www.onmeda.de Open in urlscan Pro
78.35.17.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://onmeda.de/
Effective URL:
https://www.onmeda.de/
Submission: On March 18 via automatic, source alexatop100k (March 18th 2019, 2:33:20 am UTC)

Summary HTTP 66 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 26 IPs in 9 countries across 31 domains to perform 66 HTTP transactions. The main IP is 78.35.17.134, located in Cologne, Germany and belongs to NETCOLOGNE, DE. The main domain is www.onmeda.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 7th 2019. Valid for: a year.

This is the only time www.onmeda.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	78.35.17.134 78.35.17.134	8422 (NETCOLOGNE) (NETCOLOGNE)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
15	2600:9000:200... 2600:9000:200d:da00:14:3756:4880:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
2	2600:9000:200... 2600:9000:200d:ee00:15:3254:b140:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.17.182.129 52.17.182.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2.18.233.126 2.18.233.126	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:200... 2600:9000:200d:6c00:14:3756:4880:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	46.105.202.39 46.105.202.39	16276 (OVH) (OVH)
1	2a00:cd0:1005... 2a00:cd0:1005:2:80:82:201:80	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
1	99.86.1.198 99.86.1.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS) (MYLOC-AS)
1 15	104.109.68.123 104.109.68.123	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.195.82.173 18.195.82.173	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	149.202.74.47 149.202.74.47	16276 (OVH) (OVH)
1	80.82.201.86 80.82.201.86	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
1	80.82.201.94 80.82.201.94	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
3 3	85.114.159.93 85.114.159.93	24961 (MYLOC-AS) (MYLOC-AS)
1	54.247.163.81 54.247.163.81	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	89.163.159.112 89.163.159.112	24961 (MYLOC-AS) (MYLOC-AS)
1 1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	176.34.134.126 176.34.134.126	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	37.252.172.70 37.252.172.70	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1 1	85.215.5.31 85.215.5.31	6724 (STRATO ST...) (STRATO STRATO AG)
3 3	18.153.11.9 18.153.11.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	146.148.8.25 146.148.8.25	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	185.31.128.128 185.31.128.128	54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.)
2 2	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
1 1	2a00:1288:110... 2a00:1288:110:c205::2000	34010 (YAHOO-IRD) (YAHOO-IRD)
4	18.194.109.215 18.194.109.215	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.32.221.90 13.32.221.90	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.94.220.16 52.94.220.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
66	26

3 78.35.17.134 (Cologne, Germany) 2 redirects

ASN8422 (NETCOLOGNE, DE)
PTR: www.onmeda.de

onmeda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.onmeda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:200d:da00:14:3756:4880:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

i.onmeda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200d:ee00:15:3254:b140:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.afcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.182.129 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-182-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.126 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-126.deploy.static.akamaitechnologies.com

ad.71i.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200d:6c00:14:3756:4880:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

i.onmeda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.39 (France)

ASN16276 (OVH, FR)

u.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:cd0:1005:2:80:82:201:80 (Germany)

ASN48173 (UNBELIEVABLE-AS, DE)

71i.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.198 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-1-198.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.109.68.123 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-68-123.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
probe.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.82.173 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-82-173.eu-central-1.compute.amazonaws.com

de-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.74.47 (France)

ASN16276 (OVH, FR)
PTR: eu6.heatmap.it

eu6.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.201.86 (Berlin, Germany)

ASN48173 (UNBELIEVABLE-AS, DE)
PTR: pbtngs-nuggad.unbelievable-machine.net

ad-sync.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.201.94 (Berlin, Germany)

ASN48173 (UNBELIEVABLE-AS, DE)

axdget-sync.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.93 (Germany) 3 redirects

ASN24961 (MYLOC-AS, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.163.81 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-163-81.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.159.112 (Hattersheim, Germany) 1 redirects

ASN24961 (MYLOC-AS, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.134.126 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-134-126.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.70 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 154.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany) 1 redirects

ASN6724 (STRATO STRATO AG, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.153.11.9 (Cambridge, United States) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-9.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.148.8.25 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 25.8.148.146.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.31.128.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.227 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c205::2000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.109.215 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-109-215.eu-central-1.compute.amazonaws.com

cerberus.sqrt-5041.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.221.90 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-221-90.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.220.16 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	onmeda.de 2 redirects onmeda.de www.onmeda.de i.onmeda.de	464 KB
15	yieldlab.net 1 redirects ad.yieldlab.net probe.yieldlab.net	9 KB
5	adition.com 5 redirects dsp.adfarm1.adition.com	2 KB
4	sqrt-5041.de cerberus.sqrt-5041.de	1004 B
4	gstatic.com fonts.gstatic.com	39 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	amazon-adsystem.com c.amazon-adsystem.com aax.amazon-adsystem.com	23 KB
3	nuggad.net 71i.nuggad.net ad-sync.nuggad.net axdget-sync.nuggad.net	2 KB
3	heatmap.it u.heatmap.it eu6.heatmap.it	11 KB
3	71i.de ad.71i.de	108 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	834 B
2	theadex.com 1 redirects dmp.theadex.com	696 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	292 B
2	google-analytics.com www.google-analytics.com	17 KB
2	afcdn.com static.afcdn.com	140 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	90 B
1	rfihub.com 1 redirects p.rfihub.com	683 B
1	twiago.com 1 redirects a.twiago.com	542 B
1	adform.net 1 redirects c1.adform.net	189 B
1	krxd.net beacon.krxd.net	453 B
1	mookie1.com de-gmtdmp.mookie1.com	673 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	demdex.net dpm.demdex.net	2 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	ioam.de script.ioam.de de.ioam.de Failed	10 KB
1	googleapis.com fonts.googleapis.com	848 B
0	weborama.com Failed dx.bigsea.weborama.com Failed
66	31

	Domain	Requested by
17	i.onmeda.de	www.onmeda.de
14	ad.yieldlab.net	1 redirects www.onmeda.de ad.71i.de
5	dsp.adfarm1.adition.com	5 redirects
4	cerberus.sqrt-5041.de	ad.71i.de www.onmeda.de
4	fonts.gstatic.com	www.onmeda.de
3	x.bidswitch.net	3 redirects
3	ad.71i.de	static.afcdn.com ad.71i.de
2	sync.mathtag.com	2 redirects
2	a.volvelle.tech	2 redirects
2	ib.adnxs.com	2 redirects
2	match.adsrvr.org	2 redirects
2	dmp.theadex.com	1 redirects www.onmeda.de
2	c.amazon-adsystem.com	ad.71i.de c.amazon-adsystem.com
2	u.heatmap.it	www.onmeda.de u.heatmap.it
2	www.google-analytics.com	www.onmeda.de
2	static.afcdn.com	www.onmeda.de
2	www.onmeda.de	1 redirects
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	p.rfihub.com	1 redirects
1	a.twiago.com	1 redirects
1	c1.adform.net	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	beacon.krxd.net	www.onmeda.de
1	probe.yieldlab.net	ad.71i.de
1	axdget-sync.nuggad.net	www.onmeda.de
1	ad-sync.nuggad.net	www.onmeda.de
1	eu6.heatmap.it	www.onmeda.de
1	de-gmtdmp.mookie1.com	www.onmeda.de
1	71i.nuggad.net	ad.71i.de
1	www.google.de	www.onmeda.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	dpm.demdex.net	i.onmeda.de
1	www.googletagmanager.com	www.onmeda.de
1	script.ioam.de	www.onmeda.de
1	fonts.googleapis.com	www.onmeda.de
1	onmeda.de	1 redirects
0	dx.bigsea.weborama.com Failed	www.onmeda.de
0	de.ioam.de Failed	script.ioam.de
66	40

This site contains links to these domains. Also see Links.

