www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR
Effective URL:
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e...
Submission Tags: @ipnigh
Submission: On February 03 via api (February 3rd 2020, 12:35:14 am UTC) from GB

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 60 HTTP transactions. The main IP is 195.201.46.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.

This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.176.43.84 185.176.43.84	44476 (ZETTA-AS) (ZETTA-AS)
1 2	185.66.200.218 185.66.200.218	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1 1	174.137.133.18 174.137.133.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	172.104.23.40 172.104.23.40	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	35.168.147.213 35.168.147.213	14618 (AMAZON-AES) (AMAZON-AES)
13	195.201.46.48 195.201.46.48	24940 (HETZNER-AS) (HETZNER-AS)
1	143.204.214.51 143.204.214.51	16509 (AMAZON-02) (AMAZON-02)
13	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
2	217.114.212.216 217.114.212.216	31103 (KEYWEB-AS) (KEYWEB-AS)
1	185.33.223.210 185.33.223.210	29990 (ASN-APPNEX) (ASN-APPNEX)
3	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	18.194.21.214 18.194.21.214	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
60	21

1 185.176.43.84 (Bulgaria)

ASN44476 (ZETTA-AS, BG)

cangamecan2.atwebpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.218 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.218.skhosting.eu

ylx-4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.18 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.blueparrot.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.23.40 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1842-40.members.linode.com

clkn.adzopa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.147.213 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-147-213.compute-1.amazonaws.com

usa.lucretius-ada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 195.201.46.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.46.201.195.clients.your-server.de

www.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-51.fra53.r.cloudfront.net

cdn-a.yieldlove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.114.212.216 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: ns1.alpha9marketing.net

tracker.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.210 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.21.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-21-214.eu-central-1.compute.amazonaws.com

api.yieldlove-ad-serving.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	288 KB
15	auskunft.de www.auskunft.de tracker.auskunft.de	318 KB
7	googletagservices.com www.googletagservices.com	169 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	110 B
3	google.de adservice.google.de	524 B
3	districtm.io dmx.districtm.io cdn.districtm.io	904 B
3	ioam.de 1 redirects script.ioam.de de.ioam.de	13 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	916 B
2	ylx-4.com 1 redirects ylx-4.com	1 KB
1	yieldlove-ad-serving.net api.yieldlove-ad-serving.net	207 B
1	google.com adservice.google.com	171 B
1	yieldlove.com cdn-a.yieldlove.com	82 KB
1	lucretius-ada.com 1 redirects usa.lucretius-ada.com	767 B
1	adzopa.com clkn.adzopa.com	971 B
1	blueparrot.media 1 redirects xml.blueparrot.media	136 B
1	atwebpages.com cangamecan2.atwebpages.com	305 B
60	17

	Domain	Requested by
13	securepubads.g.doubleclick.net	www.auskunft.de securepubads.g.doubleclick.net cangamecan2.atwebpages.com www.googletagservices.com
13	www.auskunft.de	clkn.adzopa.com www.auskunft.de www.google-analytics.com
7	www.googletagservices.com	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net www.googletagservices.com
3	www.google-analytics.com	2 redirects www.auskunft.de
2	de.ioam.de	1 redirects www.auskunft.de
2	dmx.districtm.io	cdn-a.yieldlove.com www.auskunft.de
2	tracker.auskunft.de	www.auskunft.de
2	stats.g.doubleclick.net	www.auskunft.de
2	ylx-4.com	1 redirects cangamecan2.atwebpages.com
1	acdn.adnxs.com	cdn-a.yieldlove.com
1	cdn.districtm.io	cdn-a.yieldlove.com
1	pagead2.googlesyndication.com
1	api.yieldlove-ad-serving.net	cdn-a.yieldlove.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	ib.adnxs.com	cdn-a.yieldlove.com
1	script.ioam.de	www.auskunft.de
1	cdn-a.yieldlove.com	www.auskunft.de
1	usa.lucretius-ada.com	1 redirects
1	clkn.adzopa.com	ylx-4.com
1	xml.blueparrot.media	1 redirects
1	cangamecan2.atwebpages.com
60	23

This site contains links to these domains. Also see Links.

