urlscan.io logo urlscan.io
SecurityTrails logo

www.auskunft.de Open in urlscan Pro
195.201.46.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.google.com/url?rct=j&sa=t&url=http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html&ct=...
Effective URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c...
Submission: On September 05 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 20 domains to perform 44 HTTP transactions. The main IP is 195.201.46.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Trustico RSA DV CA on February 28th 2018. Valid for: 2 years.
This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 198.134.112.244 27257 (WEBAIR-IN...)
1 1 149.202.65.142 16276 (OVH)
1 78.140.165.10 35415 (WEBZILLA)
2 2 52.201.20.255 14618 (AMAZON-AES)
2 104.18.1.75 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 174.137.133.18 27257 (WEBAIR-IN...)
1 172.104.21.237 63949 (LINODE-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 35.171.104.39 14618 (AMAZON-AES)
10 195.201.46.48 24940 (HETZNER-AS)
1 143.204.214.67 16509 (AMAZON-02)
8 216.58.210.2 15169 (GOOGLE)
2 69.173.144.142 26667 (RUBICONPR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 91.215.100.39 43407 (INFONLINE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 91.215.103.65 43407 (INFONLINE-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.111.230.142 16625 (AKAMAI-AS)
44 19
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2606:4700:30::681c:344 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
agence-immobiliere-villefranche.fr
1    198.134.112.244 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
ladsblue.com
1    149.202.65.142 (France)

ASN16276 (OVH, FR)
PTR: 149-202-65-142.serverhub.ru
149.202.65.142
1    78.140.165.10 (Netherlands)

ASN35415 (WEBZILLA, NL)
mob1ledev1ces.com
2    52.201.20.255 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-201-20-255.compute-1.amazonaws.com
reroplittrewheck.pro
2    104.18.1.75 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
veletonjectof.pro
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    174.137.133.18 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.xbidflare.com
1    172.104.21.237 (Ladera Ranch, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1840-237.members.linode.com
clkn.adzopa.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    35.171.104.39 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-171-104-39.compute-1.amazonaws.com
usa.odysseus-nua.com
10    195.201.46.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.46.201.195.clients.your-server.de
www.auskunft.de
1    143.204.214.67 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-67.fra53.r.cloudfront.net
cdn-a.yieldlove.com
8    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
securepubads.g.doubleclick.net
2    69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
1    91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de
script.ioam.de
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    91.215.103.65 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de
de.ioam.de
5    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
pagead2.googlesyndication.com
1    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
Domain Requested by
10 www.auskunft.de clkn.adzopa.com
www.auskunft.de
8 securepubads.g.doubleclick.net www.auskunft.de
securepubads.g.doubleclick.net
www.google.com
www.googletagservices.com
4 www.googletagservices.com securepubads.g.doubleclick.net
2 de.ioam.de 1 redirects www.auskunft.de
2 adservice.google.de securepubads.g.doubleclick.net
www.googletagservices.com
2 www.google-analytics.com 1 redirects www.auskunft.de
2 fastlane.rubiconproject.com cdn-a.yieldlove.com
2 veletonjectof.pro mob1ledev1ces.com
veletonjectof.pro
2 reroplittrewheck.pro 2 redirects
1 eus.rubiconproject.com cdn-a.yieldlove.com
1 pagead2.googlesyndication.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.auskunft.de
1 script.ioam.de www.auskunft.de
1 adservice.google.com securepubads.g.doubleclick.net
1 cdn-a.yieldlove.com www.auskunft.de
1 usa.odysseus-nua.com 1 redirects
1 fonts.gstatic.com
1 clkn.adzopa.com veletonjectof.pro
1 xml.xbidflare.com 1 redirects
1 fonts.googleapis.com veletonjectof.pro
1 mob1ledev1ces.com www.google.com
1 ladsblue.com 1 redirects
1 agence-immobiliere-villefranche.fr 1 redirects
1 www.google.com
44 25

This site contains links to these domains. Also see Links.