Domain
www.pharmazeutische-zeitung.de
www.aerzteblatt.de
www.ardmediathek.de
www.afgis.de
www.healthonnet.org
unternehmen.gofeminin.de
www.facebook.com
twitter.com
www.pinterest.de

Subject Issuer	Validity	Valid
*.onmeda.de Sectigo RSA Domain Validation Secure Server CA	`2019-03-07` - `2020-03-06`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
i.onmeda.de Amazon	`2018-05-10` - `2019-06-10`	a year	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
static.afcdn.com Amazon	`2018-05-08` - `2019-06-08`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
www.google.de Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.71i.de DigiCert SHA2 Secure Server CA	`2018-08-13` - `2019-08-13`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.heatmap.it COMODO RSA Domain Validation Secure Server CA	`2016-06-05` - `2019-06-27`	3 years	crt.sh
*.nuggad.net Gandi Standard SSL CA 2	`2018-01-12` - `2020-01-16`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2018-12-18` - `2019-11-21`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2018-12-12` - `2020-03-12`	a year	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2019-02-07` - `2020-03-22`	a year	crt.sh
*.krxd.net Go Daddy Secure Certificate Authority - G2	`2017-06-12` - `2019-07-11`	2 years	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2018-02-16` - `2019-10-19`	2 years	crt.sh
*.sqrt-5041.de Amazon	`2018-08-17` - `2019-09-17`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2018-12-12` - `2019-12-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.onmeda.de/
Frame ID: 06EEF0B7CCC70017EDCCC831124D27F2
Requests: 52 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/724079/6629/2x2?&ts=1552876366702
Frame ID: D6BA8A31D182275CAF0AA02B552A5809
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://onmeda.de/ HTTP 301
http://www.onmeda.de/ HTTP 301
https://www.onmeda.de/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

INFOnline (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^szmvars$/i
env /^iam_data$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

66
Requests

95 %
HTTPS

31 %
IPv6

31
Domains

40
Subdomains

26
IPs

9
Countries

854 kB
Transfer

1967 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pharmazeutische-zeitung.de/hochdruckarbeit-im-lungenkreislauf/
Title: Hochdruckarbeit im Lungenkreislauf: Pulmonale arterielle Hypertonie [→]

Search URL Search Domain Scan URL

URL: https://www.aerzteblatt.de/nachrichten/101706/Gericht-setzt-weiter-grosse-Huerden-bei-Praeimplantationsdiagnostik
Title: Gericht setzt weiter große Hürden bei Präimplantationsdiagnostik [→]

Search URL Search Domain Scan URL

URL: https://www.pharmazeutische-zeitung.de/wirkprinzipien-kombinieren/
Title: Wirkprinzipien kombinieren: Lungenkrebs [→]

Search URL Search Domain Scan URL

URL: https://www.ardmediathek.de/tv/service-gesundheit/Erfolgreich-abgenommen-und-dann/hr-fernsehen/Video?bcastId=3362814&documentId=61140566
Title: service: gesundheit - Erfolgreich abgenommen - und dann? [→]

Search URL Search Domain Scan URL

URL: https://www.afgis.de/qualitaetslogo/aqdb/anbieter/afgisanbieter.2005-08-02.3236611942#afgisantrag.2010-06-04.8974199484
Title: <img class="d-flex" src="https://www.afgis.de/qualitaetslogo/aqdb/anbieter/afgisanbieter.2005-08-02.3236611942/afgisantrag.2010-06-04.8974199484/afgisqmodul.2019-01-14.7310654161/get_Logo?small:int=1" width="64" height="64" alt="afgis-Qualitätslogo mit Ablauf 2020/02: Mit einem Klick auf das Logo öffnet sich ein neues Bildschirmfenster mit Informationen über Gesundheitsportal Onmeda gofeminin.de GmbH und sein/ihr Internet-Angebot: www.onmeda.de"/>

Search URL Search Domain Scan URL

URL: https://www.healthonnet.org/HONcode/German/?HONConduct262255
Title: <img class="d-flex" src="https://www.honcode.ch/HONcode/Seal/HONConduct262255_s.gif" width="43" height="60" alt="Diese Webseite ist von der Health On the Net Stiftung akkreditiert: Klicken Sie, um dies zu überprüfen" title="Diese Webseite ist von der Health On the Net Stiftung akkreditiert: Klicken Sie, um dies zu überprüfen"/>

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/
Title: gofeminin.de GmbH

Search URL Search Domain Scan URL

URL: https://www.facebook.com/onmeda/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/onmeda_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/onmeda_de/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/offene-stellen/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/werbekonzepte/
Title: Werbung

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/contentcontessa/
Title: Content-Lizenzierung

Search URL Search Domain Scan URL

URL: https://unternehmen.gofeminin.de/nutzungsbasierte-online-werbung/
Title: Nutzungsbasierte Online-Werbung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://onmeda.de/ HTTP 301
http://www.onmeda.de/ HTTP 301
https://www.onmeda.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&gjid=2032217277&_gid=460233226.1552876365&_u=IGBAgEAB~&z=1201105993 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545

Request Chain 37

https://dsp.adfarm1.adition.com/cookie/?ssp=1 HTTP 302
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101

Request Chain 42

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fad-sync.nuggad.net%2Fsyncuid%3Fdpid%3D3244%26uid%3D%25%25COOKIE%25%25%26o%3Dul HTTP 302
https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul

Request Chain 46

https://dsp.adfarm1.adition.com/cookie/?ssp=1 HTTP 302
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637

Request Chain 47

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dactiveagent%26partner_uid%3D%25%25COOKIE%25%25 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637

Request Chain 48

https://dsp.adfarm1.adition.com/cookie/?dmp=1&xxx=817 HTTP 302
https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6669553206706239637 HTTP 302
https://dmp.theadex.com/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637

Request Chain 49

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fuip.semasio.net%2Fadition%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dyl HTTP 302
https://uip.semasio.net/adition/1/info?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl HTTP 302
https://uip.semasio.net/adition/1/info2?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl HTTP 302
https://id5-sync.com/s/112/3892732E7B94EAD5/9.gif HTTP 302
https://id5-sync.com/c/112/112/9/1.gif?puid=3892732E7B94EAD5 HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/112/2/8/2.gif?puid=$UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F112%2F2%2F8%2F2.gif%3Fpuid%3D%24UID HTTP 302
https://id5-sync.com/c/112/2/8/2.gif?puid=8918002428308088464 HTTP 302
https://ws1.rqtrk.eu/pull?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F145%2F7%2F3.gif%3Fpuid%3D%24BROWSER_ID&return-unstable=true HTTP 302
https://id5-sync.com/c/112/145/7/3.gif?puid=00000000-0000-0000-0000-000000000000 HTTP 302
https://ml314.com/utsync.ashx?eid=68339&et=0&return=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F152%2F6%2F4.gif%3Fpuid%3D%5BPersonID%5D HTTP 302
https://id5-sync.com/c/112/152/6/4.gif?puid=5978151465082548541 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://id5-sync.com/c/112/10/5/5.gif?puid=773800178618479847 HTTP 302
https://target.digitalaudience.io/bakery/sync/d?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F21%2F4%2F6.gif%3Fpuid%3D%5BUID%5D HTTP 302
https://id5-sync.com/c/112/21/4/6.gif?puid=f000e6556a0744198ac3031e608d10e0 HTTP 302
https://pixel.onaudience.com/?partner=146&smartmap=1&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F22%2F3%2F7.gif%3Fpuid%3D%25s HTTP 302
https://id5-sync.com/c/112/22/3/7.gif?puid=bb919e7aebd25213 HTTP 302
https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D HTTP 302
https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D&bounced=1&rn=688898

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1

Request Chain 51

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1 HTTP 302
https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46

Request Chain 52

https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID HTTP 302
https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179

Request Chain 53

https://c1.adform.net/serving/cookie/match?party=6 HTTP 302
https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100

Request Chain 54

https://a.twiago.com/rtb/usermatch.php?umid=1&call_type=redirect&rtbprovider=empty&redirecturl=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D35250%26ext_id%3D%25userid%25 HTTP 302
https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870

Request Chain 55

https://x.bidswitch.net/sync?ssp=yieldlab HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=109b85cb-7772-4291-9174-8e69f5f3f53b&ssp=yieldlab HTTP 302
https://ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55