Domain
www.alpha9marketing.com

Subject Issuer	Validity	Valid
clkn.adzopa.com Let's Encrypt Authority X3	`2019-11-12` - `2020-02-10`	3 months	crt.sh
*.auskunft.de Sectigo RSA Domain Validation Secure Server CA	`2019-09-12` - `2021-09-11`	2 years	crt.sh
cdn-a.yieldlove.com Amazon	`2019-10-02` - `2020-11-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
tracker.auskunft.de cPanel, Inc. Certification Authority	`2020-01-02` - `2020-04-01`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
yieldlove-ad-serving.net Amazon	`2019-11-19` - `2020-12-19`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Frame ID: 89387FF00F8D984A033C3C407E439063
Requests: 38 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTyvwrI5UQOeFbN671eHGnyOepzi8NBl8YJ-kcqyY7ggXAgUEeIFRNdLWLJt9V8PKaIMhthGDACQoU7qdzKqot8G_ITHnGtUpgTv7iZuYP_tbm6f5HuDotrJoxtvoWyMQDjODQ4D4zdFnaAra8sXRO5vTP_8zqpohsu6hdqrZqd4Q76C6S5WGRH3EUUrdTAy11BUXSjVDuH9ZzHYLkRcxy8KSMZyvrZPMrCgwS2T1doCT20jFcojVi1r7I9mR7mPUZDP5ILKOWr1a0OshuxRIzsBg&sai=AMfl-YR6ziXAmwqC-8AVKwM-xGasSeA82J3UB9k8_dK39nBoc_yfYx8YeuuyxjCmyAbgLH8RJUR8DurJTNOQQYphKj0VHhBp4DesLqI_UNJJsA&sig=Cg0ArKJSzBUqSJjJni2VEAE&urlfix=1&adurl=
Frame ID: F68E08D19000EDCCF685E0DCF441B639
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: C6D7ED43A830B757D0048A71C36FBD29
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9PbFK52vd2Ep4MXTi8bcZEfFCou3iN4Sw50aJm6u3-n-RF0k-UkbSVWKsZ6LyiCCwfxpwfJU8lUx3cxJY5UHf2maf_h4vzuhiIMIUcy4WrPAjnQDukpwQBJVEgs6oR83ZOetmZfLnLOK1Nu1HdUWIx1Oovvm8QryVnDPq-hbm_ewhVJspFsFclHM-Lo-VL1EvTIYhiYOAqPOXmB35ZH5ehwC0nuX2WMp54HmmX4kcM9mho7Cgewty5CAO-rEhb1aT9PEeRyFH1WHP7lWiwffM31w&sig=Cg0ArKJSzITh1MwR1GjjEAE&urlfix=1&adurl=
Frame ID: 8D6B17EB827E663878D6D227905DDF54
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 7ABAB0FD34B3F10BE3704F0B5284739D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 541C9B248CE61E771E362720472ACA95
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E9098E24C2E41202359E503E19DBF3C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR Page URL
http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g HTTP 302
http://xml.blueparrot.media/click?i=6IRkcZLyYDc_0 HTTP 302
https://clkn.adzopa.com/nc/1580690906/click?i=JE28qNdjlnNUN Page URL
http://usa.lucretius-ada.com/zcvisitor/fe608b44-461c-11ea-aa40-0aef21323755?campaignid=d3ec2b00-5008-11e7... HTTP 302
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

60
Requests

97 %
HTTPS

32 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

892 kB
Transfer

2150 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alpha9marketing.com/unternehmen/stellenangebote
Title: Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR Page URL
http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g HTTP 302
http://xml.blueparrot.media/click?i=6IRkcZLyYDc_0 HTTP 302
https://clkn.adzopa.com/nc/1580690906/click?i=JE28qNdjlnNUN Page URL
http://usa.lucretius-ada.com/zcvisitor/fe608b44-461c-11ea-aa40-0aef21323755?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698 HTTP 302
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g HTTP 302
http://xml.blueparrot.media/click?i=6IRkcZLyYDc_0 HTTP 302
https://clkn.adzopa.com/nc/1580690906/click?i=JE28qNdjlnNUN

Request Chain 14

https://www.google-analytics.com/r/collect?v=1&_v=j80&aip=1&a=777540000&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=879489596&gjid=2063025345&cid=1981480637.1580690096&tid=UA-77541742-2&_gid=135073167.1580690096&_r=1&z=863529512 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=879489596&_gid=135073167.1580690096&gjid=2063025345&_v=j80&z=863529512

Request Chain 27

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000f&i2=000f3718ff3b30e415e376aaf&ep=1605096262&vr=416&id=jflnsx&i3=000f3718ff3b30e415e376aaf%3A1607474095957%3A1580690095957%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1580690095957&n1=4&dntt=0&lt=1580690095958&ev=&cs=82ffeo&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000f&i2=000f3718ff3b30e415e376aaf&ep=1605096262&vr=416&id=jflnsx&i3=000f3718ff3b30e415e376aaf%3A1607474095957%3A1580690095957%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1580690095957&n1=4&dntt=0&lt=1580690095958&ev=&cs=82ffeo&mo=1&sr=71