Domain
android.auskunft.de
ios.auskunft.de
www.alpha9marketing.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-08-08 -
2020-08-07		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.auskunft.de
Trustico RSA DV CA		 2018-02-28 -
2019-09-16		 2 years crt.sh
cdn-a.yieldlove.com
Amazon		 2018-10-11 -
2019-11-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.ioam.de
COMODO RSA Organization Validation Secure Server CA		 2017-12-22 -
2020-12-21		 3 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Frame ID: F2053D0CFFA596D8492CA5CA077336F4
Requests: 33 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWsa6WCD64D3fkvWDCAZ_mGoSTYdOVv6r6hIcxbT26zh7eM6h9Dtx1f6bB3R3XUDH-OlkQ7AL6dFaPfHGbNObu1hmVDErnIjEy2yTySd0iSj2gkumTV15TUUXmxnMXwi3iGSwgIGWbppozWCL_eInOqaSxBl8A8NWqaZKCOzzo5yPojBskpHULZfVW5c4tMuERBZ1QnuWHXvpfO72AJN3q1VNmaWbsudnH5Mz3gCIRBTz79X10KcwruWLUBsxhbGSp9yCblQ9Yh8VKjvI7uTpIgT4&sai=AMfl-YQVOSfaD2GfmmCRiu1kfDjxmjnxo3TXkCNS8yn9WXk6Ge-knzP15JbyTaUCh0sHX1F8XWACPbn7XE_dr9gCmlxsKKYGIj8XNhsV0XtR&sig=Cg0ArKJSzBT0RaMIJOx1EAE&urlfix=1&adurl=
Frame ID: 64EA350FBF51BEA82D84E6F7DF4529B9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: 0D9A85ACCDFBB4799C5F53DEA5C09312
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A3538F05747790C45038EC39D6C0AC60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.google.com/url?rct=j&sa=t&url=http://agence-immobiliere-villefranche.fr/does-uber-eats-... Page URL
  2. http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html HTTP 302
    https://ladsblue.com/rubpf4qr?key=356544da9066c05a7f4a580d11b93717 HTTP 302
    http://149.202.65.142/6SQ1p72g HTTP 302
    http://mob1ledev1ces.com/r/?token=a9d91ead6744d1c12e98c5e97ac49fc83702ec77&q=&keyword= Page URL
  3. https://reroplittrewheck.pro/redirect?tid=754576&subid=24717&puid=AC3FcF2NYAAAV-cBAERFNAASAAE5LBQA&utm_so... HTTP 302
    https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a... Page URL
  4. https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=24717 HTTP 302
    https://xml.xbidflare.com/click?i=mXQn6Sj*Jqs_0 HTTP 302
    http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts Page URL
  5. http://usa.odysseus-nua.com/zcvisitor/f2e3b3f2-cfb5-11e9-bf6c-0ad7773e5ecc?campaignid=d3ec2b00-5008-11e7... HTTP 302
    https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /gws/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

44
Requests

91 %
HTTPS

38 %
IPv6

20
Domains

25
Subdomains

19
IPs

5
Countries

855 kB
Transfer

2070 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.google.com/url?rct=j&sa=t&url=http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html&ct=ga&cd=CAEYBioUMTM4MTY1NTUwMzM2ODAwMTI1NTYyGjMzZGJjNGMxMzdlYmQwODM6Y29tOmVuOlVT&usg=AFQjCNHoDiCRr6ZDQFhcUq9n5Qu_upUuAQ Page URL
  2. http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html HTTP 302
    https://ladsblue.com/rubpf4qr?key=356544da9066c05a7f4a580d11b93717 HTTP 302
    http://149.202.65.142/6SQ1p72g HTTP 302
    http://mob1ledev1ces.com/r/?token=a9d91ead6744d1c12e98c5e97ac49fc83702ec77&q=&keyword= Page URL
  3. https://reroplittrewheck.pro/redirect?tid=754576&subid=24717&puid=AC3FcF2NYAAAV-cBAERFNAASAAE5LBQA&utm_source=30532d69d916258a&utm_term= HTTP 302
    https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7 Page URL
  4. https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=24717 HTTP 302
    https://xml.xbidflare.com/click?i=mXQn6Sj*Jqs_0 HTTP 302
    http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts Page URL
  5. http://usa.odysseus-nua.com/zcvisitor/f2e3b3f2-cfb5-11e9-bf6c-0ad7773e5ecc?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698 HTTP 302
    https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html HTTP 302
  • https://ladsblue.com/rubpf4qr?key=356544da9066c05a7f4a580d11b93717 HTTP 302
  • http://149.202.65.142/6SQ1p72g HTTP 302
  • http://mob1ledev1ces.com/r/?token=a9d91ead6744d1c12e98c5e97ac49fc83702ec77&q=&keyword=
Request Chain 2
  • https://reroplittrewheck.pro/redirect?tid=754576&subid=24717&puid=AC3FcF2NYAAAV-cBAERFNAASAAE5LBQA&utm_source=30532d69d916258a&utm_term= HTTP 302
  • https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
Request Chain 5
  • https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=24717 HTTP 302
  • https://xml.xbidflare.com/click?i=mXQn6Sj*Jqs_0 HTTP 302
  • http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts
Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1069648208&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f&dr=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick%3Fi%3D37CO3vSX2chts&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=442967509&gjid=1427174881&cid=1526390654.1567671600&tid=UA-77541742-2&_gid=1299488793.1567671600&_r=1&z=424067412 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1526390654.1567671600&jid=442967509&_gid=1299488793.1567671600&gjid=1427174881&_v=j79&z=424067412
Request Chain 26
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=clkn.adzopa.com&r2=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick.i.37CO3vSX2chts&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=000d&i2=000d2b23fb6962cc85d70c52f&ep=1589758841&vr=415&id=sxnjyl&i3=nocookie&n1=3&dntt=0&lt=1567671599806&ev=&cs=bmn516&mo=1 HTTP 302
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=clkn.adzopa.com&r2=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick.i.37CO3vSX2chts&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=000d&i2=000d2b23fb6962cc85d70c52f&ep=1589758841&vr=415&id=sxnjyl&i3=nocookie&n1=3&dntt=0&lt=1567671599806&ev=&cs=bmn516&mo=1&sr=71

