auth.ayoa.com Open in urlscan Pro
34.107.152.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e.ayoa.com/track/click/30041437/account.ayoa.com?p=eyJzIjoiSUtJblhXaHFVUG%20xnUk4yXzJvLUtoT29uekVrIiwidiI6M...
Effective URL:
https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_...
Submission: On January 24 via manual (January 24th 2022, 6:57:37 pm UTC) from IN — Scanned from DE

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 21 domains to perform 53 HTTP transactions. The main IP is 34.107.152.176, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is auth.ayoa.com.
TLS certificate: Issued by GTS CA 1D4 on December 3rd 2021. Valid for: 3 months.

This is the only time auth.ayoa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.253.241.177 34.253.241.177	16509 (AMAZON-02) (AMAZON-02)
1 9	34.107.152.176 34.107.152.176	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:7a00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	184.87.212.200 184.87.212.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:236... 2600:9000:236e:4800:d:87ae:bb80:21	16509 (AMAZON-02) (AMAZON-02)
2	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
4	138.197.61.175 138.197.61.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	138.197.155.84 138.197.155.84	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
53	28

1 34.253.241.177 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-241-177.eu-west-1.compute.amazonaws.com

e.ayoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.107.152.176 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 176.152.107.34.bc.googleusercontent.com

account.ayoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.ayoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:7a00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.87.212.200 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-200.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

files1.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:4800:d:87ae:bb80:21 (United States)

ASN16509 (AMAZON-02, US)

d2rp1k1dldbai6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.197.61.175 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

app.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.155.84 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prd-usage-1.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ayoa.com 2 redirects e.ayoa.com account.ayoa.com auth.ayoa.com	713 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	337 KB
5	cybba.solutions files1.cybba.solutions — Cisco Umbrella Rank: 32860 app.cybba.solutions — Cisco Umbrella Rank: 32778	31 KB
4	clarity.ms 1 redirects e.clarity.ms — Cisco Umbrella Rank: 2242 c.clarity.ms — Cisco Umbrella Rank: 917	23 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2577	38 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 385 c.bing.com — Cisco Umbrella Rank: 273	12 KB
3	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 565 ib.adnxs.com — Cisco Umbrella Rank: 241	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	386 B
2	google.de www.google.de — Cisco Umbrella Rank: 5557	611 B
2	google.com www.google.com — Cisco Umbrella Rank: 13	611 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	trackjs.com cdn.trackjs.com — Cisco Umbrella Rank: 14955 usage.trackjs.com — Cisco Umbrella Rank: 3632	10 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6473	425 B
1	cloudfront.net d2rp1k1dldbai6.cloudfront.net	19 KB
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 19071	3 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4559	11 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	68 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
53	21

	Domain	Requested by
8	auth.ayoa.com	auth.ayoa.com
4	app.cybba.solutions	files1.cybba.solutions
4	www.gstatic.com	www.recaptcha.net www.gstatic.com
4	www.recaptcha.net	www.googletagmanager.com www.gstatic.com www.recaptcha.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com auth.ayoa.com
2	ib.adnxs.com	auth.ayoa.com cdn.trackjs.com
2	fonts.gstatic.com	www.recaptcha.net
2	c.clarity.ms	1 redirects auth.ayoa.com
2	e.clarity.ms	bat.bing.com cdn.trackjs.com
2	www.facebook.com	auth.ayoa.com
2	www.google.de	auth.ayoa.com
2	www.google.com	auth.ayoa.com
2	connect.facebook.net	auth.ayoa.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com cdn.trackjs.com
1	usage.trackjs.com
1	pro.ip-api.com	cdn.trackjs.com
1	d2rp1k1dldbai6.cloudfront.net	www.rtb123.com
1	files1.cybba.solutions	www.rtb123.com
1	acdn.adnxs.com	www.rtb123.com
1	stats.g.doubleclick.net	cdn.trackjs.com
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.rtb123.com	www.dwin1.com
1	www.dwin1.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	auth.ayoa.com
1	cdn.trackjs.com	auth.ayoa.com
1	fonts.googleapis.com	auth.ayoa.com
1	account.ayoa.com	1 redirects
1	e.ayoa.com	1 redirects
53	30

This site contains links to these domains. Also see Links.