Request Chain 61

https://www.google-analytics.com/r/collect?v=1&_v=j80&aip=1&a=777540000&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=nobounce&ea=10%20seconds&_u=aEBAAEAB~&jid=964999384&gjid=836881427&cid=1981480637.1580690096&tid=UA-77541742-2&_gid=135073167.1580690096&_r=1&z=2141173987 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=964999384&_gid=135073167.1580690096&gjid=836881427&_v=j80&z=2141173987

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK game.php Show response
cangamecan2.atwebpages.com/ 117 B
305 B 99ms
93ms Document
text/html 185.176.43.84
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR
Protocol: HTTP/1.1
Server: 185.176.43.84 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 3a4f700f8c4523aaf85677dbdea919bdfd0755b4cd4e7834cbb1e7d0e8c7ed88

Request headers

Host: cangamecan2.atwebpages.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 00:34:52 GMT
Server: Apache
Content-Length: 117
Keep-Alive: timeout=4, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK mobile_redir.php Show response
ylx-4.com/ 100 B
560 B 107ms
101ms Script
application/javascript 185.66.200.218
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://ylx-4.com/mobile_redir.php?section=General&pub=111289&ga=g&desktop=1
Requested by: Host: cangamecan2.atwebpages.com
URL: http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR
Protocol: HTTP/1.1
Server: 185.66.200.218 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.218.skhosting.eu
Software: nginx /
Resource Hash: e5f0c7d2cee8da781de112a5cfc3fbde9bb0f7037570de74fa2b673d3202b849

Request headers

Referer: http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 00:34:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 00:34:52 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Expires: Mon, 03 Feb 2020 00:34:52 GMT

GET
H/1.1

200
OK

click Show response
clkn.adzopa.com/nc/1580690906/
Redirect Chain

http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g
http://xml.blueparrot.media/click?i=6IRkcZLyYDc_0
https://clkn.adzopa.com/nc/1580690906/click?i=JE28qNdjlnNUN

438 B
971 B

337ms
105ms

Document
text/html

172.104.23.40
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://clkn.adzopa.com/nc/1580690906/click?i=JE28qNdjlnNUN
Requested by: Host: ylx-4.com
URL: http://ylx-4.com/mobile_redir.php?section=General&pub=111289&ga=g&desktop=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.23.40 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1842-40.members.linode.com
Software: nginx /
Resource Hash: 8c56581765e5f51bef57643ec360055be52373519eba45e1fc410756811ea15f

Request headers

Host: clkn.adzopa.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR

Response headers

Server: nginx
Date: Mon, 03 Feb 2020 00:34:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 438
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: -1
Pragma: no-cache
ETag: W/"1b6-Wz4b9zujKlKFmHJ3bh9CKUSgtkk"
Referrer-Policy: no-referrer

Redirect headers

Location: https://clkn.adzopa.com/nc/1580690906/click?i=JE28qNdjlnNUN
Connection: keep-alive
Content-Length: 0

GET
H2

200

Primary Request / Show response
www.auskunft.de/
Redirect Chain

http://usa.lucretius-ada.com/zcvisitor/fe608b44-461c-11ea-aa40-0aef21323755?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

25 KB
9 KB

148ms
116ms

Document
text/html

195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Requested by

Host: clkn.adzopa.com
URL: https://clkn.adzopa.com/nc/1580690906/click?i=JE28qNdjlnNUN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

d94322ddc80215d4c8eef680fe180ef38d2b6959a20637a7550ea97bca515d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.auskunft.de
:scheme: https
:path: /?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 03 Feb 2020 00:34:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: AUSKUNFT_SESSION=fl44ofc4092un34d67mre4jeeq; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip

Redirect headers

Date: Mon, 03 Feb 2020 00:34:55 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Server: ZeroPark-Traffic

GET
H2 200 main-index.7d0ced423d4c0a2cd73b.css
www.auskunft.de/assets/bundles/ 30 KB
8 KB 12ms
11ms Stylesheet
text/css 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main-index.7d0ced423d4c0a2cd73b.css

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

9fc956dee0da06ad46cec18716d9b57ea4c85499a501f2533e0b24f45ba596ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-7704"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 yieldlove-bidder.js Show response
cdn-a.yieldlove.com/ 267 KB
82 KB 46ms
9ms Script
application/javascript 143.204.214.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-51.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 8b3be395a08b768d797272204ae5db6d88a81502876b4faa79c48152f805c3c8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:39:15 GMT
content-encoding: gzip
age: 3340
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=10800
x-amz-cf-pop: FRA53-C1
access-control-allow-origin: *
x-amz-cf-id: A8WAqEbyhbE54gyQMHx6Qba4THGFD9smMGuiqQUfjUfe0HAgtRMypg==
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
16 KB 103ms
40ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