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url
www.google.com/ 		1 KB
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?rct=j&sa=t&url=http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html&ct=ga&cd=CAEYBioUMTM4MTY1NTUwMzM2ODAwMTI1NTYyGjMzZGJjNGMxMzdlYmQwODM6Y29tOmVuOlVT&usg=AFQjCNHoDiCRr6ZDQFhcUq9n5Qu_upUuAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/url?rct=j&sa=t&url=http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html&ct=ga&cd=CAEYBioUMTM4MTY1NTUwMzM2ODAwMTI1NTYyGjMzZGJjNGMxMzdlYmQwODM6Y29tOmVuOlVT&usg=AFQjCNHoDiCRr6ZDQFhcUq9n5Qu_upUuAQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 05 Sep 2019 08:19:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
516
x-xss-protection
0
set-cookie
NID=188=MZ4K5iG2U1xhd5EFa0gWpevlZophKm5PxLEIhlK67LdQGiOKAtftG2Me3sPhNuXc7rEqI_Rm96ynsNWWC7j480NFSe-VsozsNv6q8CMaehFlzhm1yZLQroI4MjhtpaIGVEF_qj4xl1RxWoI3Yd-z8lye67_m0DeBRDteuuYWep0; expires=Fri, 06-Mar-2020 08:19:56 GMT; path=/; domain=.google.com; HttpOnly CONSENT=WP.27de31; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
Cookie set /
mob1ledev1ces.com/r/
Redirect Chain
  • http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html
  • https://ladsblue.com/rubpf4qr?key=356544da9066c05a7f4a580d11b93717
  • http://149.202.65.142/6SQ1p72g
  • http://mob1ledev1ces.com/r/?token=a9d91ead6744d1c12e98c5e97ac49fc83702ec77&q=&keyword=
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mob1ledev1ces.com/r/?token=a9d91ead6744d1c12e98c5e97ac49fc83702ec77&q=&keyword=
Requested by
Host: www.google.com
URL: https://www.google.com/url?rct=j&sa=t&url=http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html&ct=ga&cd=CAEYBioUMTM4MTY1NTUwMzM2ODAwMTI1NTYyGjMzZGJjNGMxMzdlYmQwODM6Y29tOmVuOlVT&usg=AFQjCNHoDiCRr6ZDQFhcUq9n5Qu_upUuAQ
Protocol
HTTP/1.1
Server
78.140.165.10 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
c7a8435639141d8fc3ada9a80f49a3b737a63c10c0cbba91a93db59230036633

Request headers

Host
mob1ledev1ces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.google.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.google.com/

Response headers

Server
nginx/1.14.0
Date
Thu, 05 Sep 2019 08:19:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
bd_context=AAXXlWKaFOeiTaslEc0rV5QzawAO3/WSK47RgDSyV46V5rvjEui50Fo6F+7L8axSxx9SIgI7MBRlScekjAjHAtEFveBOMMc99DaaSDP/gbMjqJhoH0TTPT8hVUNbE3jNCfhuspyTjat2uKI/i+o8cuaTHyx/r/TD+Dao3xijGGk9L/BlAWua/28cQ+1qTytSozuiP1cVVL6hDapF7jdEkrxiKdYwuPW/wkZy5EqLH6jQidpFICAt5NNGY06i1oas1XIFO9QanlFNaL981aVM9TP8LCPOS2Vrad2KCntuABQHFHXoJMptvvadzHikfLVk0buG9H38t8Zo; Expires=Sat, 05 Sep 2020 08:19:57 GMT