Domain
policies.google.com
opengenius.com

Subject Issuer	Validity	Valid
account.ayoa.com GTS CA 1D4	`2021-12-03` - `2022-03-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.trackjs.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-11` - `2022-08-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-03` - `2022-02-01`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-09` - `2022-02-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
files1.cybba.solutions R3	`2022-01-24` - `2022-04-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.cybba.solutions Sectigo RSA Domain Validation Secure Server CA	`2021-06-15` - `2022-07-16`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
Frame ID: 3412BB42156838649401D39F56A2123A
Requests: 46 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF&co=aHR0cHM6Ly9hdXRoLmF5b2EuY29tOjQ0Mw..&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=du7pimu06xe9
Frame ID: 28E3832F0F983220D6D8ADABD7FF2CEA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ayoa Authentication

Page URL History Show full URLs

http://e.ayoa.com/track/click/30041437/account.ayoa.com?p=eyJzIjoiSUtJblhXaHFVUG%20xnUk4yXzJvL... HTTP 302
https://account.ayoa.com/subscription/?utm_source=mail-chimp&utm_medium=email&utm_campaign=20220119_A... HTTP 302
https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source... Page URL

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

53
Requests

98 %
HTTPS

54 %
IPv6

21
Domains

30
Subdomains

28
IPs

7
Countries

1463 kB
Transfer

4380 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://opengenius.com/
Title: by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e.ayoa.com/track/click/30041437/account.ayoa.com?p=eyJzIjoiSUtJblhXaHFVUG%20xnUk4yXzJvLUtoT29uekVrIiwidiI6MSwicCI6IntcInVcIjozMDA0MTQzNyxcInZcIjoxLFwidXJsXC%20I6XCJodHRwczpcXFwvXFxcL2FjY291bnQuYXlvYS5jb21cXFwvc3Vic2NyaXB0aW9uXFxcLz91dG1fc2%2091cmNlPW1haWwtY2hpbXAmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249MjAyMjAxMTlfQVlPX0%20NOVl9FTl9VVV9VVVVfVVVVX09GRl9DbG9zdXJlLW9mLWZyZWUtdG8tdW5zdWJzXCIsXCJpZFwiOlwiOW%20E0ZTUyZTZlNmZhNDJjNzgxNDRhNTM2MmJkNDBlYWZcIixcInVybF9pZHNcIjpbXCI5M2Y3ZGViZTliNm%20M3N2M3ZGQwMDI5YjBkMzViOWViNDU1NWNhYzZjXCJdfSJ9 HTTP 302
https://account.ayoa.com/subscription/?utm_source=mail-chimp&utm_medium=email&utm_campaign=20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs HTTP 302
https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=29DA847CC4414B18B0EDE0C4E763A108&RedC=c.clarity.ms&MXFR=2353530D092E689C151A423B0D2E6675 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=29DA847CC4414B18B0EDE0C4E763A108&MUID=2D7FB051AFC4649B2ECAA167AEAF6510

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
auth.ayoa.com/
Redirect Chain

http://e.ayoa.com/track/click/30041437/account.ayoa.com?p=eyJzIjoiSUtJblhXaHFVUG%20xnUk4yXzJvLUtoT29uekVrIiwidiI6MSwicCI6IntcInVcIjozMDA0MTQzNyxcInZcIjoxLFwidXJsXC%20I6XCJodHRwczpcXFwvXFxcL2FjY291b...
https://account.ayoa.com/subscription/?utm_source=mail-chimp&utm_medium=email&utm_campaign=20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-f...

16 KB
5 KB

160ms
119ms

Document
text/html

34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

13a3f68373f6d1895e9cbd0b3bde57bc358e5d28ff1531eaa9b0723fdf57b301

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-droptask-request-id: cb881da0-cc61-4e3b-9b10-9d750de656b9
x-frame-options: DENY
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"4032-Y09hFEKaIzfGLQtQX5uPG6p5Rh4"
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 24 Jan 2022 18:57:32 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

x-droptask-request-id: c06bb666-a9bb-4aa1-8a1b-bc00c282a8e3
x-frame-options: DENY
access-control-allow-origin: *
location: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
vary: Accept, Accept-Encoding
content-type: text/html; charset=utf-8
content-length: 464
date: Mon, 24 Jan 2022 18:57:31 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 analytics_params.js Show response
auth.ayoa.com/ 523 B
681 B 188ms
187ms Script
application/javascript 34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ayoa.com/analytics_params.js