Request Chain 56

https://p.rfihub.com/cm?pub=19593&in=1 HTTP 302
https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636

Request Chain 57

https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct HTTP 302
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93

Request Chain 58

https://ad.yieldlab.net/mr?t=2&pid=5222173 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/yieldlab/5bec4811-d3bc-4349-9acb-2135ea89df0b HTTP 302
http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.onmeda.de/
Redirect Chain

https://onmeda.de/
http://www.onmeda.de/
https://www.onmeda.de/

73 KB
16 KB

132ms
66ms

Document
text/html

78.35.17.134
NETCOLOGNE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.35.17.134 Cologne, Germany, ASN8422 (NETCOLOGNE, DE),
Reverse DNS: www.onmeda.de
Software: Apache /
Resource Hash: 4f67c6cfea019a5dccfd7a97ca95b475dfea0ab3576c0b6140f4c5f5e4baf004

Request headers

Host: www.onmeda.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:44 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 18 Mar 2019 02:32:44 GMT
Server: Apache
Location: https://www.onmeda.de/
Content-Length: 230
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 9 KB
848 B 23ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

05e53e8c100f573bb743785b2f21dab97ca1f13511313955c2178930c950143b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 18 Mar 2019 02:32:44 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 18 Mar 2019 02:32:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 18 Mar 2019 02:32:44 GMT

GET
H2 200 onmeda.css
i.onmeda.de/nav/ 211 KB
33 KB 120ms
9ms Stylesheet
text/css 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/onmeda.css
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 5e5d1c1a6a3bf463c47aee99657f8ff9ac52c4fb4d9ca0365c301ff5d8b3ad3d

Request headers

:path: /nav/onmeda.css
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 15 Mar 2019 16:08:54 GMT
content-encoding: gzip
last-modified: Fri, 15 Feb 2019 16:09:02 GMT
server: nginx
age: 210218
etag: "893286-34d0e-581f0fe4ac380"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 33690
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id: GakXdZwo8SoTL7zj2TB4DnCvp5d3BfSSgRL4bSYfz_nubKAqleEE7w==

GET
H2 200 ads.js Show response
i.onmeda.de/nav/ 6 KB
2 KB 124ms
13ms Script
text/javascript 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/ads.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: f1dfb1c8c86c4324c5fcae73b0ffb6528bf6a2bad42414276fa056bd0e8e6435

Request headers

:path: /nav/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Mar 2019 00:09:00 GMT
content-encoding: gzip
last-modified: Fri, 25 Jan 2019 16:33:20 GMT
server: nginx
age: 527060
etag: "89327f-193f-5804ae2873400"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 1957
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id: PBqlGvt_VApw_LmnOUdvyZUVoXISQzS1UCFSJryDtzBcXW_hfZa0Wg==

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 31 KB
10 KB 89ms
28ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.9 0009
Resource Hash: abbc2629de69cc04fbe8877a17db1385137a65db1e887b17c8da76b174801897

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2019 02:32:44 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.9 0009
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: privat, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 18 Mar 2019 04:32:44 GMT

GET
H2 200 visitor_api_v1.6.js Show response
i.onmeda.de/nav/ 21 KB
9 KB 126ms
15ms Script
text/javascript 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/visitor_api_v1.6.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 21b6f9f75b9afad52abc2b6139f274e75b09a8ad025bd8e306cc454ba54f1db6

Request headers

:path: /nav/visitor_api_v1.6.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Mar 2019 08:04:53 GMT
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 08:04:28 GMT
server: nginx
age: 498471
etag: "892cb9-533a-5785400b4fb00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 8734
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id: E9QWDKre_NK7lHwYFmBxlP_mExcpPfYyCnhBKwc7fcLItgc-Q_RBhQ==

GET
H2 200 dil_v6.4.js Show response
i.onmeda.de/nav/ 36 KB
12 KB 125ms
14ms Script
text/javascript 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/dil_v6.4.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7243dc6bcdd3c2e324fbc29c6e969e0a7504646b21045b4817556dd26fb20243

Request headers

:path: /nav/dil_v6.4.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 19:25:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 08:03:59 GMT
server: nginx
age: 25607
etag: "892cb2-9105-57853fefa79c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 12410
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id: 16WuLs05-Fg1i1lugcBxJQbun5OXGoRdDMCkIVUgoCu-0Y7U-mh-sg==

GET
H2 200 concat.js Show response
static.afcdn.com/relde/ 402 KB
139 KB 116ms
8ms Script
text/javascript 2600:9000:200d:ee00:15:3254:b140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.afcdn.com/relde/concat.js?PCM-lVTJTsMwEP0ajo2S0iJx4MDWCyAQFb1WdjJxTJ0Zy0ub_j1JTRdQF-cymuW90Wz2DLAgczWcMF92srCtrPhGZdqB6ex5G7wPZvJt72Zbjvbc-g6bJTdJunMMrEShwBH-QXNaWdgrSS3_xkMFQhFnap5TXRPOHekjGFa-khD_itmGpmCtpGOpQ3PaAJdFcH5s9NPJDqbhy4dI5H5uxFx1bG7nOLZmxhnHtfK2L5dpjdBE8myx6ErUgM2g4gMlHZxYyYnmOmbfCiUW0Dw3ecVQQF-y8VzmhJdouwUHJUtGaZL2OIdHwlKKHoQ3hizygJ6AexED_HJS2RjghOWOzDoGeqnOVoJZHj75YJ8kWFDq92phCfiOEJW7KPXF1O35C4k2eNuNOED3AusVmcLGkSaU-0joJ5QGbBUHni7OPJIwtd03kQzT7Da9zsbZcDT-AQ
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:ee00:15:3254:b140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: c8fcfadfca9c63e88967ce1fc0461253ac276675e6f9941c249f28bfa0bc03e5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de

Response headers

date: Sun, 17 Mar 2019 15:44:39 GMT
x-debug: cached
age: 36505
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: Public, max-age=101100
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
x-amz-cf-id: cDQQ_ImGHzxB590IIXvV_Odozu6-XzzSkRyfqqYxQ7SsyBlpU85z4A==
via: 1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
expires: Mon, 16 Mar 2020 19:48:00 GMT

GET
H2 200 concat.css
static.afcdn.com/relde/ 1 KB
890 B 329ms
224ms Stylesheet
text/css 2600:9000:200d:ee00:15:3254:b140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.afcdn.com/relde/concat.css?PCM-C0vNS8kv0k8sTdNPTCnWL07NyUktAtFlqXn-eal6xcnFxbZhqIoKckrTM_OKQfzg7Mw8sBo9IwNDSwNjQ1NDIxNTAA
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:ee00:15:3254:b140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 53d0d333f90ed0798ce6bfdbd535169997f6fdae8ea0f8519d5ffa811a14c2b8

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 20:15:25 GMT
content-encoding: gzip
age: 7953
vary: Accept-Encoding
x-debug: cached
content-type: text/css; charset=UTF-8
status: 200
cache-control: Public, max-age=95400
x-cache: Hit from cloudfront
accept-ranges: bytes
access-control-allow-origin: *
content-length: 527
via: 1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
x-amz-cf-id: -RpoVM5_4YsLDi10nWeu7X52f0HdzQ0qH_kUxTU3hACdtLagRUO4JQ==
expires: Tue, 17 Mar 2020 00:18:45 GMT

GET
H2 200 blindfisch.gif
i.onmeda.de/nwl/ 43 B
376 B 330ms
224ms Image
image/gif 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/nwl/blindfisch.gif
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:path: /nwl/blindfisch.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 14 Mar 2019 00:09:19 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Sat, 07 Feb 2009 13:08:38 GMT
server: nginx
age: 354244
etag: "890059-2b-46253d5f12180"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 1kahv88bHdrPfKSzVjK_Ygdb1MxdCNGlmU2YOVYOTdNw9Ey49r9Q6g==

GET
H2 200 onmeda-min.js Show response
i.onmeda.de/nav/ 234 KB
70 KB 120ms
16ms Script
text/javascript 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/onmeda-min.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d8d517059c12599921c80c6d1d1384689e8b6c5fab50c2c9d09dfa01956d5daf