Redirect headers

Server
nginx
Date
Thu, 05 Sep 2019 08:20:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Thu, 05 Sep 2019 08:20:30 GMT
Location
http://mob1ledev1ces.com/r/?token=a9d91ead6744d1c12e98c5e97ac49fc83702ec77&q=&keyword=
Pragma
no-cache
Set-Cookie
_subid=q4iccade1bgbt1atsdfmv;Expires=Sunday, 06-Oct-2019 08:20:30 GMT;Max-Age=2678400;Path=/ 2a2af=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjc0XCI6MTU2NzY3MTYzMH0sXCJjYW1wYWlnbnNcIjp7XCIyNVwiOjE1Njc2NzE2MzB9LFwidGltZVwiOjE1Njc2NzE2MzB9In0.UgapSQ5govg_a9ZcqfFGeCGwF1i3_GxBJrOgy981Rso;Expires=Sunday, 06-Oct-2019 08:20:30 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options
nosniff
XIDY
veletonjectof.pro/
Redirect Chain
  • https://reroplittrewheck.pro/redirect?tid=754576&subid=24717&puid=AC3FcF2NYAAAV-cBAERFNAASAAE5LBQA&utm_source=30532d69d916258a&utm_term=
  • https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=r...
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
Requested by
Host: mob1ledev1ces.com
URL: http://mob1ledev1ces.com/r/?token=a9d91ead6744d1c12e98c5e97ac49fc83702ec77&q=&keyword=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
05e7dbfdf84446b21030158c17a0ddf8b61389c89ae0be55199c8a8cf5956db1

Request headers

:method
GET
:authority
veletonjectof.pro
:scheme
https
:path
/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://mob1ledev1ces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://mob1ledev1ces.com/

Response headers

status
200
date
Thu, 05 Sep 2019 08:19:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dacbdd98182305931f6d62608ab3606571567671597; expires=Fri, 04-Sep-20 08:19:57 GMT; path=/; domain=.veletonjectof.pro; HttpOnly; Secure
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET, POST
access-control-allow-headers
X-Requested-With,content-type
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5116c7fec8d1bf0f-FRA
content-encoding
br

Redirect headers

status
302
date
Thu, 05 Sep 2019 08:19:57 GMT
content-type
text/plain
content-length
0
location
https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=6bc9a30f-5c05-41fa-88d7-75e65802d516 fv=rjk7qHg6rjk4qGEFqjg6qTCFqjU6vdw=; Expires=Fri, 04 Sep 2020 08:19:57 GMT; Max-Age=31536000; Domain=.reroplittrewheck.pro; Path=/; Version=1
dlp
veletonjectof.pro/ 		58 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://veletonjectof.pro/dlp?st=1&lp=stanley
Requested by
Host: veletonjectof.pro
URL: https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f334775b2fb50d46791f4ea20b41ed5ffd859c5a9d4a7edfcd4158ce139da9f0

Request headers

Sec-Fetch-Mode
cors
Referer
https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:19:58 GMT
content-encoding
br
server
cloudflare
status
200
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
5116c7ffca41bf0f-FRA
access-control-allow-headers
X-Requested-With,content-type
css
fonts.googleapis.com/ 		2 KB
581 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: veletonjectof.pro
URL: https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 05 Sep 2019 08:19:58 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 05 Sep 2019 08:19:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:19:58 GMT
click
clkn.adzopa.com/nc/1567671608/
Redirect Chain
  • https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=24717
  • https://xml.xbidflare.com/click?i=mXQn6Sj*Jqs_0
  • http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts
392 B
925 B 		Document
General
Check archive.org
Download Go to
Full URL
http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts
Requested by
Host: veletonjectof.pro
URL: https://veletonjectof.pro/XIDY?tag_id=754576&sub_id1=24717&sub_id2=7400677260228677924&cookie_id=6bc9a30f-5c05-41fa-88d7-75e65802d516&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3D24717&hop=7
Protocol
HTTP/1.1
Server
172.104.21.237 Ladera Ranch, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1840-237.members.linode.com
Software
nginx/1.14.2 / Express
Resource Hash
fbec1fb683ed02897fe644233af4249d7dbeb6fe618404b2bf0ed24fd9a0d5ba

Request headers

Host
clkn.adzopa.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Server
nginx/1.14.2
Date
Thu, 05 Sep 2019 08:21:13 GMT
Content-Type
text/html; charset=utf-8
Content-Length
392
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Authorization
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Cache-Control
private, no-cache, no-store, must-revalidate
Expires
-1
Pragma
no-cache
ETag
W/"188-H3tpcMf/X8B+7twJI8iu4fyRO+8"

Redirect headers

Server
nginx
Date
Thu, 05 Sep 2019 08:19:58 GMT
Content-Length
0
Connection
close
Location
http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto
Origin
https://veletonjectof.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 20:33:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
733600
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11016
x-xss-protection
0
expires
Wed, 26 Aug 2020 20:33:18 GMT
Primary Request /
www.auskunft.de/
Redirect Chain
  • http://usa.odysseus-nua.com/zcvisitor/f2e3b3f2-cfb5-11e9-bf6c-0ad7773e5ecc?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698
  • https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Requested by
Host: clkn.adzopa.com
URL: http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
f59709a41dcb37fa3509ed0285820448883c061a63e44a9a5a214fc1c772652c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
www.auskunft.de
:scheme
https
:path
/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://clkn.adzopa.com/nc/1567671608/click?i=37CO3vSX2chts