Requested by

Host: auth.ayoa.com
URL: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

cbed07923a67885c462315714b7be66e2a4be972ac1204a8b73167dd87f8f5d1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
via: 1.1 google
vary: Accept-Encoding
x-droptask-request-id: c4cc6281-1ef0-4016-a475-8ec4a875c274
etag: W/"20b-jT8lxcp15jix5kK1AsXNSixko2A"
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 523

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 67ms
25ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 18:37:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 24 Jan 2022 18:57:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jan 2022 18:57:32 GMT

GET
H2 200 styles.css
auth.ayoa.com/styles/ 878 KB
307 KB 191ms
190ms Stylesheet
text/css 34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ayoa.com/styles/styles.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

60bf2191b044d07e58525bdb9975cd0e0075ba642ea3f699de7f54d2f4437187

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 08:29:16 GMT
x-droptask-request-id: f8a7aa41-979a-4d51-895a-79479a95ef72
x-frame-options: DENY
etag: W/"db8cc-17db80f6360"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 app.js Show response
auth.ayoa.com/scripts/ 1 MB
315 KB 144ms
143ms Script
application/javascript 34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ayoa.com/scripts/app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

76b5cc454bc35360a42ec546d303744cc5773fbe6b211836c353de650661bced

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 08:29:13 GMT
x-droptask-request-id: 5109c0c4-91bc-4309-aee1-25064a0d777e
x-frame-options: DENY
etag: W/"16cf0f-17db80f57a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 29 KB
9 KB 104ms
15ms Script
application/javascript 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: auth.ayoa.com
URL: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:40:38 GMT
server: NetDNA-cache/2.2
x-amz-request-id: KEAZ53P0MYG1FX6F
etag: W/"48ead32171e554edb2744890102504b0"
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-max-age=3600, max-age=604800, public
x-amz-meta-content-type: application/javascript
x-amz-id-2: w6KdxGcZOuyPvMkEvsFwc5QrJgN1QHzJ2NFiM5eeujOJ2u1Yu5VvZQnSZZa+u1C6L+msNEcT/k0=

GET
H2 200 ayoa-icon.png
auth.ayoa.com/images/ 15 KB
15 KB 133ms
133ms Image
image/png 34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.ayoa.com/images/ayoa-icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

0663c8625f7aa453781cde5564907de757e443625820ffd2f9eea3b8ebe9ab36

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
via: 1.1 google
last-modified: Mon, 25 Oct 2021 16:10:43 GMT
x-droptask-request-id: 0a4c0ebb-5740-47a4-a996-0efb4172b97c
etag: W/"3aef-17cb837e3b8"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: clear
content-length: 15087

GET
H2 200 og_logo.svg
auth.ayoa.com/images/ 6 KB
2 KB 135ms
135ms Image
image/svg+xml 34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.ayoa.com/images/og_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

69afd0aca740bb3772b8cffdf767ae4a2f2274fc910cb220a29e942a939468b9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 16:10:43 GMT
x-droptask-request-id: 327fc384-b783-4eaf-b02a-28fb30be5538
x-frame-options: DENY
etag: W/"192d-17cb837e3b8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
68 KB 76ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2RFFZJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85ecfff70cbe7e19e207bfab7a5fcdb595b57ddcf3a5b746ea43b6f6316b5c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69114
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 18:24:49 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jan 2022 18:57:32 GMT

GET
H2 204 analytics-params Show response
auth.ayoa.com/ 0
260 B 183ms
182ms XHR
text/plain 34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ayoa.com/analytics-params?url=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs

Requested by

Host: auth.ayoa.com
URL: https://auth.ayoa.com/analytics_params.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 18:57:32 GMT
via: 1.1 google
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-droptask-request-id: 39f47e52-44ea-4ecc-9596-fce8bf4a878b
alt-svc: clear
x-frame-options: DENY

GET
H2 200 OpenSans.woff
auth.ayoa.com/fonts/open_sans/ 66 KB
66 KB 136ms
136ms Font
font/woff 34.107.152.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ayoa.com/fonts/open_sans/OpenSans.woff

Requested by

Host: auth.ayoa.com
URL: https://auth.ayoa.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.152.176 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

176.152.107.34.bc.googleusercontent.com

Software

Resource Hash

8095261cfd872ab6464e17d1c780132be37486ac27abba93742c86940ee3b052

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://auth.ayoa.com/styles/styles.css
Origin: https://auth.ayoa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
via: 1.1 google
last-modified: Mon, 25 Oct 2021 16:10:43 GMT
x-droptask-request-id: e1e24e1e-11c2-44d6-91e7-bc984bd804a2
etag: W/"107cc-17cb837e3b8"
x-frame-options: DENY
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: clear
content-length: 67532