Request headers

:path: /nav/onmeda-min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Mar 2019 12:49:51 GMT
content-encoding: gzip
last-modified: Mon, 11 Feb 2019 12:49:48 GMT
server: nginx
age: 567773
etag: "89328a-3a89e-5819dbe69b300"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: dWGDqesXpRthkyWcGV02bYAOvaWjQGFZg-JPGMSTUbW4Ma9c0ATI_A==
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 71ms
0ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 2750
date: Mon, 18 Mar 2019 01:46:54 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Mon, 18 Mar 2019 03:46:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 71 KB
25 KB 49ms
0ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NX7FH6K

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

60213b75185ef3ebab637d66be08624fecbd58cf50cff6e653e901d88334a046

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 18 Mar 2019 02:32:44 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2019 00:54:05 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25819
x-xss-protection: 1; mode=block
expires: Mon, 18 Mar 2019 02:32:44 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 15205ms
35ms XHR
application/json 52.17.182.129
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=44326DF2572396FB7F000101%40AdobeOrg&d_nsid=0&ts=1552876364900
Requested by: Host: i.onmeda.de
URL: https://i.onmeda.de/nav/visitor_api_v1.6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.182.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7c8d85bcff37a420c86e26eb8ae604fd13a4a81f89f671e5e44e05694db04027

Request headers

Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v021-01fd1f10e.edge-irl1.demdex.com 5.49.0.20190304124312 7ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: D1ZT9VZvStg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.onmeda.de
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1336
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=1009526552&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmeda.de%2F&ul=en-us&de=UTF-8&dt=Onmeda%20-%20Das%20Portal%20f%C3%BCr%20Medizin%20und%20Gesundheit%20-%20Onmeda.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=440265315&gjid=2032217277&cid=724388051.1552876365&tid=UA-32616126-1&_gid=460233226.1552876365&cd1=urlname%3DHomepage%3Bindex%3Dstartseite%3Bcid%3D0003299%3Bgoogle%3D0%3Bisinternal%3D0%3Bamp%3D0&cd2=cid%3D0003299&z=1589881232

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 06:40:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 762709
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&gjid=2032217277&_gid=460233226.1552876365&_u=IGBAgEAB~&z=1201105993
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545

42 B
109 B

19ms
16ms

Image
image/gif

2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2019 02:32:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2019 02:32:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32616126-1&cid=724388051.1552876365&jid=440265315&_v=j73&z=1201105993&slf_rd=1&random=1927255545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK loader.js Show response
ad.71i.de/somtag/loader/ 344 KB
105 KB 1136ms
34ms Script
application/x-javascript 2.18.233.126
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.71i.de/somtag/loader/loader.js
Requested by: Host: static.afcdn.com
URL: https://static.afcdn.com/relde/concat.js?PCM-lVTJTsMwEP0ajo2S0iJx4MDWCyAQFb1WdjJxTJ0Zy0ub_j1JTRdQF-cymuW90Wz2DLAgczWcMF92srCtrPhGZdqB6ex5G7wPZvJt72Zbjvbc-g6bJTdJunMMrEShwBH-QXNaWdgrSS3_xkMFQhFnap5TXRPOHekjGFa-khD_itmGpmCtpGOpQ3PaAJdFcH5s9NPJDqbhy4dI5H5uxFx1bG7nOLZmxhnHtfK2L5dpjdBE8myx6ErUgM2g4gMlHZxYyYnmOmbfCiUW0Dw3ecVQQF-y8VzmhJdouwUHJUtGaZL2OIdHwlKKHoQ3hizygJ6AexED_HJS2RjghOWOzDoGeqnOVoJZHj75YJ8kWFDq92phCfiOEJW7KPXF1O35C4k2eNuNOED3AusVmcLGkSaU-0joJ5QGbBUHni7OPJIwtd03kQzT7Da9zsbZcDT-AQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.126 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1598ea08cda5d189aa63924c4666eabb317a5655c27104c92a5eed3bc95c12c9

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Mar 2019 09:19:37 GMT
Server: Apache
ETag: "561e4-583ce125475e3"
Vary: Accept-Encoding
P3P: policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1449
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 107014
Expires: Mon, 18 Mar 2019 02:56:55 GMT

GET tx.io
de.ioam.de/ 0
0

GET
H2 200 logo-de-claim.svg
i.onmeda.de/nav/ 16 KB
6 KB 10ms
10ms Image
image/svg+xml 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/nav/logo-de-claim.svg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 1052e08af70e633116a4d9c07dee43a40772033c6374381c967cb496be81ad93

Request headers

:path: /nav/logo-de-claim.svg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://i.onmeda.de/nav/onmeda.css
:scheme: https
:method: GET
Referer: https://i.onmeda.de/nav/onmeda.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 17:36:33 GMT
content-encoding: gzip
last-modified: Fri, 16 Mar 2018 13:22:06 GMT
server: Apache
age: 41569
etag: "892e1f-3e6c-567877e9cbb80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 5955
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
x-amz-cf-id: WpKjef7BsVFXIEww1s2wxprCL_J36waYwmGH1SEFZMm2sMvhFXXxag==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin: https://www.onmeda.de

Response headers

date: Fri, 08 Mar 2019 23:23:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 788979
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:23:06 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin: https://www.onmeda.de

Response headers

date: Fri, 08 Mar 2019 20:21:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 799887
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8800
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 20:21:18 GMT

GET
H2 200 onmeda-icon-font.woff
i.onmeda.de/nav/ 9 KB
9 KB 30ms
11ms Font
application/octet-stream 2600:9000:200d:6c00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/onmeda-icon-font.woff
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:6c00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 929fd9b62d2c6fec3bd1a14c394ebc58bfd7ebc24e78a7c83cb075acb703aa37

Request headers

:path: /nav/onmeda-icon-font.woff
pragma: no-cache
origin: https://www.onmeda.de
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: i.onmeda.de
referer: https://i.onmeda.de/nav/onmeda.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://i.onmeda.de/nav/onmeda.css
Origin: https://www.onmeda.de

Response headers

date: Mon, 11 Mar 2019 10:33:17 GMT
content-encoding: gzip
age: 575968
x-cache: Hit from cloudfront
status: 200
content-length: 8728
access-control-allow-origin: *
last-modified: Mon, 11 Feb 2019 10:33:14 GMT
server: nginx
etag: "892e3e-2220-5819bd6032e80"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
via: 1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: rRzh2VmPf8j_xiauN_H-Fjjf4z8BTj_ds0Z9Lmy88DrtBpMx9ExZ1w==

GET
H2 200 homepage-visual.jpg
i.onmeda.de/nav/ 20 KB
20 KB 9ms
7ms Image
image/jpeg 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/nav/homepage-visual.jpg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: b552c9f2dfb5fabe3c49dfa90c87efa10e305a886fa3e128c3388aa0af5c5add

Request headers

:path: /nav/homepage-visual.jpg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://i.onmeda.de/nav/onmeda.css
:scheme: https
:method: GET
Referer: https://i.onmeda.de/nav/onmeda.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Mar 2019 07:36:14 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Fri, 16 Mar 2018 13:11:16 GMT
server: Apache
age: 586777
etag: "893281-4e74-5678757de8500"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 20084
x-amz-cf-id: QP-cf6zPBHwa-3JjVQeSPbXcmOPURKYNktRuIoZTWle4nqe3fynJeQ==

GET
H2 200 texgyreadventor-regular-webfont.woff
i.onmeda.de/nav/ 24 KB
24 KB 8ms
7ms Font
application/octet-stream 2600:9000:200d:6c00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.onmeda.de/nav/texgyreadventor-regular-webfont.woff
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:6c00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: f3eedf80f3052829cda1c34719886ac29030a9801bda53b23df6a2d293c7bcf3

Request headers

:path: /nav/texgyreadventor-regular-webfont.woff
pragma: no-cache
origin: https://www.onmeda.de
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: i.onmeda.de
referer: https://i.onmeda.de/nav/onmeda.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://i.onmeda.de/nav/onmeda.css
Origin: https://www.onmeda.de

