
3 years
static.afcdn.com
Amazon
2018-05-08 -
2019-06-08
a year
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years
www.google.de
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.71i.de
DigiCert SHA2 Secure Server CA
2018-08-13 -
2019-08-13
a year
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.heatmap.it
COMODO RSA Domain Validation Secure Server CA
2016-06-05 -
2019-06-27
3 years
*.nuggad.net
Gandi Standard SSL CA 2
2018-01-12 -
2020-01-16
2 years
c.amazon-adsystem.com
Amazon
2018-12-18 -
2019-11-21
a year
*.yieldlab.net
DigiCert SHA2 Secure Server CA
2018-12-12 -
2020-03-12
a year
*.mookie1.com
DigiCert SHA2 Secure Server CA
2019-02-07 -
2020-03-22
a year
*.krxd.net
Go Daddy Secure Certificate Authority - G2
2017-06-12 -
2019-07-11
2 years
*.theadex.com
GeoTrust RSA CA 2018
2018-02-16 -
2019-10-19
2 years
*.sqrt-5041.de
Amazon
2018-08-17 -
2019-09-17
a year
aax-eu.amazon-adsystem.com
Amazon
2018-12-12 -
2019-12-10
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • env /pbjs/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^szmvars$/i
  • env /^iam_data$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • https://onmeda.de/
  • http://www.onmeda.de/
  • https://www.onmeda.de/
73 KB
16 KB
Document
General
Full URL
https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS
www.onmeda.de
Software
Apache /
Resource Hash
4f67c6cfea019a5dccfd7a97ca95b475dfea0ab3576c0b6140f4c5f5e4baf004

Request headers

Host
www.onmeda.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:44 GMT
Server
Apache
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 18 Mar 2019 02:32:44 GMT
Server
Apache
Location
https://www.onmeda.de/
Content-Length
230
Connection
close
Content-Type
text/html; charset=iso-8859-1
css?family=Open+Sans:400,600,700%7CPT+Serif
fonts.googleapis.com
9 KB
848 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
05e53e8c100f573bb743785b2f21dab97ca1f13511313955c2178930c950143b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 18 Mar 2019 02:32:44 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 18 Mar 2019 02:32:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Mon, 18 Mar 2019 02:32:44 GMT
onmeda.css
i.onmeda.de/nav
211 KB
33 KB
Stylesheet
General
Full URL
https://i.onmeda.de/nav/onmeda.css
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
5e5d1c1a6a3bf463c47aee99657f8ff9ac52c4fb4d9ca0365c301ff5d8b3ad3d

Request headers

:path
/nav/onmeda.css
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 16:08:54 GMT
content-encoding
gzip
last-modified
Fri, 15 Feb 2019 16:09:02 GMT
server
nginx
age
210218
etag
"893286-34d0e-581f0fe4ac380"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
33690
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id
GakXdZwo8SoTL7zj2TB4DnCvp5d3BfSSgRL4bSYfz_nubKAqleEE7w==
ads.js
i.onmeda.de/nav
6 KB
2 KB
Script
General
Full URL
https://i.onmeda.de/nav/ads.js
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
f1dfb1c8c86c4324c5fcae73b0ffb6528bf6a2bad42414276fa056bd0e8e6435

Request headers

:path
/nav/ads.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 00:09:00 GMT
content-encoding
gzip
last-modified
Fri, 25 Jan 2019 16:33:20 GMT
server
nginx
age
527060
etag
"89327f-193f-5804ae2873400"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
1957
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id
PBqlGvt_VApw_LmnOUdvyZUVoXISQzS1UCFSJryDtzBcXW_hfZa0Wg==
iam.js
script.ioam.de
31 KB
10 KB
Script
General
Full URL
https://script.ioam.de/iam.js
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script3.ioam.de
Software
nginx / BLACKBIRD-SRC v0.9 0009
Resource Hash
abbc2629de69cc04fbe8877a17db1385137a65db1e887b17c8da76b174801897

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Mar 2019 02:32:44 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.9 0009
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
privat, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 18 Mar 2019 04:32:44 GMT
visitor_api_v1.6.js
i.onmeda.de/nav
21 KB
9 KB
Script
General
Full URL
https://i.onmeda.de/nav/visitor_api_v1.6.js
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
21b6f9f75b9afad52abc2b6139f274e75b09a8ad025bd8e306cc454ba54f1db6

Request headers

:path
/nav/visitor_api_v1.6.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 08:04:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Oct 2018 08:04:28 GMT
server
nginx
age
498471
etag
"892cb9-533a-5785400b4fb00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
8734
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id
E9QWDKre_NK7lHwYFmBxlP_mExcpPfYyCnhBKwc7fcLItgc-Q_RBhQ==
dil_v6.4.js
i.onmeda.de/nav
36 KB
12 KB
Script
General
Full URL
https://i.onmeda.de/nav/dil_v6.4.js
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7243dc6bcdd3c2e324fbc29c6e969e0a7504646b21045b4817556dd26fb20243

Request headers

:path
/nav/dil_v6.4.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 17 Mar 2019 19:25:58 GMT
content-encoding
gzip
last-modified
Tue, 16 Oct 2018 08:03:59 GMT
server
nginx
age
25607
etag
"892cb2-9105-57853fefa79c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
12410
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id
16WuLs05-Fg1i1lugcBxJQbun5OXGoRdDMCkIVUgoCu-0Y7U-mh-sg==
concat.js?PCM-lVTJTsMwEP0ajo2S0iJx4MDWCyAQFb1WdjJxTJ0Zy0ub_j1JTRdQF-cymuW90Wz2DLAgczWcMF92srCtrPhGZdqB6ex5G7wPZvJt72Zbjvbc-g6bJTdJunMMrEShwBH-QXNaWdgrSS3_xkMFQhFnap5TXRPOHekjGFa-khD_itmGpmCtpGOpQ3P...
static.afcdn.com/relde
402 KB
139 KB
Script
General
Full URL
https://static.afcdn.com/relde/concat.js?PCM-lVTJTsMwEP0ajo2S0iJx4MDWCyAQFb1WdjJxTJ0Zy0ub_j1JTRdQF-cymuW90Wz2DLAgczWcMF92srCtrPhGZdqB6ex5G7wPZvJt72Zbjvbc-g6bJTdJunMMrEShwBH-QXNaWdgrSS3_xkMFQhFnap5TXRPOHekjGFa-khD_itmGpmCtpGOpQ3PaAJdFcH5s9NPJDqbhy4dI5H5uxFx1bG7nOLZmxhnHtfK2L5dpjdBE8myx6ErUgM2g4gMlHZxYyYnmOmbfCiUW0Dw3ecVQQF-y8VzmhJdouwUHJUtGaZL2OIdHwlKKHoQ3hizygJ6AexED_HJS2RjghOWOzDoGeqnOVoJZHj75YJ8kWFDq92phCfiOEJW7KPXF1O35C4k2eNuNOED3AusVmcLGkSaU-0joJ5QGbBUHni7OPJIwtd03kQzT7Da9zsbZcDT-AQ
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:ee00:15:3254:b140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
c8fcfadfca9c63e88967ce1fc0461253ac276675e6f9941c249f28bfa0bc03e5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de