Response headers

status
200
server
nginx
date
Thu, 05 Sep 2019 08:19:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
AUSKUNFT_SESSION=f6jde3ukuh7djh4najq6qhh26u; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=2592000
content-encoding
gzip

Redirect headers

Date
Thu, 05 Sep 2019 08:19:59 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Server
ZeroPark-Traffic
main.cab7ebf482db77509e0e.css
www.auskunft.de/assets/bundles/ 		341 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main.cab7ebf482db77509e0e.css
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
68259fdbc2249053d40645d785f8e106f1ebd05c9145ba36d1aefbad440ceeda
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
last-modified
Mon, 02 Sep 2019 08:42:15 GMT
server
nginx
etag
W/"5d6cd5e7-552c0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sat, 05 Oct 2019 08:19:59 GMT
yieldlove-bidder.js
cdn-a.yieldlove.com/ 		260 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.67 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-67.fra53.r.cloudfront.net
Software
/ Express
Resource Hash
f98a2f9178a2054fc675ad00f543ba42a035108b97ccf9fc7015834c3c4f6a3d

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 06:28:54 GMT
content-encoding
gzip
age
6665
status
200
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ool_42A0GGuvIVf0ai6rJL9T2tlIkgmgrB2ONxAbbqF8rCiG73LDHQ==
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
f4ce67688b22d141487d3064c9e540ec1626002af53a3ba58fcee3e622445f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"269 / 142 of 1000 / last-modified: 1567440284"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
12518
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:19:59 GMT
auskunft_de_logo.webp
www.auskunft.de/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
last-modified
Fri, 21 Jul 2017 08:52:49 GMT
server
nginx
etag
"5971c0e1-4ee"
strict-transport-security
max-age=2592000
content-type
image/webp
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1262
expires
Sat, 05 Oct 2019 08:19:59 GMT
jquery.min.js
www.auskunft.de/assets/static/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/static/jquery.min.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
last-modified
Mon, 02 Sep 2019 08:42:15 GMT
server
nginx
etag
W/"5d6cd5e7-15851"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sat, 05 Oct 2019 08:19:59 GMT
main.d94e3aa27f53759bdce8.js
www.auskunft.de/assets/bundles/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main.d94e3aa27f53759bdce8.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
f9dce88205c2656bec9af40cc41f69cf4fc733047983dae6ccdd3477c51ba5e0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
last-modified
Mon, 02 Sep 2019 08:42:15 GMT
server
nginx
etag
W/"5d6cd5e7-1704a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sat, 05 Oct 2019 08:19:59 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		237 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348702&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f&tk_flint=pbjs_lite_v2.24.0&x_source.tid=45188676-2310-4327-b6b8-d4046d2dd7b4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.003074428956508113
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
01565e230803bd1d1bbe24cc29800ed6af8bae2dbaf85a5c465aac6b89eaa05e

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Sep 2019 08:19:59 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=18
Content-Length
237
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348688&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f&tk_flint=pbjs_lite_v2.24.0&x_source.tid=e2fac53f-b6fc-444f-a922-10c35db133ef&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8606477083505946
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
2327085f8921f26a7916368283fc2cf3e719b3f3209974f67cdd3130797fbb36

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Sep 2019 08:19:59 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=61
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
analytics.js
www.google-analytics.com/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5786
date
Thu, 05 Sep 2019 06:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Thu, 05 Sep 2019 08:43:33 GMT
background
www.auskunft.de/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/background
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2019 08:19:59 GMT
server
nginx
strict-transport-security
max-age=2592000
content-type
image/jpeg
status
200
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
auskunft.52a08a88453921abda3fac6930b20ccd.woff2
www.auskunft.de/assets/bundles/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/auskunft.52a08a88453921abda3fac6930b20ccd.woff2
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
8b8387f49828cc88bae916ee99f4e2a8cf97782645940cf408bd2c7943784b28
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.auskunft.de/assets/bundles/main.cab7ebf482db77509e0e.css
Origin
https://www.auskunft.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
last-modified
Mon, 02 Sep 2019 08:42:15 GMT
server
nginx
status
200
etag
"5d6cd5e7-335c"
strict-transport-security
max-age=2592000
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
13148
expires
Sat, 05 Oct 2019 08:19:59 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019082701.js
securepubads.g.doubleclick.net/gpt/ 		158 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
d1d597a740d4b09db2d6491af33397944f7dddc5d7e21d95cb33066f2e747ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2019 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
59715
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:19:59 GMT
iam.js
script.ioam.de/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script4.ioam.de
Software
nginx / BLACKBIRD-SRC v0.10 000d
Resource Hash
70dfe504b6a1e8f3ab79241777fe7bf777cb3700ab6868f191496469f50618c5