GET
DATA 200
OK truncated
/ 42 KB
42 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 254bfa999cdebc2475ac0e922ff643a44755cc81cf165303301265d1b95ba369

Request headers

Referer
Origin: https://auth.ayoa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 312ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2RFFZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4959
date: Mon, 24 Jan 2022 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 24 Jan 2022 19:34:54 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 85ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2RFFZJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1764863CB77E4A0C9F4A36E27E81305B Ref B: FRAEDGE1519 Ref C: 2022-01-24T18:57:32Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 75ms
34ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2RFFZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14846
x-xss-protection: 0
server: cafe
etag: 1633785920527017951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 18:57:32 GMT

GET
H2 200 20255.js Show response
www.dwin1.com/ 36 KB
11 KB 72ms
25ms Script
application/javascript 2600:9000:2315:7a00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/20255.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2RFFZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7a00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99647e20aa0018bd2f215c5e7651f05aa63712fa686ceb134a7e27c81cbdbee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Rkxivs82ikTdscYKDt4eEuOCMG7t6Nog
content-encoding: gzip
etag: W/"11f5379984dc5e607f50feea4badc44e"
age: 217
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 17 Jan 2022 12:11:27 GMT
server: AmazonS3
date: Mon, 24 Jan 2022 18:53:56 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 9-hoB56wpSn7S0H5DWXe3hKvfEpP0nKKSGkIf7XisSV0-h-CB8As8w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 51ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: caDEHDJi/tAlxUg3zGBO7SrtIUkDCxDBAHDL9OAvO5pFmXodazbwvMezpTR3xfx/zMNFt/ep3Q0p591x2b2cSw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 24 Jan 2022 18:57:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 887 B
1001 B 83ms
27ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2RFFZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8cdb8197f6b2c1d00f1a1c2d0d405f2b26b20584c179330cdc9c7159d81e791

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Mon, 24 Jan 2022 18:57:32 GMT

GET
H2 200 183732543032345 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 182ms
181ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/183732543032345?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0df012c3d886d0b3928b8e965e74f4d8dc0ed029e25c335ababb2d1a1752571e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: e5IPGAdvkDruba66iLgNJMLb59MjPyMJkMXKLg1qLDCRKlv0h79hVvYDT6XHn7L+Vrvws6FGoqGT1WI2txg5Cg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 24 Jan 2022 18:57:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/520750ED-816B-2140-01D0-EC39B7195DD6/ 3 KB
3 KB 429ms
125ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/520750ED-816B-2140-01D0-EC39B7195DD6/btp.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/20255.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4f43cba13bdd1d7ae7932f2f3c35a52909baa388a232b20d52ceabc141e4ad15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 13:10:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e04ce0743ebfd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2637

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 354 KB
140 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.ayoa.com/
Origin: https://auth.ayoa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:08:30 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/744082697/ 3 KB
2 KB 71ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/744082697/?random=1643050652881&cv=9&fst=1643050652881&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&tiba=Ayoa%20Authentication&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

703dcef1250b8af2473a16ab8f1a09e5343c650550ae3c49b567d49a2f619b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26065691.js Show response
bat.bing.com/p/action/ 714 B
778 B 231ms
230ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26065691.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: 427874881ff26c85da578fec332ae35937681d6b9dd6c0b51bd067d0e92c41fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8CF97C15DA94947864A1D9E011DDD24 Ref B: FRAEDGE1519 Ref C: 2022-01-24T18:57:32Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 610

GET
H2 204 0
bat.bing.com/action/ 0
150 B 39ms
39ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26065691&tm=gtm002&Ver=2&mid=4ebee4d0-91cd-4804-adbb-9f8e85387e76&sid=7ca374c07d4711ec8beb29e4dbe96365&vid=7ca383407d4711ec985f4f9e32189cbd&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ayoa%20Authentication&p=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&r=&lt=1179&evt=pageLoad&msclkid=N&sv=1&rn=890593
Requested by: Host: auth.ayoa.com
URL: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22FA408AE1FA4510B5E635E248606B6D Ref B: FRAEDGE1519 Ref C: 2022-01-24T18:57:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/744082697/ 42 B
548 B 71ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/744082697/?random=1643050652881&cv=9&fst=1643047200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&frm=0&url=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&tiba=Ayoa%20Authentication&async=1&fmt=3&is_vtc=1&random=3038978091&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/744082697/ 42 B
548 B 79ms
37ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/744082697/?random=1643050652881&cv=9&fst=1643047200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&frm=0&url=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&tiba=Ayoa%20Authentication&async=1&fmt=3&is_vtc=1&random=3038978091&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 28E3 40 KB
21 KB 79ms
40ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF&co=aHR0cHM6Ly9hdXRoLmF5b2EuY29tOjQ0Mw..&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=du7pimu06xe9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