Response headers

date
Sun, 17 Mar 2019 15:44:39 GMT
x-debug
cached
age
36505
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
status
200
cache-control
Public, max-age=101100
accept-ranges
bytes
content-encoding
gzip
access-control-allow-origin
*
x-amz-cf-id
cDQQ_ImGHzxB590IIXvV_Odozu6-XzzSkRyfqqYxQ7SsyBlpU85z4A==
via
1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
expires
Mon, 16 Mar 2020 19:48:00 GMT
concat.css?PCM-C0vNS8kv0k8sTdNPTCnWL07NyUktAtFlqXn-eal6xcnFxbZhqIoKckrTM_OKQfzg7Mw8sBo9IwNDSwNjQ1NDIxNTAA
static.afcdn.com/relde
1 KB
890 B
Stylesheet
General
Full URL
https://static.afcdn.com/relde/concat.css?PCM-C0vNS8kv0k8sTdNPTCnWL07NyUktAtFlqXn-eal6xcnFxbZhqIoKckrTM_OKQfzg7Mw8sBo9IwNDSwNjQ1NDIxNTAA
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:ee00:15:3254:b140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
53d0d333f90ed0798ce6bfdbd535169997f6fdae8ea0f8519d5ffa811a14c2b8

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 17 Mar 2019 20:15:25 GMT
content-encoding
gzip
age
7953
vary
Accept-Encoding
x-debug
cached
content-type
text/css; charset=UTF-8
status
200
cache-control
Public, max-age=95400
x-cache
Hit from cloudfront
accept-ranges
bytes
access-control-allow-origin
*
content-length
527
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
x-amz-cf-id
-RpoVM5_4YsLDi10nWeu7X52f0HdzQ0qH_kUxTU3hACdtLagRUO4JQ==
expires
Tue, 17 Mar 2020 00:18:45 GMT
blindfisch.gif
i.onmeda.de/nwl
43 B
376 B
Image
General
Full URL
https://i.onmeda.de/nwl/blindfisch.gif
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:path
/nwl/blindfisch.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 00:09:19 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Sat, 07 Feb 2009 13:08:38 GMT
server
nginx
age
354244
etag
"890059-2b-46253d5f12180"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
43
x-amz-cf-id
1kahv88bHdrPfKSzVjK_Ygdb1MxdCNGlmU2YOVYOTdNw9Ey49r9Q6g==
onmeda-min.js
i.onmeda.de/nav
234 KB
70 KB
Script
General
Full URL
https://i.onmeda.de/nav/onmeda-min.js
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d8d517059c12599921c80c6d1d1384689e8b6c5fab50c2c9d09dfa01956d5daf

Request headers

:path
/nav/onmeda-min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Mar 2019 12:49:51 GMT
content-encoding
gzip
last-modified
Mon, 11 Feb 2019 12:49:48 GMT
server
nginx
age
567773
etag
"89328a-3a89e-5819dbe69b300"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
x-amz-cf-id
dWGDqesXpRthkyWcGV02bYAOvaWjQGFZg-JPGMSTUbW4Ma9c0ATI_A==
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2750
date
Mon, 18 Mar 2019 01:46:54 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 18 Mar 2019 03:46:54 GMT
gtm.js?id=GTM-NX7FH6K
www.googletagmanager.com
71 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NX7FH6K
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
60213b75185ef3ebab637d66be08624fecbd58cf50cff6e653e901d88334a046
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 02:32:44 GMT
content-encoding
br
last-modified
Fri, 15 Mar 2019 00:54:05 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25819
x-xss-protection
1; mode=block
expires
Mon, 18 Mar 2019 02:32:44 GMT
id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=44326DF2572396FB7F000101%40AdobeOrg&d_nsid=0&ts=1552876364900
dpm.demdex.net
4 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=44326DF2572396FB7F000101%40AdobeOrg&d_nsid=0&ts=1552876364900
Requested by
Host: i.onmeda.de
URL: https://i.onmeda.de/nav/visitor_api_v1.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.182.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7c8d85bcff37a420c86e26eb8ae604fd13a4a81f89f671e5e44e05694db04027

Request headers

Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v021-01fd1f10e.edge-irl1.demdex.com 5.49.0.20190304124312 7ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
D1ZT9VZvStg=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.onmeda.de
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1336
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect?v=1&_v=j73&a=1009526552&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmeda.de%2F&ul=en-us&de=UTF-8&dt=Onmeda%20-%20Das%20Portal%20f%C3%BCr%20Medizin%20und%20Gesundheit%20-%20Onmeda.de&sd=24-bit&sr...
www.google-analytics.com
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=1009526552&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmeda.de%2F&ul=en-us&de=UTF-8&dt=Onmeda%20-%20Das%20Portal%20f%C3%BCr%20Medizin%20und%20Gesundheit%20-%20Onmeda.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=440265315&gjid=2032217277&cid=724388051.1552876365&tid=UA-32616126-1&_gid=460233226.1552876365&cd1=urlname%3DHomepage%3Bindex%3Dstartseite%3Bcid%3D0003299%3Bgoogle%3D0%3Bisinternal%3D0%3Bamp%3D0&cd2=cid%3D0003299&z=1589881232
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 06:40:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
762709
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545
www.google.de/ads
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&gjid=2032217277&_gid=460233226.1552876365&_u=IGBAgEAB~&z=1201105993
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 02:32:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Mar 2019 02:32:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
ad.71i.de/somtag/loader
344 KB
105 KB
Script
General
Full URL
https://ad.71i.de/somtag/loader/loader.js
Requested by
Host: static.afcdn.com
URL: https://static.afcdn.com/relde/concat.js?PCM-lVTJTsMwEP0ajo2S0iJx4MDWCyAQFb1WdjJxTJ0Zy0ub_j1JTRdQF-cymuW90Wz2DLAgczWcMF92srCtrPhGZdqB6ex5G7wPZvJt72Zbjvbc-g6bJTdJunMMrEShwBH-QXNaWdgrSS3_xkMFQhFnap5TXRPOHekjGFa-khD_itmGpmCtpGOpQ3PaAJdFcH5s9NPJDqbhy4dI5H5uxFx1bG7nOLZmxhnHtfK2L5dpjdBE8myx6ErUgM2g4gMlHZxYyYnmOmbfCiUW0Dw3ecVQQF-y8VzmhJdouwUHJUtGaZL2OIdHwlKKHoQ3hizygJ6AexED_HJS2RjghOWOzDoGeqnOVoJZHj75YJ8kWFDq92phCfiOEJW7KPXF1O35C4k2eNuNOED3AusVmcLGkSaU-0joJ5QGbBUHni7OPJIwtd03kQzT7Da9zsbZcDT-AQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.126 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1598ea08cda5d189aa63924c4666eabb317a5655c27104c92a5eed3bc95c12c9