554f51b62b5284f614efc5e3621dbf116d73b08690524ffa70aa3f6bd209bb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "417 / 921 of 1000 / last-modified: 1580409148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16245
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:55 GMT

GET
H2 200 auskunft_de_logo.webp
www.auskunft.de/img/ 1 KB
1 KB 20ms
19ms Image
image/webp 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
last-modified: Fri, 21 Jul 2017 08:52:49 GMT
server: nginx
etag: "5971c0e1-4ee"
strict-transport-security: max-age=2592000
content-type: image/webp
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1262
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 geo-location-icon_basic.svg
www.auskunft.de/img/ 1 KB
1 KB 20ms
20ms Image
image/svg+xml 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.auskunft.de/img/geo-location-icon_basic.svg
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.46.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:52 GMT
last-modified: Fri, 15 Nov 2019 10:29:36 GMT
server: nginx
etag: "5dce7e10-4d3"
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 1235

GET
H2 200 jquery.min.js Show response
www.auskunft.de/assets/static/ 86 KB
35 KB 16ms
16ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/static/jquery.min.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-15851"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 main.fec8071bbb70f75e3408.js Show response
www.auskunft.de/assets/bundles/ 93 KB
36 KB 22ms
22ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main.fec8071bbb70f75e3408.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

81b012f463f259e5996c302b18cf78d3c5be30abfe49026b2e6bcddd56828182

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-17295"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 82
date: Mon, 03 Feb 2020 00:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Mon, 03 Feb 2020 02:33:33 GMT

GET
H2 200 background
www.auskunft.de/ 164 KB
164 KB 31ms
31ms Image
image/jpeg 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/background

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0698405bd8a5983afbf3542111e84c7daeeda227c254d6d1031fa3a3009c7a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
server: nginx
strict-transport-security: max-age=2592000
content-type: image/jpeg
status: 200
cache-control: public, max-age=1209600
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a2c35de4389fa7e5c99461e89f7b9f6ea18701cd5bd4ff425ad4a70daa61d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 auskunft.43df663044fe941e8d2a169deb98ce24.woff2
www.auskunft.de/assets/bundles/ 11 KB
12 KB 10ms
10ms Font
application/octet-stream 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/auskunft.43df663044fe941e8d2a169deb98ce24.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

594b2d78070890f4ea1301095409b29f45e0910342b968f6daa18cfb17155e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.auskunft.de/assets/bundles/main-index.7d0ced423d4c0a2cd73b.css
Origin: https://www.auskunft.de

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: "5e342aa8-2da0"
strict-transport-security: max-age=2592000
content-type: application/octet-stream
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11680
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&aip=1&a=777540000&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=879489596&_gid=135073167.1580690096&gjid=2063025345&_v=j80&z=863529512

35 B
102 B

35ms
34ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=879489596&_gid=135073167.1580690096&gjid=2063025345&_v=j80&z=863529512

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 03 Feb 2020 00:34:55 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 00:34:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=879489596&_gid=135073167.1580690096&gjid=2063025345&_v=j80&z=863529512
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 38 KB
11 KB 78ms
27ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.12 000f
Resource Hash: e96a565ea5e2e9eeb4401414cfd1a7fb36cf51aa38b5a60b64464084ea21cff5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 00:34:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 00:34:55 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.12 000f
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 03 Feb 2020 02:34:55 GMT

GET
H2 200 matomo.js Show response
tracker.auskunft.de/ 68 KB
22 KB 76ms
25ms Script
application/javascript 217.114.212.216
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.auskunft.de/matomo.js
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns1.alpha9marketing.net
Software: Apache /
Resource Hash: 7960e3f3049e145cdf8690073ea439c8788099f8504b9168fd68b5607511bf9f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:54 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 07:59:41 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 22671

GET
H2 200 vendors~app.f4a4293755b0b04c6c84.js Show response
www.auskunft.de/assets/bundles/ 30 KB
12 KB 34ms
34ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/vendors~app.f4a4293755b0b04c6c84.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.fec8071bbb70f75e3408.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

fad63f70d3b7200ae2269052f557cbd24c44f31807a755881d7418213f86b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-783c"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 app.f75f92f30b2587b80ae2.js Show response
www.auskunft.de/assets/bundles/ 34 KB
11 KB 35ms
35ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/app.f75f92f30b2587b80ae2.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.fec8071bbb70f75e3408.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