129790c29d4922ad1574969424f4e7ddcfc31e8bc95dd06aa6c78e33921459b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ftdN+/zMby97NxJprlUNmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jan 2022 18:57:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-ftdN+/zMby97NxJprlUNmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21014
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 52ms
18ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=183732543032345&ev=PageView&dl=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&rl=&if=false&ts=1643050653098&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1643050653097.648650928&it=1643050652851&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 24 Jan 2022 18:57:33 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
23ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=229263623&t=pageview&_s=1&dl=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&ul=en-us&de=UTF-8&dt=Ayoa%20Authentication&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1837464486&gjid=785950110&cid=902627022.1643050653&tid=UA-139869184-1&_gid=1001023581.1643050653&_r=1&gtm=2wg1j0K2RFFZJ&z=1338692803

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.ayoa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.ayoa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 28E3 51 KB
24 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF&co=aHR0cHM6Ly9hdXRoLmF5b2EuY29tOjQ0Mw..&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=du7pimu06xe9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 12:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:44:44 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 28E3 354 KB
140 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:08:30 GMT

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.31/ 52 KB
23 KB 401ms
116ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26065691.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:32 GMT
content-encoding: br
etag: "1d80c819fdf2b00"
last-modified: Tue, 18 Jan 2022 15:39:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=29DA847CC4414B18B0EDE0C4E763A108&RedC=c.clarity.ms&MXFR=2353530D092E689C151A423B0D2E6675
https://c.clarity.ms/c.gif?CtsSyncId=29DA847CC4414B18B0EDE0C4E763A108&MUID=2D7FB051AFC4649B2ECAA167AEAF6510

42 B
367 B

35ms
34ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=29DA847CC4414B18B0EDE0C4E763A108&MUID=2D7FB051AFC4649B2ECAA167AEAF6510
Requested by: Host: auth.ayoa.com
URL: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:33 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB1064134F824500A1E7AA3EE50AADBF Ref B: FRAEDGE1519 Ref C: 2022-01-24T18:57:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=29DA847CC4414B18B0EDE0C4E763A108&MUID=2D7FB051AFC4649B2ECAA167AEAF6510
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 77ms
25ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-139869184-1&cid=902627022.1643050653&jid=1837464486&gjid=785950110&_gid=1001023581.1643050653&_u=YEBAAEAAAAAAAC~&z=1090973700

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.ayoa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 24 Jan 2022 18:57:33 GMT
content-type: text/plain
access-control-allow-origin: https://auth.ayoa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 28E3 2 KB
2 KB 17ms
17ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 07:03:19 GMT
x-content-type-options: nosniff
age: 302054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 28 Jan 2022 07:03:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 28E3 15 KB
16 KB 85ms
44ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 525052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 28E3 15 KB
15 KB 102ms
61ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 535179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 14:17:54 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 69ms
42ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-139869184-1&cid=902627022.1643050653&jid=1837464486&_u=YEBAAEAAAAAAAC~&z=1291390278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 87ms
60ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-139869184-1&cid=902627022.1643050653&jid=1837464486&_u=YEBAAEAAAAAAAC~&z=1291390278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 18:57:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 28E3 102 B
133 B 28ms
28ms Other
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF&co=aHR0cHM6Ly9hdXRoLmF5b2EuY29tOjQ0Mw..&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=du7pimu06xe9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 24 Jan 2022 18:57:33 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 89ms
26ms Script
application/javascript 184.87.212.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/520750ED-816B-2140-01D0-EC39B7195DD6/btp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.212.200 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-212-200.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 18:57:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
ETag: "60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 3340
Expires: Tue, 25 Jan 2022 18:57:35 GMT