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Mar 2019 09:19:37 GMT
Server
Apache
ETag
"561e4-583ce125475e3"
Vary
Accept-Encoding
P3P
policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin
*
Cache-Control
max-age=1449
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
107014
Expires
Mon, 18 Mar 2019 02:56:55 GMT
tx.io?st=medworld&cp=0-3299&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0009&i2=00090c4cd8fcba10b5c8f034c&ep=1580157896&vr=412&id=s9k4qs&i3=noc...
de.ioam.de
0
0

logo-de-claim.svg
i.onmeda.de/nav
16 KB
6 KB
Image
General
Full URL
https://i.onmeda.de/nav/logo-de-claim.svg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
1052e08af70e633116a4d9c07dee43a40772033c6374381c967cb496be81ad93

Request headers

:path
/nav/logo-de-claim.svg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://i.onmeda.de/nav/onmeda.css
:scheme
https
:method
GET
Referer
https://i.onmeda.de/nav/onmeda.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 17 Mar 2019 17:36:33 GMT
content-encoding
gzip
last-modified
Fri, 16 Mar 2018 13:22:06 GMT
server
Apache
age
41569
etag
"892e1f-3e6c-567877e9cbb80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
5955
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id
WpKjef7BsVFXIEww1s2wxprCL_J36waYwmGH1SEFZMm2sMvhFXXxag==
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin
https://www.onmeda.de

Response headers

date
Fri, 08 Mar 2019 23:23:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
788979
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8892
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 23:23:06 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin
https://www.onmeda.de

Response headers

date
Fri, 08 Mar 2019 20:21:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:39 GMT
server
sffe
age
799887
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8800
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 20:21:18 GMT
onmeda-icon-font.woff
i.onmeda.de/nav
9 KB
9 KB
Font
General
Full URL
https://i.onmeda.de/nav/onmeda-icon-font.woff
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:6c00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
929fd9b62d2c6fec3bd1a14c394ebc58bfd7ebc24e78a7c83cb075acb703aa37

Request headers

:path
/nav/onmeda-icon-font.woff
pragma
no-cache
origin
https://www.onmeda.de
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.onmeda.de
referer
https://i.onmeda.de/nav/onmeda.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://i.onmeda.de/nav/onmeda.css
Origin
https://www.onmeda.de

Response headers

date
Mon, 11 Mar 2019 10:33:17 GMT
content-encoding
gzip
age
575968
x-cache
Hit from cloudfront
status
200
content-length
8728
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 10:33:14 GMT
server
nginx
etag
"892e3e-2220-5819bd6032e80"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
via
1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
x-amz-cf-id
rRzh2VmPf8j_xiauN_H-Fjjf4z8BTj_ds0Z9Lmy88DrtBpMx9ExZ1w==
homepage-visual.jpg
i.onmeda.de/nav
20 KB
20 KB
Image
General
Full URL
https://i.onmeda.de/nav/homepage-visual.jpg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
b552c9f2dfb5fabe3c49dfa90c87efa10e305a886fa3e128c3388aa0af5c5add

Request headers

:path
/nav/homepage-visual.jpg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://i.onmeda.de/nav/onmeda.css
:scheme
https
:method
GET
Referer
https://i.onmeda.de/nav/onmeda.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Mar 2019 07:36:14 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Fri, 16 Mar 2018 13:11:16 GMT
server
Apache
age
586777
etag
"893281-4e74-5678757de8500"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
20084
x-amz-cf-id
QP-cf6zPBHwa-3JjVQeSPbXcmOPURKYNktRuIoZTWle4nqe3fynJeQ==
texgyreadventor-regular-webfont.woff
i.onmeda.de/nav
24 KB
24 KB
Font
General
Full URL
https://i.onmeda.de/nav/texgyreadventor-regular-webfont.woff
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:6c00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
f3eedf80f3052829cda1c34719886ac29030a9801bda53b23df6a2d293c7bcf3

Request headers

:path
/nav/texgyreadventor-regular-webfont.woff
pragma
no-cache
origin
https://www.onmeda.de
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.onmeda.de
referer
https://i.onmeda.de/nav/onmeda.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://i.onmeda.de/nav/onmeda.css
Origin
https://www.onmeda.de

Response headers

date
Tue, 12 Mar 2019 18:05:48 GMT
content-encoding
gzip
age
462421
x-cache
Hit from cloudfront
status
200
content-length
24242
access-control-allow-origin
*
last-modified
Wed, 21 Mar 2018 09:22:30 GMT
server
nginx
etag
"892dc1-5f24-567e8baf14180"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
via
1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
x-amz-cf-id
0dU6o6Ht49nygb2CQEaI7XVztXvsLSCwmWj8pjJ_LqE7boeAK-SMXw==
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin
https://www.onmeda.de

Response headers

date
Sat, 09 Mar 2019 02:13:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:48 GMT
server
sffe
age
778775
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8916
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 02:13:10 GMT
newsticker.png
i.onmeda.de/style
625 B
980 B
Image
General
Full URL
https://i.onmeda.de/style/newsticker.png
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
4aff37556e2cd14aa444e8a1f36c5a33914ea2a2588ade9859efbcb8e176e051

Request headers

:path
/style/newsticker.png
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://i.onmeda.de/nav/onmeda.css
:scheme
https
:method
GET
Referer
https://i.onmeda.de/nav/onmeda.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 17:18:55 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Fri, 18 Jan 2019 17:14:30 GMT
server
nginx
age
206131
etag
"8e2045-271-57fbea4dcc980"
status
200
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
625
x-amz-cf-id
9H3zo7iAqlzZdIObug1flMzfboGyo6t0cb4U9Ilf02HQFcr0AOHsbw==
181012_kv_magazin_newsletter.jpg
i.onmeda.de
43 KB
43 KB
Image
General
Full URL
https://i.onmeda.de/181012_kv_magazin_newsletter.jpg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
07c09e3c6851b8a4da1de3e0ef2a441fbecb31f1cee18efb82c1e95a39f36a7e

Request headers

:path
/181012_kv_magazin_newsletter.jpg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 17 Mar 2019 18:44:18 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Wed, 07 Nov 2018 10:08:09 GMT
server
nginx
age
28108
etag
"5973db-ac04-57a104b8ab440"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
44036
x-amz-cf-id
R7Wc8yaJwj90aeO-dlFJIgfTAJkU4oK25QpfbwEvmh3YoEAjx6jinw==
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v10
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v10/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin
https://www.onmeda.de

Response headers

date
Sat, 09 Mar 2019 00:34:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:33:41 GMT
server
sffe
age
784708
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13280
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 00:34:17 GMT
frau-joggt-im-park-500x283.jpg
i.onmeda.de
30 KB
31 KB
Image
General
Full URL
https://i.onmeda.de/frau-joggt-im-park-500x283.jpg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
ffe3d22af0345d19ff83398a5a95f7a71f79b3169ba4b2eff59ddc025f766b94