423c7c4051722ad413fe3d129cc1fa274ae997dfd9f9dab8f855f3f1be83c342

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-8700"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 224 B
916 B 72ms
36ms XHR
application/json 185.33.223.210
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7be6fbac4fa30d3d5dcc3dc08c398d37ab4578325ebe0a709d340a25db34da1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 00:34:57 GMT
X-Proxy-Origin: 89.249.64.195; 89.249.64.195; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.70:80
AN-X-Request-Uuid: de4ec70d-fcf2-4f8c-8975-b3a9c6ba0b4b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 224
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 v1 Show response
dmx.districtm.io/b/ 0
463 B 71ms
39ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: POST
Origin: https://www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Mon, 03 Feb 2020 00:34:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://www.auskunft.de
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
status: 204
access-control-max-age: 14400
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55f0526b7b4fd8fd-AMS
access-control-allow-headers: origin, content-type

GET
H2 200 searchbar.a3226f6d55f2311c8914.js Show response
www.auskunft.de/assets/bundles/ 8 KB
3 KB 11ms
10ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/searchbar.a3226f6d55f2311c8914.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.fec8071bbb70f75e3408.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

33df4c4edf49a996eeddbfb2afbd2c078ae4e80daf81ae1b9c8c58607e64cc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-20e0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 searchbar-handle-sort.3c0d2e63776a3e9cea36.js Show response
www.auskunft.de/assets/bundles/ 892 B
763 B 35ms
35ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/searchbar-handle-sort.3c0d2e63776a3e9cea36.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.fec8071bbb70f75e3408.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

b628c5566ad8989fa76d4bd7e612bdf27ba11598a86803c0276c864f09da82ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-37c"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 geolocation.864671dc2f53087d18bb.js Show response
www.auskunft.de/assets/bundles/ 6 KB
2 KB 35ms
35ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/geolocation.864671dc2f53087d18bb.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.fec8071bbb70f75e3408.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

6bf797d9a5898ddb0075e99020bbec839c85021ba29944aa149abf63f24916da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 00:34:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 13:24:56 GMT
server: nginx
etag: W/"5e342aa8-1825"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 04 Mar 2020 00:34:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 40ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62184
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:55 GMT

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000f&i2=000f3718ff3b30e415e376aa...
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000f&i2=000f3718ff3b30e415e376aa...

0
717 B

28ms
28ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000f&i2=000f3718ff3b30e415e376aaf&ep=1605096262&vr=416&id=jflnsx&i3=000f3718ff3b30e415e376aaf%3A1607474095957%3A1580690095957%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1580690095957&n1=4&dntt=0&lt=1580690095958&ev=&cs=82ffeo&mo=1&sr=71
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0021
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 00:34:56 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0021
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 03 Feb 2020 00:34:56 GMT
X-Powered-By: BLACKBIRD-RCV v1.06.2 0021
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 03 Feb 2020 00:34:56 GMT
Server: nginx
Location: /tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000f&i2=000f3718ff3b30e415e376aaf&ep=1605096262&vr=416&id=jflnsx&i3=000f3718ff3b30e415e376aaf%3A1607474095957%3A1580690095957%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1580690095957&n1=4&dntt=0&lt=1580690095958&ev=&cs=82ffeo&mo=1&sr=71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sun, 03 Feb 2019 00:34:56 GMT

GET
H2 200 matomo.php
tracker.auskunft.de/ 43 B
109 B 727ms
727ms Image
image/gif 217.114.212.216
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.auskunft.de/matomo.php?action_name=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&idsite=1&rec=1&r=943877&h=1&m=34&s=55&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&_id=c60680089c8a0732&_idts=1580690096&_idvc=1&_idn=0&_rcn=zpp&_refts=1580690096&_viewts=1580690096&send_image=1&cookie=1&res=1600x1200&gt_ms=117&pv_id=cI51dx&devicePixelRatio=1
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns1.alpha9marketing.net
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:54 GMT
content-encoding: br
server: Apache
vary: Origin,Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-store
content-length: 47

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
441 B 61ms
31ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: application/json

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.auskunft.de
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55f0526c09a79c33-AMS
access-control-allow-headers: origin, content-type

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 214ms
211ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3877224881580486&correlator=3932533783441007&output=ldjh&impl=fifs&adsid=NT&eid=21062414%2C21064549&vrg=2020012701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200203&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1580690096&dt=1580690096046&dlt=1580690095706&idt=327&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=726&adks=3358614790&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&dssz=29&icsg=12581519&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1981480637.1580690096&ga_sid=1580690096&ga_hid=777540000&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