GET
H2 200 loader.min.js Show response
files1.cybba.solutions/ayoa.com/ 98 KB
29 KB 182ms
18ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://files1.cybba.solutions/ayoa.com/loader.min.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/520750ED-816B-2140-01D0-EC39B7195DD6/btp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 1fd62a882ba0c965c09e75785902d5a53a216b0d0f9735f600929033a77e1a47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:33 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 12/27/2021 00:38:17
cdn-pullzone: 116099
cdn-requestpullsuccess: True
server: BunnyCDN-DE1-756
last-modified: Wed, 28 Jul 2021 21:21:46 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6101ca6a-18929"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: a080e070-2552-4896-b206-e42f1464eeab
cache-control: public, max-age=1800
cdn-requestid: cbf0eb7653d7629caef70b09f6b4cb71
cdn-requestcountrycode: DE
cdn-status: 200
expires: Mon, 27 Dec 2021 00:08:17 GMT

GET
H2 200 cybba_latest.min.js Show response
d2rp1k1dldbai6.cloudfront.net/ 75 KB
19 KB 77ms
19ms Script
application/javascript 2600:9000:236e:4800:d:87ae:bb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/520750ED-816B-2140-01D0-EC39B7195DD6/btp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:4800:d:87ae:bb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 02:48:09 GMT
content-encoding: br
last-modified: Tue, 21 Sep 2021 13:53:05 GMT
server: AmazonS3
age: 58165
etag: W/"9e33abcb83f5793fa610130e97588252"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: qzK9m44qbSO-Oasft6hl4J_GgY34DGEC82AbmwxfMLCLX4cKi7rJVA==

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 28E3 30 KB
17 KB 65ms
64ms XHR
application/json 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7709ceeefef1b8493980c4867d7655e9b0b292a1fce241fd49e81d9018230cdb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldr28IUAAAAALvcAeGfzYdc4lsKVdgpDrHBHFqF&co=aHR0cHM6Ly9hdXRoLmF5b2EuY29tOjQ0Mw..&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=du7pimu06xe9
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 24 Jan 2022 18:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17212
x-xss-protection: 1; mode=block
expires: Mon, 24 Jan 2022 18:57:33 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
335 B 87ms
18ms Image
image/gif 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=7684b498-a682-4a81-a474-b01e30b4f4e0&it=1643050653467&v=0.0.20&u=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&st=1643050653466&et=1643050653467&if=0
Requested by: Host: auth.ayoa.com
URL: https://auth.ayoa.com/login?continue=https%3A%2F%2Faccount.ayoa.com%2Fsubscription%2F%3Futm_source%3Dmail-chimp%26utm_medium%3Demail%26utm_campaign%3D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 18:57:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK user Show response
app.cybba.solutions/ 143 B
453 B 329ms
101ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=1901&email=null&_ts=99845209

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/ayoa.com/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

45a9fffbb0f909e5f85016ae9ec07758384d293167c65c8bb9fd8a302b172334

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 18:57:33 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 143
Expires: Mon, 24 Jan 2022 18:57:32 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 269 B
425 B 85ms
16ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=X8nNh9l0HcVYntp
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a5dfc80c3a9f7d5d67ec5d651df467040e84c38e3166813f1454fd8e3ae2b272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 24 Jan 2022 18:57:33 GMT
Content-Length: 269
Content-Type: application/json; charset=utf-8

POST
H2 204 collect Show response
e.clarity.ms/ 0
91 B 106ms
105ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://auth.ayoa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://auth.ayoa.com
date: Mon, 24 Jan 2022 18:57:33 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 392ms
121ms Image
image/gif 138.197.155.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=6ac8953b65f648619ab7bfbe9acc3880&correlationId=36b320e4-7ae0-41ef-943d-6e087f489d2c&application=droptask-reload-prod&x=54d6861b-c237-4a4b-9e31-265558b08af5&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.197.155.84 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prd-usage-1.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 18:57:34 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK update Show response
app.cybba.solutions/event/1901/ 200 B
510 B 306ms
108ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1901/update?data=%7B%22userId%22%3A%221046277136835779%22%2C%22sessionId%22%3A%22228536023683597158%22%2C%22type%22%3A%22update%22%2C%22lastVisitDate%22%3A1643050653573%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=59959760

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/ayoa.com/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

9348e11dc53f64026aa5056ad5726c472e3d2fc6cbe476b23569737674318c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 18:57:34 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Mon, 24 Jan 2022 18:57:33 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 36ms
17ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=183732543032345&ev=Microdata&dl=https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs&rl=&if=false&ts=1643050654602&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ayoa%20Authentication%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&fbp=fb.1.1643050653097.648650928&it=1643050652851&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:57:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 24 Jan 2022 18:57:34 GMT