Response headers

date: Tue, 12 Mar 2019 18:05:48 GMT
content-encoding: gzip
age: 462421
x-cache: Hit from cloudfront
status: 200
content-length: 24242
access-control-allow-origin: *
last-modified: Wed, 21 Mar 2018 09:22:30 GMT
server: nginx
etag: "892dc1-5f24-567e8baf14180"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
via: 1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: 0dU6o6Ht49nygb2CQEaI7XVztXvsLSCwmWj8pjJ_LqE7boeAK-SMXw==

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin: https://www.onmeda.de

Response headers

date: Sat, 09 Mar 2019 02:13:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
age: 778775
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8916
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 02:13:10 GMT

GET
H2 200 newsticker.png
i.onmeda.de/style/ 625 B
980 B 11ms
10ms Image
image/png 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/style/newsticker.png
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 4aff37556e2cd14aa444e8a1f36c5a33914ea2a2588ade9859efbcb8e176e051

Request headers

:path: /style/newsticker.png
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://i.onmeda.de/nav/onmeda.css
:scheme: https
:method: GET
Referer: https://i.onmeda.de/nav/onmeda.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 15 Mar 2019 17:18:55 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Fri, 18 Jan 2019 17:14:30 GMT
server: nginx
age: 206131
etag: "8e2045-271-57fbea4dcc980"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 625
x-amz-cf-id: 9H3zo7iAqlzZdIObug1flMzfboGyo6t0cb4U9Ilf02HQFcr0AOHsbw==

GET
H2 200 181012_kv_magazin_newsletter.jpg
i.onmeda.de/ 43 KB
43 KB 9ms
7ms Image
image/jpeg 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/181012_kv_magazin_newsletter.jpg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 07c09e3c6851b8a4da1de3e0ef2a441fbecb31f1cee18efb82c1e95a39f36a7e

Request headers

:path: /181012_kv_magazin_newsletter.jpg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 18:44:18 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Wed, 07 Nov 2018 10:08:09 GMT
server: nginx
age: 28108
etag: "5973db-ac04-57a104b8ab440"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 44036
x-amz-cf-id: R7Wc8yaJwj90aeO-dlFJIgfTAJkU4oK25QpfbwEvmh3YoEAjx6jinw==

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v10/ 13 KB
13 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v10/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|PT+Serif
Origin: https://www.onmeda.de

Response headers

date: Sat, 09 Mar 2019 00:34:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:33:41 GMT
server: sffe
age: 784708
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13280
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:34:17 GMT

GET
H2 200 frau-joggt-im-park-500x283.jpg
i.onmeda.de/ 30 KB
31 KB 10ms
8ms Image
image/jpeg 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/frau-joggt-im-park-500x283.jpg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ffe3d22af0345d19ff83398a5a95f7a71f79b3169ba4b2eff59ddc025f766b94

Request headers

:path: /frau-joggt-im-park-500x283.jpg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 15 Mar 2019 09:27:29 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2019 15:44:17 GMT
server: nginx
age: 234304
etag: "58c43f-78fc-5840fcb7e9640"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 30972
x-amz-cf-id: Ayea5X8nFhGH0vFT8yucxhmRnzVkg7bZ_jBOoodY37qPQ7pfLuFnFA==

GET
H2 200 trost-arbeit-500x283.jpg
i.onmeda.de/ 21 KB
21 KB 9ms
8ms Image
image/jpeg 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/trost-arbeit-500x283.jpg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 13acaa887dbd6ef4439b99487557d5d3d991ec57d58461e7485d16092f6667cf

Request headers

:path: /trost-arbeit-500x283.jpg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 14 Mar 2019 08:13:38 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Wed, 14 Mar 2018 14:33:34 GMT
server: nginx
age: 325135
etag: "598b5c-53d7-567604283ab80"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 21463
x-amz-cf-id: uTko6RPbE1t9ZMimeoDugMEJfU--Zk9GVwseHhpfQZ4IMATnSekIdA==

GET
H2 200 shisha-500x283.jpg
i.onmeda.de/ 62 KB
63 KB 14ms
12ms Image
image/jpeg 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/shisha-500x283.jpg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: f500f3de3849491370523ee769606da68708ede8d408466f06aeb51f6f7dfdda

Request headers

:path: /shisha-500x283.jpg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 10:56:21 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Tue, 12 Mar 2019 15:02:18 GMT
server: nginx
age: 401772
etag: "58c2a1-f86f-583e6f9aaf280"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 63599
x-amz-cf-id: BBVCue46yLuVQjFjrET-wR-ACVUzv--2j79cQtxOTk515PDxESYn9Q==

GET
H2 200 gesundes-sandwich-500x283.jpg
i.onmeda.de/ 32 KB
33 KB 10ms
8ms Image
image/jpeg 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/gesundes-sandwich-500x283.jpg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 4e9a82e07ab305f84af8fa203f60ec71e69142bb89bd6fd200fcc6ce3d37bd48

Request headers

:path: /gesundes-sandwich-500x283.jpg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Mar 2019 11:17:51 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Wed, 14 Mar 2018 14:33:33 GMT
server: nginx
age: 486881
etag: "5986a5-80ba-5676042746940"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 32954
x-amz-cf-id: SC_-qGPP1QaLWErza11Hhn169p8Vxqe655UU4ikivicuzu6vA2WAQQ==

GET
H2 200 vitamin-c-serum-500x283.jpg
i.onmeda.de/ 69 KB
69 KB 13ms
12ms Image
image/jpeg 2600:9000:200d:da00:14:3756:4880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.onmeda.de/vitamin-c-serum-500x283.jpg
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:da00:14:3756:4880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 5c081d7a660942f44a349c66e17b6464f76dad5d717d962d29a92e244892a370

Request headers

:path: /vitamin-c-serum-500x283.jpg
pragma: no-cache
cookie: AMCV_44326DF2572396FB7F000101%40AdobeOrg=817868104%7CMCIDTS%7C17974; _ga=GA1.2.724388051.1552876365; _gid=GA1.2.460233226.1552876365; _gat=1; af_session=%7B%22visitorId%22%3A%221552876365124684%22%2C%22sessionId%22%3A1%2C%22sessionStartTime%22%3A1552876365124%2C%22sessionUtm%22%3Anull%2C%22pageviewId%22%3A1%2C%22waveId%22%3A0%2C%22rankId%22%3A0%7D
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: i.onmeda.de
referer: https://www.onmeda.de/
:scheme: https
:method: GET
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Mar 2019 08:05:28 GMT
via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 14:07:17 GMT
server: nginx
age: 584824
etag: "59bf0c-1124c-579ff84e86f40"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=604800, s-maxage=604800
accept-ranges: bytes
content-length: 70220
x-amz-cf-id: yLy8a85HdbHqul8CoM855vt2r0DqNzg90waolfYg3q_-WM_MVERhXg==

GET
H2 200 log.js Show response
u.heatmap.it/ 26 KB
10 KB 1053ms
10ms Script
application/x-javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/log.js
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ecded18536426e30f5af01e39779ff4f66c52fd762ba75729188b80e37f7cfac

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 18 Mar 2019 02:32:46 GMT
content-encoding: br
last-modified: Thu, 25 Oct 2018 10:53:36 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"5bd1a0b0-6804"
x-cacheable: Matched cache
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
status: 200
cache-control: max-age=3600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 10194
expires: Sun, 10 Mar 2019 10:59:48 GMT

GET
H/1.1 200
OK default.js Show response
ad.71i.de/somtag/config/onmedade/ 6 KB
2 KB 34ms
33ms Script
application/x-javascript 2.18.233.126
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.71i.de/somtag/config/onmedade/default.js
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.126 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 83f92a743ce5684cc072ecc38014f6a54c3a4bdbe056a71f3a9db0cb52008e95

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 16:05:52 GMT
Server: Apache
ETag: "161b-5838347cdfb3e"
Vary: Accept-Encoding
P3P: policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin: *
Cache-Control: max-age=2243
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 1459
Expires: Mon, 18 Mar 2019 03:10:09 GMT