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 08:19:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 08:19:59 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.10 000d
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Thu, 05 Sep 2019 10:19:59 GMT
vendors~app.bf8e9d2a3deeda2165a5.js
www.auskunft.de/assets/bundles/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/vendors~app.bf8e9d2a3deeda2165a5.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.d94e3aa27f53759bdce8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
92d1de54c50ab908ce8c5147106b377bcc555451c3a2236975cda36aafbabacc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
last-modified
Mon, 02 Sep 2019 08:42:15 GMT
server
nginx
etag
W/"5d6cd5e7-a92c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sat, 05 Oct 2019 08:19:59 GMT
app.365fb161e27780bf585d.js
www.auskunft.de/assets/bundles/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/app.365fb161e27780bf585d.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.d94e3aa27f53759bdce8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
952c3c185db9ceec649bf13d1c9bda495e4d74ca121a72fb52ba45aa5fe71390
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
last-modified
Mon, 02 Sep 2019 08:42:15 GMT
server
nginx
etag
W/"5d6cd5e7-bbc0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sat, 05 Oct 2019 08:19:59 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1069648208&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95b...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1526390654.1567671600&jid=442967509&_gid=1299488793.1567671600&gjid=1427174881&_v=j79&z=424067412
35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1526390654.1567671600&jid=442967509&_gid=1299488793.1567671600&gjid=1427174881&_v=j79&z=424067412
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 05 Sep 2019 08:19:59 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Sep 2019 08:19:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1526390654.1567671600&jid=442967509&_gid=1299488793.1567671600&gjid=1427174881&_v=j79&z=424067412
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=clkn.adzopa.com&r2=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick.i.37CO3vSX2chts&ur=ww...
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=clkn.adzopa.com&r2=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick.i.37CO3vSX2chts&ur=ww...
0
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=clkn.adzopa.com&r2=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick.i.37CO3vSX2chts&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=000d&i2=000d2b23fb6962cc85d70c52f&ep=1589758841&vr=415&id=sxnjyl&i3=nocookie&n1=3&dntt=0&lt=1567671599806&ev=&cs=bmn516&mo=1&sr=71
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
de3.ioam.de
Software
nginx / BLACKBIRD-RCV v1.05.0 0034
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 08:19:59 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.05.0 0034
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Thu, 05 Sep 2019 08:19:59 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.05.0 0034
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Thu, 05 Sep 2019 08:19:59 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=clkn.adzopa.com&r2=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick.i.37CO3vSX2chts&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=000d&i2=000d2b23fb6962cc85d70c52f&ep=1589758841&vr=415&id=sxnjyl&i3=nocookie&n1=3&dntt=0&lt=1567671599806&ev=&cs=bmn516&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Wed, 05 Sep 2018 08:19:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2754027049041503&correlator=1537052059191068&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=21061864%2C21063635%2C21063967%2C21064170%2C21064371&vrg=2019082701&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190905&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1567671599&dt=1567671599863&dlt=1567671599457&idt=354&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=728&adks=3358614790&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f&ref=http%3A%2F%2Fclkn.adzopa.com%2Fnc%2F1567671608%2Fclick%3Fi%3D37CO3vSX2chts&dssz=23&icsg=175055&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&blev=1&bisch=1&ga_vid=1713042126.1567671600&ga_sid=1567671600&ga_hid=1069648208&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6ea7fd9273cb379ca4b596eb9edba7ef6a71d7bc5039443f8f609d4413b5c3f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
2173
x-xss-protection
0
google-lineitem-id
5111110714
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275073032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019082701.js
securepubads.g.doubleclick.net/gpt/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