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
687 B 23ms
23ms Fetch
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 18:57:34 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 07c8e956-2afd-41c5-a2e6-7e7c4a4ef6ff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://auth.ayoa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK generic Show response
app.cybba.solutions/event/1901/ 200 B
510 B 307ms
110ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1901/generic?data=%7B%22userId%22%3A%221046277136835779%22%2C%22sessionId%22%3A%22228536023683597158%22%2C%22type%22%3A%22generic%22%2C%22generic%22%3A%7B%22event_name%22%3A%22zandruid%22%2C%22itemId%22%3A%220%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=52970967

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/ayoa.com/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

9348e11dc53f64026aa5056ad5726c472e3d2fc6cbe476b23569737674318c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 18:57:35 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Mon, 24 Jan 2022 18:57:34 GMT

GET
H/1.1 200
OK pageview Show response
app.cybba.solutions/event/1901/ 200 B
510 B 303ms
104ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1901/pageview?data=%7B%22userId%22%3A%221046277136835779%22%2C%22sessionId%22%3A%22228536023683597158%22%2C%22type%22%3A%22pageview%22%2C%22url%22%3A%22https%3A%2F%2Fauth.ayoa.com%2Flogin%3Fcontinue%3Dhttps%253A%252F%252Faccount.ayoa.com%252Fsubscription%252F%253Futm_source%253Dmail-chimp%2526utm_medium%253Demail%2526utm_campaign%253D20220119_AYO_CNV_EN_UU_UUU_UUU_OFF_Closure-of-free-to-unsubs%22%2C%22generic%22%3A%7B%22itemId%22%3A%22DE%7CHesse%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=6413575

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/ayoa.com/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

9348e11dc53f64026aa5056ad5726c472e3d2fc6cbe476b23569737674318c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.ayoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 18:57:35 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Mon, 24 Jan 2022 18:57:34 GMT