GET
H/1.1 200
OK default.css
ad.71i.de/somtag/config/onmedade/ 3 KB
1 KB 36ms
35ms Stylesheet
text/css 2.18.233.126
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.71i.de/somtag/config/onmedade/default.css
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.126 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 67c7d33b290e6a98ea44eb937ac03e93800c9d0576b1be1229bcaa8e0252ae3e

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 16:05:52 GMT
Server: Apache
ETag: "b22-5838347cb72b7"
Vary: Accept-Encoding
P3P: policyref="http://ad.71i.de/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV"
Access-Control-Allow-Origin: *
Cache-Control: max-age=2144
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 617
Expires: Mon, 18 Mar 2019 03:08:30 GMT

GET
H/1.1 200
OK rc Show response
71i.nuggad.net/ 1 KB
1 KB 226ms
35ms Script
text/javascript 2a00:cd0:1005:2:80:82:201:80
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://71i.nuggad.net/rc?&nuggn=1272195681&nuggsid=1308757810&nuggtg=onmedade_content&nuggrid=&ios=0
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2a00:cd0:1005:2:80:82:201:80 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9fa7695ec257bc37375f612a0af9d62824f655678136dcfd261d66207baf8ed4

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:46 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID ADMa OTPa OUR NOR"
Status: 200 OK
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=65
Expires: Wed, 18 Feb 2009 11:53:30 GMT

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 66 KB
19 KB 10522ms
21ms Script
application/javascript 99.86.1.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.1.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-1-198.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 06042f6ac2063c8e23fcce2c7c64449bae470d34c4d46f97e145242158ef15f3

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 16:37:18 GMT
Content-Encoding: gzip
Server: Server
Age: 35737
ETag: 179e41b046d5f974d2586d066c70d87e
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: j6OvbbLOmc6k2HDK6blMIFgBGVWKUZe5KkhgptoJInSc1S6_9PMaWg==

GET
H/1.1

204
No Content

m
ad.yieldlab.net/
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=1
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101

0
495 B

1107ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706174101
Date: Mon, 18 Mar 2019 02:32:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
200 learn
de-gmtdmp.mookie1.com/t/v2/ 43 B
673 B 48ms
8ms Image
image/gif 18.195.82.173
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_343&src.rand=1552876366382&src.id=SOM
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.82.173 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-82-173.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:46 GMT
Server: Apache
P3P: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
X-Application-Context: application
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 www.onmeda.de.js Show response
u.heatmap.it/conf/ 1 KB
684 B 11ms
9ms Script
text/javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/conf/www.onmeda.de.js
Requested by: Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 278c9f4b8fd66182a65c9571d08246a40e58b5a390de266ad2f0b089258cad93

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 18 Mar 2019 02:32:46 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=300
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 457
expires: Mon, 18 Mar 2019 02:34:59 GMT

GET
H/1.1 204
No Content pv
eu6.heatmap.it/log/ 0
212 B 1107ms
19ms Image
image/gif 149.202.74.47
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu6.heatmap.it/log/pv?pid=19&u=https%3A%2F%2Fwww.onmeda.de%2F%23desktop&tpl=.&pt=Onmeda%20-%20Das%20Portal%20f%C3%BCr%20Medizin%20und%20Gesundheit%20-%20Onmeda.de&t=854642
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.202.74.47 , France, ASN16276 (OVH, FR),
Reverse DNS: eu6.heatmap.it
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:48 GMT
Cache-Control: no-cache
Expires: Mon, 18 Mar 2019 02:32:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Response headers

Content-Type: image/png

GET
H/1.1

204
No Content

syncuid
ad-sync.nuggad.net/
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fad-sync.nuggad.net%2Fsyncuid%3Fdpid%3D3244%26uid%3D%25%25COOKIE%25%25%26o%3Dul
https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul

0
494 B

202ms
24ms

Image
text/plain

80.82.201.86
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 80.82.201.86 Berlin, Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS: pbtngs-nuggad.unbelievable-machine.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204 No Content
date: Mon, 18 Mar 2019 02:32:46 GMT
cache-control: no-store,no-cache
server: Apache
Connection: close
p3p: CP="NOI DSP COR NID ADMa OTPa OUR NOR"

Redirect headers

Location: https://ad-sync.nuggad.net/syncuid?dpid=3244&uid=6669553206706239637&o=ul
Date: Mon, 18 Mar 2019 02:32:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 204
No Content getuid
axdget-sync.nuggad.net/ 0
382 B 1193ms
25ms Image
text/plain 80.82.201.94
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axdget-sync.nuggad.net/getuid?dpid=5763&url=https%3A%2F%2Fdmp.theadex.com%2Fd%2Fcm.gif%3Faxd_pid%3D34%26axd_fuid%3D%24UID%26axd_cuid%3D257%26cb%3Dhttps%253A%252F%252Faxdsnc-sync.nuggad.net%252Fsyncuid%253Fdpid%253D5763%2526uid%253D%257B%257BUUID%257D%257D%2526o%253Dlu
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 80.82.201.94 Berlin, Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204 No Content
date: Mon, 18 Mar 2019 02:32:47 GMT
cache-control: no-store,no-cache
server: Apache
Connection: close
location: https://dmp.theadex.com/d/cm.gif?axd_pid=34&axd_fuid=$UID&axd_cuid=257&cb=https%3A%2F%2Faxdsnc-sync.nuggad.net%2Fsyncuid%3Fdpid%3D5763%26uid%3D%7B%7BUUID%7D%7D%26o%3Dlu
p3p: CP="NOI DSP COR NID ADMa OTPa OUR NOR"

GET
H/1.1 200
OK 2x2 Show response
ad.yieldlab.net/d/724079/6629/ Frame D6BA 3 KB
2 KB 1135ms
15ms Script
text/javascript 104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/d/724079/6629/2x2?&ts=1552876366702
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-68-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d30db445af5d7b51a6433c18708b40e42b1185c1fae1922e89a76101d87bd7a2

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Language: de-DE
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1042
Expires: Sun, 17 Mar 2019 02:32:47 GMT

GET
H/1.1 200
OK 7526572,7526644,7526012,7526627,7526293,7526019 Show response
probe.yieldlab.net/yp/ 2 B
894 B 7064ms
13ms Fetch
application/json 104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://probe.yieldlab.net/yp/7526572,7526644,7526012,7526627,7526293,7526019?t=d1%3D2%26d15%3D2%26d3%3D1%26d4%3D7%26d8%3D2%26d9%3D1%26d10%3D3%26d12%3D4%26d16%3D1%26d17%3D1%26d20%3D0%26i2%3D3%26i50%3D1%26i18%3D1%26i3%3D1%26i8%3D1%26i9%3D1%26i10%3D1%26i11%3D1%26i13%3D1%26i15%3D1%26i17%3D1%26i20%3D1%26i21%3D1%26i26%3D1%26i41%3D1%26i44%3D1%26i46%3D1%26i52%3D1%26i53%3D1%26i54%3D1%26n3%3D0%26n5%3D0%26n8%3D1%26n9%3D1&ts=1552876366703&json=true
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-68-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:53 GMT
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: de-DE
Access-Control-Allow-Origin: https://www.onmeda.de
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 22
Expires: Sun, 17 Mar 2019 02:32:53 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=1
https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637

0
495 B

104ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=15233&ext_id=6669553206706239637
Date: Mon, 18 Mar 2019 02:32:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

204
No Content

usermatch.gif
beacon.krxd.net/ Frame D6BA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dactiveagent%26partner_uid%3D%25%25COOKIE%25%25
https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637

0
453 B

4937ms
28ms

Image
text/plain

54.247.163.81
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.163.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-163-81.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Mar 2019 02:32:52 GMT
Cache-Control: private, no-cache, no-store
X-Request-Time: D=72 t=1552876372
Connection: keep-alive
X-Served-By: beacon-n048-dub.krxd.net
P3P: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=activeagent&partner_uid=6669553206706239637
Date: Mon, 18 Mar 2019 02:32:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