Request headers

:path
/frau-joggt-im-park-500x283.jpg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 09:27:29 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2019 15:44:17 GMT
server
nginx
age
234304
etag
"58c43f-78fc-5840fcb7e9640"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
30972
x-amz-cf-id
Ayea5X8nFhGH0vFT8yucxhmRnzVkg7bZ_jBOoodY37qPQ7pfLuFnFA==
trost-arbeit-500x283.jpg
i.onmeda.de
21 KB
21 KB
Image
General
Full URL
https://i.onmeda.de/trost-arbeit-500x283.jpg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
13acaa887dbd6ef4439b99487557d5d3d991ec57d58461e7485d16092f6667cf

Request headers

:path
/trost-arbeit-500x283.jpg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 08:13:38 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Wed, 14 Mar 2018 14:33:34 GMT
server
nginx
age
325135
etag
"598b5c-53d7-567604283ab80"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
21463
x-amz-cf-id
uTko6RPbE1t9ZMimeoDugMEJfU--Zk9GVwseHhpfQZ4IMATnSekIdA==
shisha-500x283.jpg
i.onmeda.de
62 KB
63 KB
Image
General
Full URL
https://i.onmeda.de/shisha-500x283.jpg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
f500f3de3849491370523ee769606da68708ede8d408466f06aeb51f6f7dfdda

Request headers

:path
/shisha-500x283.jpg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 10:56:21 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Tue, 12 Mar 2019 15:02:18 GMT
server
nginx
age
401772
etag
"58c2a1-f86f-583e6f9aaf280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
63599
x-amz-cf-id
BBVCue46yLuVQjFjrET-wR-ACVUzv--2j79cQtxOTk515PDxESYn9Q==
gesundes-sandwich-500x283.jpg
i.onmeda.de
32 KB
33 KB
Image
General
Full URL
https://i.onmeda.de/gesundes-sandwich-500x283.jpg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
4e9a82e07ab305f84af8fa203f60ec71e69142bb89bd6fd200fcc6ce3d37bd48

Request headers

:path
/gesundes-sandwich-500x283.jpg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 11:17:51 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Wed, 14 Mar 2018 14:33:33 GMT
server
nginx
age
486881
etag
"5986a5-80ba-5676042746940"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
32954
x-amz-cf-id
SC_-qGPP1QaLWErza11Hhn169p8Vxqe655UU4ikivicuzu6vA2WAQQ==
vitamin-c-serum-500x283.jpg
i.onmeda.de
69 KB
69 KB
Image
General
Full URL
https://i.onmeda.de/vitamin-c-serum-500x283.jpg
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
5c081d7a660942f44a349c66e17b6464f76dad5d717d962d29a92e244892a370

Request headers

:path
/vitamin-c-serum-500x283.jpg
pragma
no-cache
cookie
AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
i.onmeda.de
referer
https://www.onmeda.de/
:scheme
https
:method
GET
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Mar 2019 08:05:28 GMT
via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified
Tue, 06 Nov 2018 14:07:17 GMT
server
nginx
age
584824
etag
"59bf0c-1124c-579ff84e86f40"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800, s-maxage=604800
accept-ranges
bytes
content-length
70220
x-amz-cf-id
yLy8a85HdbHqul8CoM855vt2r0DqNzg90waolfYg3q_-WM_MVERhXg==
log.js
u.heatmap.it
26 KB
10 KB
Script
General
Full URL
https://u.heatmap.it/log.js
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ecded18536426e30f5af01e39779ff4f66c52fd762ba75729188b80e37f7cfac

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 02:32:46 GMT
content-encoding
br
last-modified
Thu, 25 Oct 2018 10:53:36 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"5bd1a0b0-6804"
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
status
200
cache-control
max-age=3600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
10194
expires
Sun, 10 Mar 2019 10:59:48 GMT
default.js
ad.71i.de/somtag/config/onmedade
6 KB
2 KB
Script
General
Full URL
https://ad.71i.de/somtag/config/onmedade/default.js
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.126 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
83f92a743ce5684cc072ecc38014f6a54c3a4bdbe056a71f3a9db0cb52008e95

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 16:05:52 GMT
Server
Apache
ETag
"161b-5838347cdfb3e"
Vary
Accept-Encoding
P3P
policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin
*
Cache-Control
max-age=2243
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
1459
Expires
Mon, 18 Mar 2019 03:10:09 GMT
default.css
ad.71i.de/somtag/config/onmedade
3 KB
1 KB
Stylesheet
General
Full URL
https://ad.71i.de/somtag/config/onmedade/default.css
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.126 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
67c7d33b290e6a98ea44eb937ac03e93800c9d0576b1be1229bcaa8e0252ae3e

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 16:05:52 GMT
Server
Apache
ETag
"b22-5838347cb72b7"
Vary
Accept-Encoding
P3P
policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin
*
Cache-Control
max-age=2144
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
617
Expires
Mon, 18 Mar 2019 03:08:30 GMT
rc?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade_content&nuggrid=&ios=0
71i.nuggad.net
1 KB
1 KB
Script
General
Full URL
https://71i.nuggad.net/rc?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade_content&nuggrid=&ios=0
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2a00:cd0:1005:2:80:82:201:80 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
9fa7695ec257bc37375f612a0af9d62824f655678136dcfd261d66207baf8ed4

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI DSP COR NID ADMa OTPa OUR NOR"
Status
200 OK
Cache-Control
no-store,no-cache
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=65
Expires
Wed, 18 Feb 2009 11:53:30 GMT
apstag.js
c.amazon-adsystem.com/aax2
66 KB
19 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
06042f6ac2063c8e23fcce2c7c64449bae470d34c4d46f97e145242158ef15f3

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 17 Mar 2019 16:37:18 GMT
Content-Encoding
gzip
Server
Server
Age
35737
ETag
179e41b046d5f974d2586d066c70d87e
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
j6OvbbLOmc6k2HDK6blMIFgBGVWKUZe5KkhgptoJInSc1S6_9PMaWg==
m?dt_id=15233&ext_id=6669553206706174101
ad.yieldlab.net
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=1
  • https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

Location
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101
Date
Mon, 18 Mar 2019 02:32:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
learn?tagid=V2_343&src.rand=1552876366382&src.id=SOM
de-gmtdmp.mookie1.com/t/v2
43 B
673 B
Image
General
Full URL
https://de-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_343&src.rand=1552876366382&src.id=SOM
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.82.173 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-82-173.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:46 GMT
Server
Apache
P3P
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
X-Application-Context
application
Expires
Thu, 01 Jan 1970 00:00:00 GMT
www.onmeda.de.js
u.heatmap.it/conf
1 KB
684 B
Script
General
Full URL
https://u.heatmap.it/conf/www.onmeda.de.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
278c9f4b8fd66182a65c9571d08246a40e58b5a390de266ad2f0b089258cad93