062aef80c07aa0f3d7ccffd31c292c44754798f065a72d6f21b00370e83811b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2019 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
25316
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:19:59 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0
searchbar-handle-sort.adc548fa39b9bc82b346.js
www.auskunft.de/assets/bundles/ 		963 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/searchbar-handle-sort.adc548fa39b9bc82b346.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.d94e3aa27f53759bdce8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
79ecd978494b19655a44667177f199d7b5fd7ed3b61efc635381bf509880cec5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Sep 2019 08:19:59 GMT
content-encoding
gzip
last-modified
Mon, 02 Sep 2019 08:42:15 GMT
server
nginx
etag
W/"5d6cd5e7-3c3"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sat, 05 Oct 2019 08:19:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 64EA 		0
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWsa6WCD64D3fkvWDCAZ_mGoSTYdOVv6r6hIcxbT26zh7eM6h9Dtx1f6bB3R3XUDH-OlkQ7AL6dFaPfHGbNObu1hmVDErnIjEy2yTySd0iSj2gkumTV15TUUXmxnMXwi3iGSwgIGWbppozWCL_eInOqaSxBl8A8NWqaZKCOzzo5yPojBskpHULZfVW5c4tMuERBZ1QnuWHXvpfO72AJN3q1VNmaWbsudnH5Mz3gCIRBTz79X10KcwruWLUBsxhbGSp9yCblQ9Yh8VKjvI7uTpIgT4&sai=AMfl-YQVOSfaD2GfmmCRiu1kfDjxmjnxo3TXkCNS8yn9WXk6Ge-knzP15JbyTaUCh0sHX1F8XWACPbn7XE_dr9gCmlxsKKYGIj8XNhsV0XtR&sig=Cg0ArKJSzBT0RaMIJOx1EAE&urlfix=1&adurl=
Requested by
Host: www.google.com
URL: https://www.google.com/url?rct=j&sa=t&url=http://agence-immobiliere-villefranche.fr/does-uber-eats-hire-felons.html&ct=ga&cd=CAEYBioUMTM4MTY1NTUwMzM2ODAwMTI1NTYyGjMzZGJjNGMxMzdlYmQwODM6Y29tOmVuOlVT&usg=AFQjCNHoDiCRr6ZDQFhcUq9n5Qu_upUuAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Sep 2019 08:20:00 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:20:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 64EA 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cba1d82b59706604d0ea6473115c15082ef5b626b49c3a295973b59b006656d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"269 / 439 of 1000 / last-modified: 1567440307"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
12523
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:20:00 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 64EA 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fa5aad043be6924981d5d8b2041376073fa1f630c77a1b327f153e56ab91d965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1567595695661868"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28589
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:20:00 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7b50f00b4ec8c413fdfcf5ccb596f9ae3f47f776ae7fd913eab6cdda0e1543e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1567595695661868"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28441
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:20:00 GMT
pubads_impl_2019082901.js
securepubads.g.doubleclick.net/gpt/ Frame 64EA 		158 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Aug 2019 13:06:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
59716
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:20:00 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame 64EA 		113 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
108
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 64EA 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2067480534004759&correlator=792050011629432&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064529%2C21063967&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190905&iu=%2F53015287%2Fauskunft.de_d_728x90_1_dc&sz=728x90&eri=2&cookie=ID%3D6258c54a96fd6b43%3AT%3D1567671599%3AS%3DALNI_MZ7ZCWYnRiWl1vH88Fno49ifDi8oA&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1567671600&dt=1567671600339&dlt=1567671600254&idt=73&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=728&adk=3040953405&uci=jf8tzow5gnnv&ifi=1&ifk=2332231582&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrf2e3b3f2cfb511e9bf6c0ad7773e5ecce95be40b18594cf1ae85e7125fd472e9041000c049a052357f&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=408370055.1567671600&ga_sid=1567671600&ga_hid=1069203718&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b69205673c43b1ed41480de20ec7612c57e104d93e5d5994511cb41e5bbd84f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
8284
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019082901.js
securepubads.g.doubleclick.net/gpt/ Frame 64EA 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Aug 2019 13:06:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
25315
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:20:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 64EA 		0
0
truncated
/ Frame 64EA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a85800d6420b736f4acde3abd44ca4e926d0ddd2bcaa2540cb6b972a02858ba