2.gif
dmp.theadex.com/d/817/i/ Frame D6BA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?dmp=1&xxx=817
https://dmp.theadex.com/d/817/i/2.gif?c=&axd_pid=14&axd_fuid=6669553206706239637
https://dmp.theadex.com/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637

43 B
414 B

15ms
15ms

Image
image/gif

89.163.159.112
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.163.159.112 Hattersheim, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2019 02:32:51 GMT
last-modified: Mon, 18 Mar 2019 02:32:51 GMT
server: nginx
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-transfer-encoding: binary
access-control-allow-credentials: true
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Mon, 18 Mar 2019 02:32:51 GMT
access-control-allow-credentials: true
server: nginx
p3p: CP="CAO PSA OUR"
location: https://dmp.theadex.com:443/d/817/i/2.gif?_sc=1001820170332510000&c=&axd_pid=14&axd_fuid=6669553206706239637
content-type: text/html; charset=UTF-8

GET

collect
dx.bigsea.weborama.com/ Frame D6BA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fuip.semasio.net%2Fadition%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dyl
https://uip.semasio.net/adition/1/info?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl
https://uip.semasio.net/adition/1/info2?sType=sync&sExtCookieId=6669553206706239637&sInitiator=yl
https://id5-sync.com/s/112/3892732E7B94EAD5/9.gif
https://id5-sync.com/c/112/112/9/1.gif?puid=3892732E7B94EAD5
https://secure.adnxs.com/getuid?https://id5-sync.com/c/112/2/8/2.gif?puid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F112%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
https://id5-sync.com/c/112/2/8/2.gif?puid=8918002428308088464
https://ws1.rqtrk.eu/pull?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F145%2F7%2F3.gif%3Fpuid%3D%24BROWSER_ID&return-unstable=true
https://id5-sync.com/c/112/145/7/3.gif?puid=00000000-0000-0000-0000-000000000000
https://ml314.com/utsync.ashx?eid=68339&et=0&return=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F152%2F6%2F4.gif%3Fpuid%3D%5BPersonID%5D
https://id5-sync.com/c/112/152/6/4.gif?puid=5978151465082548541
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D
https://id5-sync.com/c/112/10/5/5.gif?puid=773800178618479847
https://target.digitalaudience.io/bakery/sync/d?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F21%2F4%2F6.gif%3Fpuid%3D%5BUID%5D
https://id5-sync.com/c/112/21/4/6.gif?puid=f000e6556a0744198ac3031e608d10e0
https://pixel.onaudience.com/?partner=146&smartmap=1&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F112%2F22%2F3%2F7.gif%3Fpuid%3D%25s
https://id5-sync.com/c/112/22/3/7.gif?puid=bb919e7aebd25213
https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D
https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D&bounced=1&rn=688898

0
0

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1

0
495 B

110ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2019 02:32:47 GMT
server: HTTP server (unknown)
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDjNAsBpb3zcpZwDMHeVzuk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 288
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1
https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46

0
495 B

67ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2019 02:32:47 GMT
x-aspnet-version: 4.0.30319
location: https://ad.yieldlab.net/m?dt_id=99739&ext_id=6fd3fe43-a0ee-4d29-a2a0-d68896361d46
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 193

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID
https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179

0
495 B

19ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:49 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:49 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:51 GMT
AN-X-Request-Uuid: 95ccd315-4b1d-4f88-9f8e-c153b3969139
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://ad.yieldlab.net/m?dt_id=140420&ext_id=4533891867985555179
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.130.184.115; 185.130.184.115; 154.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.14:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=6
https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100

0
495 B

78ms
14ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:48 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2019 02:32:47 GMT
server: nginx
access-control-allow-origin: *
location: https://ad.yieldlab.net/m?dt_id=4879&ext_id=8690720617745938100
status: 302
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=1&call_type=redirect&rtbprovider=empty&redirecturl=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D35250%26ext_id%3D%25userid%25
https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870

0
495 B

14ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:51 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:51 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=35250&ext_id=b1abb7b217e2a13a5e2849b0f16a9c5408a4db2de3932b20ecb4fc7573870
Date: Mon, 18 Mar 2019 02:32:51 GMT
Server: Apache
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 0
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldlab
https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=109b85cb-7772-4291-9174-8e69f5f3f53b&ssp=yieldlab
https://ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55

0
495 B

14ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:56 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:56 GMT

Redirect headers

Date: Mon, 18 Mar 2019 02:32:56 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //ad.yieldlab.net/m?dt_id=6850&ext_id=bafb600f-449e-4b00-85c2-57f68a23df55
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://p.rfihub.com/cm?pub=19593&in=1
https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636

0
495 B

15ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:33:05 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:33:05 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=6035831&ext_id=1041527792985866636
Server: Jetty(9.0.6.v20130930)
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D
https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93

0
495 B

14ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:59 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:59 GMT

Redirect headers

Date: Mon, 18 Mar 2019 02:32:59 GMT
Server: MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ad.yieldlab.net/m?dt_id=6061522&ext_id=db4c5c8e-feb6-4e00-b5ca-1631b88b0c93
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 18 Mar 2019 02:32:58 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6BA
Redirect Chain

https://ad.yieldlab.net/mr?t=2&pid=5222173
https://pr-bh.ybp.yahoo.com/sync/yieldlab/5bec4811-d3bc-4349-9acb-2135ea89df0b
http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-

0
495 B

3053ms
13ms

Image
text/plain

104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

HTTP/1.1

Server

104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-68-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Sun, 17 Mar 2019 02:32:52 GMT

Redirect headers

date: Mon, 18 Mar 2019 02:32:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
location: http://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-YzUR0vd1lw7Ydx.GJmOv8Y9Qid193PkmaUhyu0I-
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
status: 302
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK info Show response
ad.yieldlab.net/ Frame D6BA 76 B
944 B 21ms
13ms XHR
text/plain 104.109.68.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/info
Requested by: Host: www.onmeda.de
URL: https://www.onmeda.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-68-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 07888b13933b219e6e4953f4c3c9cb85f5ef704e923026d6345d417ec6269661

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2019 02:32:48 GMT
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: de-DE
Access-Control-Allow-Origin: https://www.onmeda.de
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 92
Expires: Sun, 17 Mar 2019 02:32:48 GMT

OPTIONS
H2 204 monitor-targeting Show response
cerberus.sqrt-5041.de/somtag/logs/ 0
185 B 7314ms
11ms Fetch 18.194.109.215
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-194-109-215.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.onmeda.de
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

status: 204
date: Mon, 18 Mar 2019 02:33:03 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
x-powered-by: Express
vary: Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 43ms
7ms XHR
application/javascript 13.32.221.90
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.221.90 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-221-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de

Response headers

Date: Sun, 17 Mar 2019 20:11:23 GMT
Content-Encoding: gzip
Vary: Origin
Age: 22895
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 24 Aug 2018 07:13:51 GMT
Server: AmazonS3
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 be3a2ea70ea68d04665ee5db91a73443.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Id: y-rOWZWoxBvH-JEBEVGPs031k4NOwbscDvsSNCUQ7ZwZlc78CeBCjA==

GET
H/1.1 200
OK bid Show response
aax.amazon-adsystem.com/e/dtb/ 47 B
342 B 1147ms
36ms XHR
text/javascript 52.94.220.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3287&u=https%3A%2F%2Fwww.onmeda.de%2F&pid=2364407832421552876376996&cb=8453834746751552876376998&ws=1600x1200&v=7.27.00&t=2000&slots=%5B%7B%22sd%22%3A%22fullbanner2%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Fother%2Ffullbanner2%22%7D%2C%7B%22sd%22%3A%22rectangle1%22%2C%22s%22%3A%5B%22%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Fother%2Frectangle1%22%7D%2C%7B%22sd%22%3A%22skyscraper1%22%2C%22s%22%3A%5B%22%22%5D%2C%22sn%22%3A%225731%2FDE_ONMEDA_de%2Fother%2Fskyscraper1%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22cmpTimeout%22%3A200%2C%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.220.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: 7dbf39a373ae2fdd84f934915b710fcc69b17ab26c4054e3a8f15678799a49e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de