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 02:32:46 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=300
x-cdn-pop
sbg
accept-ranges
bytes
content-length
457
expires
Mon, 18 Mar 2019 02:34:59 GMT
pv?pid=19&u=https%3A%2F%2Fwww.onmeda.de%2F%23desktop&tpl=.&pt=Onmeda%20-%20Das%20Portal%20f%C3%BCr%20Medizin%20und%20Gesundheit%20-%20Onmeda.de&t=854642
eu6.heatmap.it/log
0
212 B
Image
General
Full URL
https://eu6.heatmap.it/log/pv?pid=19&u=https%3A%2F%2Fwww.onmeda.de%2F%23desktop&tpl=.&pt=Onmeda%20-%20Das%20Portal%20f%C3%BCr%20Medizin%20und%20Gesundheit%20-%20Onmeda.de&t=854642
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.202.74.47 , France, ASN16276 (OVH, FR),
Reverse DNS
eu6.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:48 GMT
Cache-Control
no-cache
Expires
Mon, 18 Mar 2019 02:32:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
data:truncated
data:truncated
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Response headers

Content-Type
image/png
syncuid?dpid=3244&uid=6669553206706239637&o=ul
ad-sync.nuggad.net
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fad-sync.nuggad.net%2Fsyncuid%3Fdpid%3D3244%26uid%3D%25%25COOKIE%25%25%26o%3Dul
  • https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul
0
494 B
Image
General
Full URL
https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
80.82.201.86 Berlin, Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
pbtngs-nuggad.unbelievable-machine.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204 No Content
date
Mon, 18 Mar 2019 02:32:46 GMT
cache-control
no-store,no-cache
server
Apache
Connection
close
p3p
CP="NOI DSP COR NID ADMa OTPa OUR NOR"

Redirect headers

Location
https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul
Date
Mon, 18 Mar 2019 02:32:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
getuid?dpid=5763&url=https%3A%2F%2Fdmp.theadex.com%2Fd%2Fcm.gif%3Faxd_pid%3D34%26axd_fuid%3D%24UID%26axd_cuid%3D257%26cb%3Dhttps%253A%252F%252Faxdsnc-sync.nuggad.net%252Fsyncuid%253Fdpid%253D5763%2...
axdget-sync.nuggad.net
0
382 B
Image
General
Full URL
https://axdget-sync.nuggad.net/getuid?dpid=5763&url=https%3A%2F%2Fdmp.theadex.com%2Fd%2Fcm.gif%3Faxd_pid%3D34%26axd_fuid%3D%24UID%26axd_cuid%3D257%26cb%3Dhttps%253A%252F%252Faxdsnc-sync.nuggad.net%252Fsyncuid%253Fdpid%253D5763%2526uid%253D%257B%257BUUID%257D%257D%2526o%253Dlu
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
80.82.201.94 Berlin, Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204 No Content
date
Mon, 18 Mar 2019 02:32:47 GMT
cache-control
no-store,no-cache
server
Apache
Connection
close
location
https://dmp.theadex.com/d/cm.gif?axd_pid=34&axd_fuid=$UID&axd_cuid=257&cb=https%3A%2F%2Faxdsnc-sync.nuggad.net%2Fsyncuid%3Fdpid%3D5763%26uid%3D%7B%7BUUID%7D%7D%26o%3Dlu
p3p
CP="NOI DSP COR NID ADMa OTPa OUR NOR"
2x2?&ts=1552876366702
ad.yieldlab.net/d/724079/6629
3 KB
2 KB
Script
General
Full URL
https://ad.yieldlab.net/d/724079/6629/2x2?&ts=1552876366702
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d30db445af5d7b51a6433c18708b40e42b1185c1fae1922e89a76101d87bd7a2

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Language
de-DE
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
1042
Expires
Sun, 17 Mar 2019 02:32:47 GMT
7526572,7526644,7526012,7526627,7526293,7526019?t=d1%3D2%26d15%3D2%26d3%3D1%26d4%3D7%26d8%3D2%26d9%3D1%26d10%3D3%26d12%3D4%26d16%3D1%26d17%3D1%26d20%3D0%26i2%3D3%26i50%3D1%26i18%3D1%26i3%3D1%26i8%3...
probe.yieldlab.net/yp
2 B
894 B
Fetch
General
Full URL
https://probe.yieldlab.net/yp/7526572,7526644,7526012,7526627,7526293,7526019?t=d1%3D2%26d15%3D2%26d3%3D1%26d4%3D7%26d8%3D2%26d9%3D1%26d10%3D3%26d12%3D4%26d16%3D1%26d17%3D1%26d20%3D0%26i2%3D3%26i50%3D1%26i18%3D1%26i3%3D1%26i8%3D1%26i9%3D1%26i10%3D1%26i11%3D1%26i13%3D1%26i15%3D1%26i17%3D1%26i20%3D1%26i21%3D1%26i26%3D1%26i41%3D1%26i44%3D1%26i46%3D1%26i52%3D1%26i53%3D1%26i54%3D1%26n3%3D0%26n5%3D0%26n8%3D1%26n9%3D1&ts=1552876366703&json=true
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:53 GMT
Content-Encoding
gzip
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Language
de-DE
Access-Control-Allow-Origin
https://www.onmeda.de
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
22
Expires
Sun, 17 Mar 2019 02:32:53 GMT
m?dt_id=15233&ext_id=6669553206706239637
ad.yieldlab.net
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=1
  • https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