080802223094723e24b996615aa1f6000759eccdca564910cac931e3e28350a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2195
x-xss-protection: 0
google-lineitem-id: 5111110714
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138275073032
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 39ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24916
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 81ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F68E 0
0 41ms
40ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTyvwrI5UQOeFbN671eHGnyOepzi8NBl8YJ-kcqyY7ggXAgUEeIFRNdLWLJt9V8PKaIMhthGDACQoU7qdzKqot8G_ITHnGtUpgTv7iZuYP_tbm6f5HuDotrJoxtvoWyMQDjODQ4D4zdFnaAra8sXRO5vTP_8zqpohsu6hdqrZqd4Q76C6S5WGRH3EUUrdTAy11BUXSjVDuH9ZzHYLkRcxy8KSMZyvrZPMrCgwS2T1doCT20jFcojVi1r7I9mR7mPUZDP5ILKOWr1a0OshuxRIzsBg&sai=AMfl-YR6ziXAmwqC-8AVKwM-xGasSeA82J3UB9k8_dK39nBoc_yfYx8YeuuyxjCmyAbgLH8RJUR8DurJTNOQQYphKj0VHhBp4DesLqI_UNJJsA&sig=Cg0ArKJSzBUqSJjJni2VEAE&urlfix=1&adurl=

Requested by

Host: cangamecan2.atwebpages.com
URL: http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Feb 2020 00:34:56 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F68E 53 KB
17 KB 51ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554f51b62b5284f614efc5e3621dbf116d73b08690524ffa70aa3f6bd209bb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "417 / 148 of 1000 / last-modified: 1580409148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16245
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F68E 72 KB
27 KB 82ms
70ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 83ms
72ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 pubads_impl_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F68E 167 KB
61 KB 40ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62184
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame F68E 113 B
178 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F68E 13 KB
8 KB 242ms
242ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2064138387526833&correlator=4028220129410368&output=ldjh&impl=fif&eid=21065352&vrg=2020012701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200203&iu=%2F53015287%2Fauskunft.de_d_728x90_1_dc&sz=728x90&eri=2&cookie=ID%3Dc99fa18582a9cac1%3AT%3D1580690096%3AS%3DALNI_MY7UdXYQ2u6o1a39HIf-Nh_zdQksQ&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1580690096&dt=1580690096429&dlt=1580690096274&idt=150&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=726&adk=3040953405&uci=vc1d97i6p5rm&ifi=1&ifk=2364380484&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=2113658644.1580690096&ga_sid=1580690096&ga_hid=97948969&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

79a9cfdc8dc5dc5b911c8503192ed34a7e510e1b4d7171173533d14b4021a201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8109
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F68E 66 KB
24 KB 39ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24916
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F68E 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame F68E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3723a2b49a1b28b5cfc8294dd7ef09cbd049eeeb4841d076829ecefe12334fb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C6D7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 02 Feb 2020 09:36:14 GMT
expires: Mon, 01 Feb 2021 09:36:14 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 53922
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F68E 74 KB
27 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:56 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 287ms
287ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3877224881580486&correlator=3837854826106280&output=ldjh&impl=fifs&adsid=NT&eid=21062414%2C21064549&vrg=2020012701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200203&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=1&prev_scp=yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Ddefault%26yieldlove_meta_ab%3Dpid%253A19965.scenario%253Adefault%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1&eri=1&cookie=ID%3Dc99fa18582a9cac1%3AT%3D1580690096%3AS%3DALNI_MY7UdXYQ2u6o1a39HIf-Nh_zdQksQ&cookie_enabled=1&bc=31&abxe=1&lmt=1580690097&dt=1580690097060&dlt=1580690095706&idt=327&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=726&adks=3358614790&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&dssz=30&icsg=42962254479&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1981480637.1580690096&ga_sid=1580690096&ga_hid=777540000&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

0b11ba4e69a0a8b99bcf7b19c6b432f234f14b52d5a5ea1b2c67145916188589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2078
x-xss-protection: 0
google-lineitem-id: 5111110714
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138275073032
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5111110714 Show response
api.yieldlove-ad-serving.net/v1/bl/53015287/ 2 B
207 B 45ms
15ms XHR
application/json 18.194.21.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldlove-ad-serving.net/v1/bl/53015287/5111110714
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.21.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-21-214.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
x-powered-by: Express
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-key: /bl/53015287/5111110714
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 2