Response headers

Date: Mon, 18 Mar 2019 02:32:58 GMT
Server: Server
Vary: User-Agent
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://www.onmeda.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 47

POST
H2 200 monitor-targeting Show response
cerberus.sqrt-5041.de/somtag/logs/ 35 B
317 B 8ms
8ms Fetch
image/gif 18.194.109.215
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-194-109-215.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 18 Mar 2019 02:33:03 GMT
x-content-type-options: nosniff
status: 200
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
content-length: 35
x-xss-protection: 1; mode=block

OPTIONS
H2 204 monitor-targeting Show response
cerberus.sqrt-5041.de/somtag/logs/ 0
185 B 7ms
7ms Fetch 18.194.109.215
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting
Requested by: Host: ad.71i.de
URL: https://ad.71i.de/somtag/loader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-194-109-215.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.onmeda.de
Referer: https://www.onmeda.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

status: 204
date: Mon, 18 Mar 2019 02:33:06 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
x-powered-by: Express
vary: Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 monitor-targeting Show response
cerberus.sqrt-5041.de/somtag/logs/ 35 B
317 B 8ms
8ms Fetch
image/gif 18.194.109.215
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cerberus.sqrt-5041.de/somtag/logs/monitor-targeting

Requested by

Host: www.onmeda.de
URL: https://www.onmeda.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.109.215 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-194-109-215.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmeda.de/
Origin: https://www.onmeda.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 18 Mar 2019 02:33:06 GMT
x-content-type-options: nosniff
status: 200
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
content-length: 35
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: de.ioam.de
URL: https://de.ioam.de/tx.io?st=medworld&cp=0-3299&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.onmeda.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0009&i2=00090c4cd8fcba10b5c8f034c&ep=1580157896&vr=412&id=s9k4qs&i3=nocookie&n1=5&dntt=0&lt=1552876365138&ev=&cs=dqim7u&mo=1

Domain: dx.bigsea.weborama.com
URL: https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fid5-sync.com%2Fcq%2F112%2F157%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D&bounced=1&rn=688898

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

71i.nuggad.net
a.twiago.com
a.volvelle.tech
aax.amazon-adsystem.com
ad-sync.nuggad.net
ad.71i.de
ad.yieldlab.net
axdget-sync.nuggad.net
beacon.krxd.net
c.amazon-adsystem.com
c1.adform.net
cerberus.sqrt-5041.de
cm.g.doubleclick.net
de-gmtdmp.mookie1.com
de.ioam.de
dmp.theadex.com
dpm.demdex.net
dsp.adfarm1.adition.com
dx.bigsea.weborama.com
eu6.heatmap.it
fonts.googleapis.com
fonts.gstatic.com
i.onmeda.de
ib.adnxs.com
match.adsrvr.org
onmeda.de
p.rfihub.com
pr-bh.ybp.yahoo.com
probe.yieldlab.net
script.ioam.de
static.afcdn.com
stats.g.doubleclick.net
sync.mathtag.com
u.heatmap.it
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.onmeda.de
x.bidswitch.net
de.ioam.de
dx.bigsea.weborama.com
104.109.68.123
13.32.221.90
146.148.8.25
149.202.74.47
176.34.134.126
18.153.11.9
18.194.109.215
18.195.82.173
185.29.135.227
185.31.128.128
2.18.233.126
216.58.210.2
2600:9000:200d:6c00:14:3756:4880:93a1
2600:9000:200d:da00:14:3756:4880:93a1
2600:9000:200d:ee00:15:3254:b140:93a1
2a00:1288:110:c205::2000
2a00:1450:4001:808::2008
2a00:1450:4001:816::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9d
2a00:cd0:1005:2:80:82:201:80
37.157.4.40
37.252.172.70
46.105.202.39
52.17.182.129
52.94.220.16
54.247.163.81
78.35.17.134
80.82.201.86
80.82.201.94
85.114.159.118
85.114.159.93
85.215.5.31
89.163.159.112
91.215.103.64
99.86.1.198
05e53e8c100f573bb743785b2f21dab97ca1f13511313955c2178930c950143b
06042f6ac2063c8e23fcce2c7c64449bae470d34c4d46f97e145242158ef15f3
07888b13933b219e6e4953f4c3c9cb85f5ef704e923026d6345d417ec6269661
07c09e3c6851b8a4da1de3e0ef2a441fbecb31f1cee18efb82c1e95a39f36a7e
1052e08af70e633116a4d9c07dee43a40772033c6374381c967cb496be81ad93
13acaa887dbd6ef4439b99487557d5d3d991ec57d58461e7485d16092f6667cf
1598ea08cda5d189aa63924c4666eabb317a5655c27104c92a5eed3bc95c12c9
21b6f9f75b9afad52abc2b6139f274e75b09a8ad025bd8e306cc454ba54f1db6
278c9f4b8fd66182a65c9571d08246a40e58b5a390de266ad2f0b089258cad93
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4aff37556e2cd14aa444e8a1f36c5a33914ea2a2588ade9859efbcb8e176e051
4e9a82e07ab305f84af8fa203f60ec71e69142bb89bd6fd200fcc6ce3d37bd48
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f67c6cfea019a5dccfd7a97ca95b475dfea0ab3576c0b6140f4c5f5e4baf004
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
53d0d333f90ed0798ce6bfdbd535169997f6fdae8ea0f8519d5ffa811a14c2b8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c081d7a660942f44a349c66e17b6464f76dad5d717d962d29a92e244892a370
5e5d1c1a6a3bf463c47aee99657f8ff9ac52c4fb4d9ca0365c301ff5d8b3ad3d
60213b75185ef3ebab637d66be08624fecbd58cf50cff6e653e901d88334a046
67c7d33b290e6a98ea44eb937ac03e93800c9d0576b1be1229bcaa8e0252ae3e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
7243dc6bcdd3c2e324fbc29c6e969e0a7504646b21045b4817556dd26fb20243
7c8d85bcff37a420c86e26eb8ae604fd13a4a81f89f671e5e44e05694db04027
7dbf39a373ae2fdd84f934915b710fcc69b17ab26c4054e3a8f15678799a49e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f92a743ce5684cc072ecc38014f6a54c3a4bdbe056a71f3a9db0cb52008e95
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
929fd9b62d2c6fec3bd1a14c394ebc58bfd7ebc24e78a7c83cb075acb703aa37
9fa7695ec257bc37375f612a0af9d62824f655678136dcfd261d66207baf8ed4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
abbc2629de69cc04fbe8877a17db1385137a65db1e887b17c8da76b174801897
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b552c9f2dfb5fabe3c49dfa90c87efa10e305a886fa3e128c3388aa0af5c5add
c8fcfadfca9c63e88967ce1fc0461253ac276675e6f9941c249f28bfa0bc03e5
d30db445af5d7b51a6433c18708b40e42b1185c1fae1922e89a76101d87bd7a2
d8d517059c12599921c80c6d1d1384689e8b6c5fab50c2c9d09dfa01956d5daf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecded18536426e30f5af01e39779ff4f66c52fd762ba75729188b80e37f7cfac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dfb1c8c86c4324c5fcae73b0ffb6528bf6a2bad42414276fa056bd0e8e6435
f3eedf80f3052829cda1c34719886ac29030a9801bda53b23df6a2d293c7bcf3
f500f3de3849491370523ee769606da68708ede8d408466f06aeb51f6f7dfdda
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
ffe3d22af0345d19ff83398a5a95f7a71f79b3169ba4b2eff59ddc025f766b94

www.onmeda.de Open in urlscan Pro 78.35.17.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

95 %HTTPS

31 %IPv6

31 Domains

40 Subdomains

26 IPs

9 Countries

854 kBTransfer

1967 kBSize

0 Cookies

14 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onmeda.de Open in urlscan Pro
78.35.17.134 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

95 %
HTTPS

31 %
IPv6

31
Domains

40
Subdomains

26
IPs

9
Countries

854 kB
Transfer

1967 kB
Size

0
Cookies

66 HTTP transactions
1 data transactions