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 0D9A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-35/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3491
date
Thu, 05 Sep 2019 05:25:37 GMT
expires
Fri, 04 Sep 2020 05:25:37 GMT
last-modified
Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
10463
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 64EA 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7b50f00b4ec8c413fdfcf5ccb596f9ae3f47f776ae7fd913eab6cdda0e1543e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 08:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1567595695661868"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28441
x-xss-protection
0
expires
Thu, 05 Sep 2019 08:20:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 64EA 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudU1CkWcflTTS-SINPoWSeLeElKOTpVkk1VHwfAjBminiSl74cUbAm6K4wXROlgix7hIwOzRECZVYfOnvQqxpy-_pbC7bW0pbSUcabPDE&sig=Cg0ArKJSzGS06NlY6JY7EAE&adk=3358614790&tt=1108&bs=1585%2C1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&p=728,428.5,818,1156.5&sbeos=0&mcvt=1007&rs=3&ht=0&tfs=111&tls=1118&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=7&niot_cbk=18&md=2&rst=1567671600256&rpt=104&isd=0&msd=0&lm=2&phel=0&phell=0&oseid=3&xdi=0&ps=1585%2C1813&ss=1600%2C1200&pt=11&bin=1&deb=1-1-1-5-12-12-13-11-0-0-0&tvt=1111&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190904
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2019 08:20:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A353 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 29 Aug 2019 21:52:12 GMT
Content-Encoding
gzip
Content-Length
7658
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63540
Expires
Fri, 06 Sep 2019 01:59:03 GMT
Date
Thu, 05 Sep 2019 08:20:03 GMT
Connection
keep-alive
Vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| yieldlove_site_id object| yieldlove_site_settings object| googletag object| YLHH object| __core-js_shared__ object| core object| yieldlove_cmd object| pbjsYLHH function| pbjsYLHHChunk object| stroeerCore object| body string| highresImage object| highresImageLoader string| gaProperty string| disableStr function| gaOptout function| bgLoadSuccess function| bgLoadFailed string| GoogleAnalyticsObject function| ga object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| $ function| jQuery object| webpackJsonp object| regeneratorRuntime object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| szmvars object| iom undefined| google_measure_js_timing boolean| google_DisableInitialLoad boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state object| auskunft function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
agence-immobiliere-villefranche.fr
cdn-a.yieldlove.com
clkn.adzopa.com
de.ioam.de
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ladsblue.com
mob1ledev1ces.com
pagead2.googlesyndication.com
reroplittrewheck.pro
script.ioam.de
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
usa.odysseus-nua.com
veletonjectof.pro
www.auskunft.de
www.google-analytics.com
www.google.com
www.googletagservices.com
xml.xbidflare.com
tpc.googlesyndication.com
104.111.230.142
104.18.1.75
143.204.214.67
149.202.65.142
172.104.21.237
174.137.133.18
195.201.46.48
198.134.112.244
216.58.210.2
2606:4700:30::681c:344
2a00:1450:4001:809::200a
2a00:1450:4001:818::2002
2a00:1450:4001:819::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:821::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9b
35.171.104.39
52.201.20.255
69.173.144.142
78.140.165.10
91.215.100.39
91.215.103.65
01565e230803bd1d1bbe24cc29800ed6af8bae2dbaf85a5c465aac6b89eaa05e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
05e7dbfdf84446b21030158c17a0ddf8b61389c89ae0be55199c8a8cf5956db1
062aef80c07aa0f3d7ccffd31c292c44754798f065a72d6f21b00370e83811b4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2327085f8921f26a7916368283fc2cf3e719b3f3209974f67cdd3130797fbb36
68259fdbc2249053d40645d785f8e106f1ebd05c9145ba36d1aefbad440ceeda
6ea7fd9273cb379ca4b596eb9edba7ef6a71d7bc5039443f8f609d4413b5c3f5
70dfe504b6a1e8f3ab79241777fe7bf777cb3700ab6868f191496469f50618c5
79ecd978494b19655a44667177f199d7b5fd7ed3b61efc635381bf509880cec5
7b50f00b4ec8c413fdfcf5ccb596f9ae3f47f776ae7fd913eab6cdda0e1543e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4
8b8387f49828cc88bae916ee99f4e2a8cf97782645940cf408bd2c7943784b28
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
92d1de54c50ab908ce8c5147106b377bcc555451c3a2236975cda36aafbabacc
952c3c185db9ceec649bf13d1c9bda495e4d74ca121a72fb52ba45aa5fe71390
9a85800d6420b736f4acde3abd44ca4e926d0ddd2bcaa2540cb6b972a02858ba
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
b69205673c43b1ed41480de20ec7612c57e104d93e5d5994511cb41e5bbd84f8
c7a8435639141d8fc3ada9a80f49a3b737a63c10c0cbba91a93db59230036633
cba1d82b59706604d0ea6473115c15082ef5b626b49c3a295973b59b006656d8
d1d597a740d4b09db2d6491af33397944f7dddc5d7e21d95cb33066f2e747ca8
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f334775b2fb50d46791f4ea20b41ed5ffd859c5a9d4a7edfcd4158ce139da9f0
f4ce67688b22d141487d3064c9e540ec1626002af53a3ba58fcee3e622445f10
f59709a41dcb37fa3509ed0285820448883c061a63e44a9a5a214fc1c772652c
f98a2f9178a2054fc675ad00f543ba42a035108b97ccf9fc7015834c3c4f6a3d
f9dce88205c2656bec9af40cc41f69cf4fc733047983dae6ccdd3477c51ba5e0
fa5aad043be6924981d5d8b2041376073fa1f630c77a1b327f153e56ab91d965
fbec1fb683ed02897fe644233af4249d7dbeb6fe618404b2bf0ed24fd9a0d5ba