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D6B 0
0 44ms
43ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9PbFK52vd2Ep4MXTi8bcZEfFCou3iN4Sw50aJm6u3-n-RF0k-UkbSVWKsZ6LyiCCwfxpwfJU8lUx3cxJY5UHf2maf_h4vzuhiIMIUcy4WrPAjnQDukpwQBJVEgs6oR83ZOetmZfLnLOK1Nu1HdUWIx1Oovvm8QryVnDPq-hbm_ewhVJspFsFclHM-Lo-VL1EvTIYhiYOAqPOXmB35ZH5ehwC0nuX2WMp54HmmX4kcM9mho7Cgewty5CAO-rEhb1aT9PEeRyFH1WHP7lWiwffM31w&sig=Cg0ArKJSzITh1MwR1GjjEAE&urlfix=1&adurl=

Requested by

Host: cangamecan2.atwebpages.com
URL: http://cangamecan2.atwebpages.com/game.php?login=L2ZiMTIvbG9naW4vP2lkPTEwMDQ1Mjc=&id=MTAwNDUyNw==&r=ZaZbR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Feb 2020 00:34:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8D6B 53 KB
16 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554f51b62b5284f614efc5e3621dbf116d73b08690524ffa70aa3f6bd209bb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "417 / 673 of 1000 / last-modified: 1580409148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16245
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:57 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D6B 72 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:57 GMT

GET
H2 200 pubads_impl_modern_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8D6B 148 KB
56 KB 40ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020012701.js?21065316

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

073063e1f32d7bad90fc8fd82fb773442dda55132ab21dcdfd0332df94b2f423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 57468
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:57 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 8D6B 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8D6B 14 KB
8 KB 206ms
206ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=349256727015694&correlator=2220432964762098&output=ldjh&impl=fif&eid=21061507%2C21065316%2C21065400%2C21062453%2C21065318&vrg=2020012701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200203&iu=%2F53015287%2Fauskunft.de_d_728x90_1_dc&sz=728x90&eri=2&cookie=ID%3Dc99fa18582a9cac1%3AT%3D1580690096%3AS%3DALNI_MY7UdXYQ2u6o1a39HIf-Nh_zdQksQ&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1580690097&dt=1580690097575&dlt=1580690097380&idt=176&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=726&adk=3040953405&uci=3vguynqte74k&ifi=1&ifk=2364380484&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1878685002.1580690098&ga_sid=1580690098&ga_hid=887189846&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020012701.js?21065316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

1aef290cf8af1181ca76d6e9f0fd197c3b244ce1fa0309e4675bc012b30b656c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8176
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_modern_rendering_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8D6B 64 KB
24 KB 40ms
40ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020012701.js?21065316

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020012701.js?21065316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

c4d62f8c54238536975e6cfb255aa05665bfafdc924181fb62702671bc9636f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24747
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:57 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8D6B 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020012701.js?21065316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8D6B 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e62d5f5483a27d9e2714d091bf9a0701aa782d70443c04fefd7e62c189d83f6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7ABA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020012701.js?21065316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 02 Feb 2020 09:36:14 GMT
expires: Mon, 01 Feb 2021 09:36:14 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 53923
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D6B 74 KB
27 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020012701.js?21065316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 00:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Mon, 03 Feb 2020 00:34:57 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8D6B 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRHxSKf9u2oP8BAtpBxbTsHb-uabITd_R_rIZ0DTTsnRRMKDf7hP9oGT2GLDqdEx4vaBSZVOTo0tGX65SuBTXsO7t5QXNpycJlQB0x6E0&sig=Cg0ArKJSzFlXP890TuHtEAE&adk=3358614790&tt=-1&bs=1585%2C1200&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&p=726,429,816,1157&mcvt=1041&rs=0&ht=0&tfs=103&tls=1144&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1580690097386&dlt&rpt=206&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C1966&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1144&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d6cff4c12864e039216f391f3044616e8e07ad58c08&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 00:34:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 541C 0
0 432ms
428ms Document
text/html 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 03 Feb 2020 00:35:00 GMT
content-type: text/html
set-cookie: __cfduid=d1a58b37756ead16e12d3d3454a669bf71580690099; expires=Wed, 04-Mar-20 00:34:59 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 55f052846c4c9c33-AMS
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E909 0
0 38ms
12ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 03 Feb 2020 00:34:59 GMT
Age: 15605584
Connection: keep-alive
X-Served-By: cache-jfk8124-JFK, cache-fra19126-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 2694903
X-Timer: S1580690100.922321,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&aip=1&a=777540000&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzpp%26c%3Dzrfe608b44461c11eaaa400aef21323755cd8ad89d...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=964999384&_gid=135073167.1580690096&gjid=836881427&_v=j80&z=2141173987