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 04:43:22	Name: _GRECAPTCHA Value: 09AGh639VLVwjLSuYXFhBfDF9H5W8EH6asm07ygFwo3Y5AuvrsLEpOsnb6-dOHc-gH5GhrCUCxkcdG7tJMKcQElM4
.ayoa.com/	1970-01-20 09:09:46	Name: ayoa.sid Value: s%3AFkoqbb55bsGMlC_cQ2ucb8WOaVU4Bdg3.%2F%2FvE9icqrGf2ilv1ALIaBGphU4udHcvv1ruPOjzbYyM
.ayoa.com/	1970-01-20 01:50:34	Name: ayoa.ap Value: s%3Af85efd29-0240-409b-afd4-357d9bb4d3ae.cXn%2F3rf%2BG%2BQ9UVgotIfR4EuWlF8WBrOrEYup1gFrxp4
.ayoa.com/	1970-01-20 02:33:46	Name: _gcl_au Value: 1.1.1431110962.1643050653
.bing.com/	1970-01-20 09:45:46	Name: MUID Value: 2D7FB051AFC4649B2ECAA167AEAF6510
.ayoa.com/	1970-01-20 00:25:37	Name: _uetsid Value: 7ca374c07d4711ec8beb29e4dbe96365
.ayoa.com/	1970-01-20 09:45:46	Name: _uetvid Value: 7ca383407d4711ec985f4f9e32189cbd
.doubleclick.net/	1970-01-20 00:24:11	Name: test_cookie Value: CheckForPermission
.ayoa.com/	1970-01-20 02:33:46	Name: _fbp Value: fb.1.1643050653097.648650928
.ayoa.com/	1970-01-20 17:55:22	Name: _ga Value: GA1.2.902627022.1643050653
.ayoa.com/	1970-01-20 00:25:37	Name: _gid Value: GA1.2.1001023581.1643050653
.ayoa.com/	1970-01-20 00:24:10	Name: _gat_UA-139869184-1 Value: 1
.c.bing.com/	1970-01-20 09:45:46	Name: SRM_B Value: 2D7FB051AFC4649B2ECAA167AEAF6510
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:45:46	Name: MUID Value: 2D7FB051AFC4649B2ECAA167AEAF6510
.c.clarity.ms/	1970-01-20 00:24:11	Name: ANONCHK Value: 0
.auth.ayoa.com/	1969-12-31 23:59:59	Name: _vt_shop Value: 1901
.ayoa.com/	1970-01-20 09:09:46	Name: _clck Value: 1jsctrw\|1\|eye\|0
.ayoa.com/	1970-01-20 00:25:37	Name: _clsk Value: wkkt80\|1643050653865\|1\|1\|e.clarity.ms/collect
.auth.ayoa.com/	1970-01-20 09:09:46	Name: _vt_user Value: 1046277136835779_228536023683597158_false_false
.ayoa.com/	1970-01-20 00:24:53	Name: CYB_ID Value: 1046277136835779
.ayoa.com/	1970-01-20 00:27:03	Name: CYB_AB Value: 0
.ayoa.com/	1970-01-20 00:24:53	Name: cybSessionID Value: 228536023683597158
.ayoa.com/	1970-01-20 00:24:17	Name: c_64ei Value: ZmFsc2U=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.ayoa.com
acdn.adnxs.com
app.cybba.solutions
auth.ayoa.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.trackjs.com
connect.facebook.net
d2rp1k1dldbai6.cloudfront.net
e.ayoa.com
e.clarity.ms
files1.cybba.solutions
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
pro.ip-api.com
stats.g.doubleclick.net
usage.trackjs.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.rtb123.com
138.197.155.84
138.197.61.175
142.250.181.226
184.87.212.200
20.62.48.180
2600:9000:2315:7a00:f:8ce2:fb80:93a1
2600:9000:236e:4800:d:87ae:bb80:21
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.107.152.176
34.253.241.177
37.252.172.45
51.77.64.70
52.142.114.2
67.225.220.126
89.187.169.47
94.31.29.32
0663c8625f7aa453781cde5564907de757e443625820ffd2f9eea3b8ebe9ab36
0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22
0df012c3d886d0b3928b8e965e74f4d8dc0ed029e25c335ababb2d1a1752571e
0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
129790c29d4922ad1574969424f4e7ddcfc31e8bc95dd06aa6c78e33921459b6
13a3f68373f6d1895e9cbd0b3bde57bc358e5d28ff1531eaa9b0723fdf57b301
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fd62a882ba0c965c09e75785902d5a53a216b0d0f9735f600929033a77e1a47
254bfa999cdebc2475ac0e922ff643a44755cc81cf165303301265d1b95ba369
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
427874881ff26c85da578fec332ae35937681d6b9dd6c0b51bd067d0e92c41fa
45a9fffbb0f909e5f85016ae9ec07758384d293167c65c8bb9fd8a302b172334
4f43cba13bdd1d7ae7932f2f3c35a52909baa388a232b20d52ceabc141e4ad15
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60bf2191b044d07e58525bdb9975cd0e0075ba642ea3f699de7f54d2f4437187
69afd0aca740bb3772b8cffdf767ae4a2f2274fc910cb220a29e942a939468b9
703dcef1250b8af2473a16ab8f1a09e5343c650550ae3c49b567d49a2f619b7e
76b5cc454bc35360a42ec546d303744cc5773fbe6b211836c353de650661bced
7709ceeefef1b8493980c4867d7655e9b0b292a1fce241fd49e81d9018230cdb
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a
8095261cfd872ab6464e17d1c780132be37486ac27abba93742c86940ee3b052
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ecfff70cbe7e19e207bfab7a5fcdb595b57ddcf3a5b746ea43b6f6316b5c3e
9348e11dc53f64026aa5056ad5726c472e3d2fc6cbe476b23569737674318c61
99647e20aa0018bd2f215c5e7651f05aa63712fa686ceb134a7e27c81cbdbee9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5dfc80c3a9f7d5d67ec5d651df467040e84c38e3166813f1454fd8e3ae2b272
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b8cdb8197f6b2c1d00f1a1c2d0d405f2b26b20584c179330cdc9c7159d81e791
cbed07923a67885c462315714b7be66e2a4be972ac1204a8b73167dd87f8f5d1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

auth.ayoa.com Open in urlscan Pro 34.107.152.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

54 %IPv6

21 Domains

30 Subdomains

28 IPs

7 Countries

1463 kBTransfer

4380 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth.ayoa.com Open in urlscan Pro
34.107.152.176 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

54 %
IPv6

21
Domains

30
Subdomains

28
IPs

7
Countries

1463 kB
Transfer

4380 kB
Size

24
Cookies

53 HTTP transactions
1 data transactions