Location
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637
Date
Mon, 18 Mar 2019 02:32:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
usermatch.gif?partner=activeagent&partner_uid=6669553206706239637
beacon.krxd.net
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dactiveagent%26partner_uid%3D%25%25COOKIE%25%25
  • https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637
0
453 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.163.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-163-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Mar 2019 02:32:52 GMT
Cache-Control
private, no-cache, no-store
X-Request-Time
D=72 t=1552876372
Connection
keep-alive
X-Served-By
beacon-n048-dub.krxd.net
P3P
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637
Date
Mon, 18 Mar 2019 02:32:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637
dmp.theadex.com/d/817/i
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?dmp=1&xxx=817
  • https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6669553206706239637
  • https://dmp.theadex.com/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637
43 B
414 B
Image
General
Full URL
https://dmp.theadex.com/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.163.159.112 Hattersheim, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 02:32:51 GMT
last-modified
Mon, 18 Mar 2019 02:32:51 GMT
server
nginx
p3p
CP="CAO PSA OUR"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-transfer-encoding
binary
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Mon, 18 Mar 2019 02:32:51 GMT
access-control-allow-credentials
true
server
nginx
p3p
CP="CAO PSA OUR"
location
https://dmp.theadex.com:443/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637
content-type
text/html; charset=UTF-8
collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D&bounced=1&rn=688898
dx.bigsea.weborama.com
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fuip.semasio.net%2Fadition%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dyl
  • https://uip.semasio.net/adition/1/info?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl
  • https://uip.semasio.net/adition/1/info2?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl
  • https://id5-sync.com/s/112/3892732E7B94EAD5/9.gif
  • https://id5-sync.com/c/112/112/9/1.gif?puid=3892732E7B94EAD5
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/112/2/8/2.gif?puid=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F112%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
  • https://id5-sync.com/c/112/2/8/2.gif?puid=8918002428308088464
  • https://ws1.rqtrk.eu/pull?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F145%2F7%2F3.gif%3Fpuid%3D%24BROWSER_ID&return-unstable=true
  • https://id5-sync.com/c/112/145/7/3.gif?puid=00000000-0000-0000-0000-000000000000
  • https://ml314.com/utsync.ashx?eid=68339&et=0&return=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F152%2F6%2F4.gif%3Fpuid%3D%5BPersonID%5D
  • https://id5-sync.com/c/112/152/6/4.gif?puid=5978151465082548541
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D
  • https://id5-sync.com/c/112/10/5/5.gif?puid=773800178618479847
  • https://target.digitalaudience.io/bakery/sync/d?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F21%2F4%2F6.gif%3Fpuid%3D%5BUID%5D
  • https://id5-sync.com/c/112/21/4/6.gif?puid=f000e6556a0744198ac3031e608d10e0
  • https://pixel.onaudience.com/?partner=146&smartmap=1&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F22%2F3%2F7.gif%3Fpuid%3D%25s
  • https://id5-sync.com/c/112/22/3/7.gif?puid=bb919e7aebd25213
  • https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D
  • https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D&bounced=1&rn=688898
0
0

m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1
ad.yieldlab.net
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Mar 2019 02:32:47 GMT
server
HTTP server (unknown)
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
288
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46
ad.yieldlab.net
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1
  • https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Mar 2019 02:32:47 GMT
x-aspnet-version
4.0.30319
location
https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
193
m?dt_id=140420&ext_id=4533891867985555179
ad.yieldlab.net
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID
  • https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:49 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:49 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:51 GMT
AN-X-Request-Uuid
95ccd315-4b1d-4f88-9f8e-c153b3969139
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.130.184.115; 185.130.184.115; 154.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.14:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
m?dt_id=4879&ext_id=8690720617745938100
ad.yieldlab.net
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=6
  • https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:48 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Mar 2019 02:32:47 GMT
server
nginx
access-control-allow-origin
*
location
https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100
status
302
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870
ad.yieldlab.net
Redirect Chain
  • https://a.twiago.com/rtb/usermatch.php?umid=1&call_type=redirect&rtbprovider=empty&redirecturl=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D35250%26ext_id%3D%25userid%25
  • https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:51 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:51 GMT

Redirect headers

Location
https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870
Date
Mon, 18 Mar 2019 02:32:51 GMT
Server
Apache
Content-Type
text/html; charset=ISO-8859-1
Content-Length
0
P3P
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55
ad.yieldlab.net
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldlab
  • https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=109b85cb-7772-4291-9174-8e69f5f3f53b&ssp=yieldlab
  • https://ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:56 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:56 GMT

Redirect headers

Date
Mon, 18 Mar 2019 02:32:56 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
m?dt_id=6035831&ext_id=1041527792985866636
ad.yieldlab.net
Redirect Chain
  • https://p.rfihub.com/cm?pub=19593&in=1
  • https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:33:05 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:33:05 GMT

Redirect headers

Location
https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636
Server
Jetty(9.0.6.v20130930)
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93
ad.yieldlab.net
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D
  • https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct
  • https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93
0
495 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:59 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:59 GMT

Redirect headers

Date
Mon, 18 Mar 2019 02:32:59 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Mar 2019 02:32:58 GMT
m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-
ad.yieldlab.net
Redirect Chain
  • https://ad.yieldlab.net/mr?t=2&pid=5222173
  • https://pr-bh.ybp.yahoo.com/sync/yieldlab/5bec4811-d3bc-4349-9acb-2135ea89df0b
  • http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-
0
495 B
Image
General
Full URL
http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:52 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Sun, 17 Mar 2019 02:32:52 GMT

Redirect headers

date
Mon, 18 Mar 2019 02:32:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
location
http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
status
302
x-content-type-options
nosniff
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
info
ad.yieldlab.net
76 B
944 B
XHR
General
Full URL
https://ad.yieldlab.net/info
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-68-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07888b13933b219e6e4953f4c3c9cb85f5ef704e923026d6345d417ec6269661

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de

Response headers

Pragma
no-cache
Date
Mon, 18 Mar 2019 02:32:48 GMT
Content-Encoding
gzip
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Language
de-DE
Access-Control-Allow-Origin
https://www.onmeda.de
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
92
Expires
Sun, 17 Mar 2019 02:32:48 GMT
monitor-targeting
cerberus.sqrt-5041.de/somtag/logs
0
185 B
Fetch
General
Full URL
https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-109-215.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.onmeda.de
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

status
204
date
Mon, 18 Mar 2019 02:33:03 GMT
access-control-allow-headers
content-type
access-control-allow-origin
*
x-powered-by
Express
vary
Access-Control-Request-Headers
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.221.90 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-221-90.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de

Response headers

Date
Sun, 17 Mar 2019 20:11:23 GMT
Content-Encoding
gzip
Vary
Origin
Age
22895
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 24 Aug 2018 07:13:51 GMT
Server
AmazonS3
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 be3a2ea70ea68d04665ee5db91a73443.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Id
y-rOWZWoxBvH-JEBEVGPs031k4NOwbscDvsSNCUQ7ZwZlc78CeBCjA==
bid?src=3287&u=https%3A%2F%2Fwww.onmeda.de%2F&pid=2364407832421552876376996&cb=8453834746751552876376998&ws=1600x1200&v=7.27.00&t=2000&slots=%5B%7B%22sd%22%3A%22fullbanner2%22%2C%22s%22%3A%5B%22468...
aax.amazon-adsystem.com/e/dtb
47 B
342 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3287&u=https%3A%2F%2Fwww.onmeda.de%2F&pid=2364407832421552876376996&cb=8453834746751552876376998&ws=1600x1200&v=7.27.00&t=2000&slots=%5B%7B%22sd%22%3A%22fullbanner2%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Fother%2Ffullbanner2%22%7D%2C%7B%22sd%22%3A%22rectangle1%22%2C%22s%22%3A%5B%22%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Fother%2Frectangle1%22%7D%2C%7B%22sd%22%3A%22skyscraper1%22%2C%22s%22%3A%5B%22%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Fother%2Fskyscraper1%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22cmpTimeout%22%3A200%2C%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
7dbf39a373ae2fdd84f934915b710fcc69b17ab26c4054e3a8f15678799a49e2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de