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=964999384&_gid=135073167.1580690096&gjid=836881427&_v=j80&z=2141173987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 03 Feb 2020 00:35:05 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 00:35:05 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1981480637.1580690096&jid=964999384&_gid=135073167.1580690096&gjid=836881427&_v=j80&z=2141173987
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 16:26:26	Name: IDE Value: AHWqTUlgudVYWrLLJwlSav9F4EvvtS8ZU9uZFW-7pYH1oWijOrk2Q2Zvx7phjl4G
			.auskunft.de/	1970-01-20 00:36:02	Name: __gads Value: ID=c99fa18582a9cac1:T=1580690096:S=ALNI_MY7UdXYQ2u6o1a39HIf-Nh_zdQksQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
api.yieldlove-ad-serving.net
cangamecan2.atwebpages.com
cdn-a.yieldlove.com
cdn.districtm.io
clkn.adzopa.com
de.ioam.de
dmx.districtm.io
ib.adnxs.com
pagead2.googlesyndication.com
script.ioam.de
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tracker.auskunft.de
usa.lucretius-ada.com
www.auskunft.de
www.google-analytics.com
www.googletagservices.com
xml.blueparrot.media
ylx-4.com
104.16.68.69
143.204.214.51
151.101.13.108
172.104.23.40
174.137.133.18
18.194.21.214
185.176.43.84
185.33.223.210
185.66.200.218
195.201.46.48
216.58.206.2
217.114.212.216
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:81d::2002
2a00:1450:400c:c00::9a
35.168.147.213
91.215.103.64
91.215.103.65
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876
0698405bd8a5983afbf3542111e84c7daeeda227c254d6d1031fa3a3009c7a68
073063e1f32d7bad90fc8fd82fb773442dda55132ab21dcdfd0332df94b2f423
080802223094723e24b996615aa1f6000759eccdca564910cac931e3e28350a6
08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b11ba4e69a0a8b99bcf7b19c6b432f234f14b52d5a5ea1b2c67145916188589
1aef290cf8af1181ca76d6e9f0fd197c3b244ce1fa0309e4675bc012b30b656c
33df4c4edf49a996eeddbfb2afbd2c078ae4e80daf81ae1b9c8c58607e64cc1c
3723a2b49a1b28b5cfc8294dd7ef09cbd049eeeb4841d076829ecefe12334fb1
3a4f700f8c4523aaf85677dbdea919bdfd0755b4cd4e7834cbb1e7d0e8c7ed88
423c7c4051722ad413fe3d129cc1fa274ae997dfd9f9dab8f855f3f1be83c342
42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554f51b62b5284f614efc5e3621dbf116d73b08690524ffa70aa3f6bd209bb45
594b2d78070890f4ea1301095409b29f45e0910342b968f6daa18cfb17155e1d
6bf797d9a5898ddb0075e99020bbec839c85021ba29944aa149abf63f24916da
6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570
7960e3f3049e145cdf8690073ea439c8788099f8504b9168fd68b5607511bf9f
79a9cfdc8dc5dc5b911c8503192ed34a7e510e1b4d7171173533d14b4021a201
7be6fbac4fa30d3d5dcc3dc08c398d37ab4578325ebe0a709d340a25db34da1e
81b012f463f259e5996c302b18cf78d3c5be30abfe49026b2e6bcddd56828182
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b3be395a08b768d797272204ae5db6d88a81502876b4faa79c48152f805c3c8
8c56581765e5f51bef57643ec360055be52373519eba45e1fc410756811ea15f
98a2c35de4389fa7e5c99461e89f7b9f6ea18701cd5bd4ff425ad4a70daa61d2
9e62d5f5483a27d9e2714d091bf9a0701aa782d70443c04fefd7e62c189d83f6
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
9fc956dee0da06ad46cec18716d9b57ea4c85499a501f2533e0b24f45ba596ec
b628c5566ad8989fa76d4bd7e612bdf27ba11598a86803c0276c864f09da82ee
c4d62f8c54238536975e6cfb255aa05665bfafdc924181fb62702671bc9636f2
d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240
d94322ddc80215d4c8eef680fe180ef38d2b6959a20637a7550ea97bca515d23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0c7d2cee8da781de112a5cfc3fbde9bb0f7037570de74fa2b673d3202b849
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e96a565ea5e2e9eeb4401414cfd1a7fb36cf51aa38b5a60b64464084ea21cff5
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fad63f70d3b7200ae2269052f557cbd24c44f31807a755881d7418213f86b142

www.auskunft.de Open in urlscan Pro 195.201.46.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

32 %IPv6

17 Domains

23 Subdomains

21 IPs

6 Countries

892 kBTransfer

2150 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

32 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

892 kB
Transfer

2150 kB
Size

2
Cookies

60 HTTP transactions
3 data transactions