Response headers

Date
Mon, 18 Mar 2019 02:32:58 GMT
Server
Server
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
https://www.onmeda.de
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
47
monitor-targeting
cerberus.sqrt-5041.de/somtag/logs
35 B
317 B
Fetch
General
Full URL
https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-109-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 18 Mar 2019 02:33:03 GMT
x-content-type-options
nosniff
status
200
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
35
x-xss-protection
1; mode=block
monitor-targeting
cerberus.sqrt-5041.de/somtag/logs
0
185 B
Fetch
General
Full URL
https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting
Requested by
Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-109-215.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.onmeda.de
Referer
https://www.onmeda.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

status
204
date
Mon, 18 Mar 2019 02:33:06 GMT
access-control-allow-headers
content-type
access-control-allow-origin
*
x-powered-by
Express
vary
Access-Control-Request-Headers
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
monitor-targeting
cerberus.sqrt-5041.de/somtag/logs
35 B
317 B
Fetch
General
Full URL
https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting
Requested by
Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-109-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmeda.de/
Origin
https://www.onmeda.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 18 Mar 2019 02:33:06 GMT
x-content-type-options
nosniff
status
200
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
35
x-xss-protection
1; mode=block

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://onmeda.de/
  • http://www.onmeda.de/
  • https://www.onmeda.de/
Request 15
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&gjid=2032217277&_gid=460233226.1552876365&_u=IGBAgEAB~&z=1201105993
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545
Request 38
  • https://dsp.adfarm1.adition.com/cookie/?ssp=1
  • https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101
Request 43
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fad-sync.nuggad.net%2Fsyncuid%3Fdpid%3D3244%26uid%3D%25%25COOKIE%25%25%26o%3Dul
  • https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul
Request 47
  • https://dsp.adfarm1.adition.com/cookie/?ssp=1
  • https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637
Request 48
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dactiveagent%26partner_uid%3D%25%25COOKIE%25%25
  • https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637
Request 49
  • https://dsp.adfarm1.adition.com/cookie/?dmp=1&xxx=817
  • https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6669553206706239637
  • https://dmp.theadex.com/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637
Request 50
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fuip.semasio.net%2Fadition%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dyl
  • https://uip.semasio.net/adition/1/info?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl
  • https://uip.semasio.net/adition/1/info2?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl
  • https://id5-sync.com/s/112/3892732E7B94EAD5/9.gif
  • https://id5-sync.com/c/112/112/9/1.gif?puid=3892732E7B94EAD5
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/112/2/8/2.gif?puid=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F112%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
  • https://id5-sync.com/c/112/2/8/2.gif?puid=8918002428308088464
  • https://ws1.rqtrk.eu/pull?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F145%2F7%2F3.gif%3Fpuid%3D%24BROWSER_ID&return-unstable=true
  • https://id5-sync.com/c/112/145/7/3.gif?puid=00000000-0000-0000-0000-000000000000
  • https://ml314.com/utsync.ashx?eid=68339&et=0&return=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F152%2F6%2F4.gif%3Fpuid%3D%5BPersonID%5D
  • https://id5-sync.com/c/112/152/6/4.gif?puid=5978151465082548541
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D
  • https://id5-sync.com/c/112/10/5/5.gif?puid=773800178618479847
  • https://target.digitalaudience.io/bakery/sync/d?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F21%2F4%2F6.gif%3Fpuid%3D%5BUID%5D
  • https://id5-sync.com/c/112/21/4/6.gif?puid=f000e6556a0744198ac3031e608d10e0
  • https://pixel.onaudience.com/?partner=146&smartmap=1&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F22%2F3%2F7.gif%3Fpuid%3D%25s
  • https://id5-sync.com/c/112/22/3/7.gif?puid=bb919e7aebd25213
  • https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D
  • https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D&bounced=1&rn=688898
Request 51
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1
Request 52
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1
  • https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46
Request 53
  • https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID
  • https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179
Request 54
  • https://c1.adform.net/serving/cookie/match?party=6
  • https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100
Request 55
  • https://a.twiago.com/rtb/usermatch.php?umid=1&call_type=redirect&rtbprovider=empty&redirecturl=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D35250%26ext_id%3D%25userid%25
  • https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870
Request 56
  • https://x.bidswitch.net/sync?ssp=yieldlab
  • https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=109b85cb-7772-4291-9174-8e69f5f3f53b&ssp=yieldlab
  • https://ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55
Request 57
  • https://p.rfihub.com/cm?pub=19593&in=1
  • https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636
Request 58
  • https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D
  • https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct
  • https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93
Request 59
  • https://ad.yieldlab.net/mr?t=2&pid=5222173
  • https://pr-bh.ybp.yahoo.com/sync/yieldlab/5bec4811-d3bc-4349-9acb-2135ea89df0b
  • http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
de.ioam.de
URL
https://de.ioam.de/tx.io?st=medworld&cp=0-3299&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0009&i2=00090c4cd8fcba10b5c8f034c&ep=1580157896&vr=412&id=s9k4qs&i3=nocookie&n1=5&dntt=0&lt=1552876365138&ev=&cs=dqim7u&mo=1
Domain
dx.bigsea.weborama.com
URL
https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D&bounced=1&rn=688898

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| ads function| af_gaqTrackEvent function| docReady string| GoogleAnalyticsObject function| ga string| szmvars object| iom object| dataLayer boolean| A boolean| B function| Visitor function| DIL boolean| af_consentInternetTargeting undefined| customCookieData object| omf_datalayer object| partnerDIL object| af_dataLayer object| s_c_il number| s_c_in string| sas_formatIds number| sas_pageId string| sas_dfpPageId string| sas_target object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| defclass function| extend object| AufBid function| af_logError function| af_getHashParams function| af_isEmpty function| af_getCookie function| af_setCookie function| af_setSessionCookie function| af_setPermCookie function| af_cleanCookie function| af_guid function| af_bind function| af_push function| af_clone function| af_addEvent function| af_windowSize function| af_findPos object| af_cssUtils function| af_percentInViewport function| af_isInViewport undefined| _isIOS function| af_isIOS function| af_findAncestor object| af_userAgent function| af_isMobile function| af_isTablet function| af_getDFPFormattedKeywords function| af_refreshAds function| afAd_removeFromFormatIds object| Aflog function| AufSession object| AufPrebid object| googletag object| pbjs object| AufAds object| PubSub object| bowser object| afLogger object| aflogQueue function| HeaderBidder function| pbjsChunk object| __core-js_shared__ object| afAdQueue object| afSession number| aufAdStartTime object| aufAdtechParams object| somtag object| afAd object| aufbidjsParams object| iam_data function| postscribe object| google_tag_manager undefined| newstickerHTML function| ntClick function| detectIE function| footerTocUpdateButton function| addPagingInfo boolean| version object| images object| collapseTrigger object| windowElem object| rootElems object| menuContainer object| menuIcon object| menuItem object| teaser number| websiteWidth number| minWidthForAsideToc object| sidebar object| article object| articleToc object| prevNextButtons undefined| $el undefined| $headline undefined| bottomToc undefined| bottomTocHeadline number| windowElemHeight object| backToTopLink number| windowHeight number| onGridGutterWidth object| mainArticleToc undefined| mainArticleTocHeight object| asideArticleToc object| lastElementInContent object| topBanner undefined| topBannerHeight object| asideMediumRectangle object| footer object| header number| headerHeight object| mainContentArea number| maxWidthForFooterToc object| footerToc object| overlay object| button undefined| footerTocStatus undefined| articleTocCopy object| asideToc object| sliderWidth3Teasers object| sliderArticleGallery object| pagingSlider object| calendarSlider number| breakpointMd number| breakpointLg string| searchInputSelector string| resultListSelector object| quizForm undefined| quizFormAction object| quizFormSubmitButton object| quizQuestionContainer object| quizAnswerContainer object| quizAmountRightAnswers object| quizAmountWrongAnswers undefined| quizFormActionNew object| pregnancyCalendar undefined| calculationMethod object| scrollableTableContainer object| table undefined| th_data object| imageModal object| Modernizr function| $ function| jQuery function| Popper function| Headroom object| bootstrap object| onmeda object| $ADP object| heatmap object| heatmap_ext number| max string| nuggdfp string| nuggcdp object| nuggadios boolean| nuggadsafari string| nugg_prtcl object| apstag

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

71i.nuggad.net
a.twiago.com
a.volvelle.tech
aax.amazon-adsystem.com
ad-sync.nuggad.net
ad.71i.de
ad.yieldlab.net
axdget-sync.nuggad.net
beacon.krxd.net
c.amazon-adsystem.com
c1.adform.net
cerberus.sqrt-5041.de
cm.g.doubleclick.net
de-gmtdmp.mookie1.com
de.ioam.de
dmp.theadex.com
dpm.demdex.net
dsp.adfarm1.adition.com
dx.bigsea.weborama.com
eu6.heatmap.it
fonts.googleapis.com
fonts.gstatic.com
i.onmeda.de
ib.adnxs.com
match.adsrvr.org
onmeda.de
p.rfihub.com
pr-bh.ybp.yahoo.com
probe.yieldlab.net
script.ioam.de
static.afcdn.com
stats.g.doubleclick.net
sync.mathtag.com
u.heatmap.it
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.onmeda.de
x.bidswitch.net
de.ioam.de
dx.bigsea.weborama.com
104.109.68.123
13.32.221.90
146.148.8.25
149.202.74.47
176.34.134.126
18.153.11.9
18.194.109.215
18.195.82.173
185.29.135.227
185.31.128.128
2.18.233.126
216.58.210.2
2600:9000:200d:6c00:14:3756:4880:93a1
2600:9000:200d:da00:14:3756:4880:93a1
2600:9000:200d:ee00:15:3254:b140:93a1
2a00:1288:110:c205::2000
2a00:1450:4001:808::2008
2a00:1450:4001:816::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9d
2a00:cd0:1005:2:80:82:201:80
37.157.4.40
37.252.172.70
46.105.202.39
52.17.182.129
52.94.220.16
54.247.163.81
78.35.17.134
80.82.201.86
80.82.201.94
85.114.159.118
85.114.159.93
85.215.5.31
89.163.159.112
91.215.103.64
99.86.1.198
05e53e8c100f573bb743785b2f21dab97ca1f13511313955c2178930c950143b
06042f6ac2063c8e23fcce2c7c64449bae470d34c4d46f97e145242158ef15f3
07888b13933b219e6e4953f4c3c9cb85f5ef704e923026d6345d417ec6269661
07c09e3c6851b8a4da1de3e0ef2a441fbecb31f1cee18efb82c1e95a39f36a7e
1052e08af70e633116a4d9c07dee43a40772033c6374381c967cb496be81ad93
13acaa887dbd6ef4439b99487557d5d3d991ec57d58461e7485d16092f6667cf
1598ea08cda5d189aa63924c4666eabb317a5655c27104c92a5eed3bc95c12c9
21b6f9f75b9afad52abc2b6139f274e75b09a8ad025bd8e306cc454ba54f1db6
278c9f4b8fd66182a65c9571d08246a40e58b5a390de266ad2f0b089258cad93
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4aff37556e2cd14aa444e8a1f36c5a33914ea2a2588ade9859efbcb8e176e051
4e9a82e07ab305f84af8fa203f60ec71e69142bb89bd6fd200fcc6ce3d37bd48
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f67c6cfea019a5dccfd7a97ca95b475dfea0ab3576c0b6140f4c5f5e4baf004
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
53d0d333f90ed0798ce6bfdbd535169997f6fdae8ea0f8519d5ffa811a14c2b8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c081d7a660942f44a349c66e17b6464f76dad5d717d962d29a92e244892a370
5e5d1c1a6a3bf463c47aee99657f8ff9ac52c4fb4d9ca0365c301ff5d8b3ad3d
60213b75185ef3ebab637d66be08624fecbd58cf50cff6e653e901d88334a046
67c7d33b290e6a98ea44eb937ac03e93800c9d0576b1be1229bcaa8e0252ae3e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
7243dc6bcdd3c2e324fbc29c6e969e0a7504646b21045b4817556dd26fb20243
7c8d85bcff37a420c86e26eb8ae604fd13a4a81f89f671e5e44e05694db04027
7dbf39a373ae2fdd84f934915b710fcc69b17ab26c4054e3a8f15678799a49e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f92a743ce5684cc072ecc38014f6a54c3a4bdbe056a71f3a9db0cb52008e95
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
929fd9b62d2c6fec3bd1a14c394ebc58bfd7ebc24e78a7c83cb075acb703aa37
9fa7695ec257bc37375f612a0af9d62824f655678136dcfd261d66207baf8ed4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
abbc2629de69cc04fbe8877a17db1385137a65db1e887b17c8da76b174801897
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b552c9f2dfb5fabe3c49dfa90c87efa10e305a886fa3e128c3388aa0af5c5add
c8fcfadfca9c63e88967ce1fc0461253ac276675e6f9941c249f28bfa0bc03e5
d30db445af5d7b51a6433c18708b40e42b1185c1fae1922e89a76101d87bd7a2
d8d517059c12599921c80c6d1d1384689e8b6c5fab50c2c9d09dfa01956d5daf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecded18536426e30f5af01e39779ff4f66c52fd762ba75729188b80e37f7cfac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dfb1c8c86c4324c5fcae73b0ffb6528bf6a2bad42414276fa056bd0e8e6435
f3eedf80f3052829cda1c34719886ac29030a9801bda53b23df6a2d293c7bcf3
f500f3de3849491370523ee769606da68708ede8d408466f06aeb51f6f7dfdda
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
ffe3d22af0345d19ff83398a5a95f7a71f79b3169ba4b2eff59ddc025f766b94