urlscan.io logo urlscan.io
SecurityTrails logo

www.auskunft.de Open in urlscan Pro
167.233.15.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ccpaitalone.com/
Effective URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Submission: On August 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 10 countries across 36 domains to perform 127 HTTP transactions. The main IP is 167.233.15.201, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.
This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.91 60781 (LEASEWEB-...)
1 2 209.15.13.136 13768 (COGECO-PEER1)
2 34.194.124.180 14618 (AMAZON-AES)
15 167.233.15.201 24940 (HETZNER-AS)
1 13.224.96.119 16509 (AMAZON-02)
4 12 142.250.181.226 15169 (GOOGLE)
1 91.215.103.64 43407 (INFONLINE-AS)
3 95.216.224.232 24940 (HETZNER-AS)
1 2 91.215.100.40 43407 (INFONLINE-AS)
1 18.156.133.101 16509 (AMAZON-02)
1 37.157.3.29 198622 (ADFORM)
6 35.244.159.8 15169 (GOOGLE)
1 185.86.138.32 201081 (SMARTADSE...)
2 184.31.84.150 16625 (AKAMAI-AS)
1 5 185.33.221.53 29990 (ASN-APPNEX)
1 52.58.138.245 16509 (AMAZON-02)
2 104.16.68.69 13335 (CLOUDFLAR...)
5 3.123.197.131 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:219... 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 3.124.64.122 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 1 194.213.62.34 5588 (GTSCE GTS...)
3 10 2.18.234.21 16625 (AKAMAI-AS)
3 3 185.29.135.234 30419 (MEDIAMATH...)
3 3 37.157.2.237 198622 (ADFORM)
1 2600:9000:215... 16509 (AMAZON-02)
1 1 178.250.2.151 44788 (ASN-CRITE...)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
1 2.18.232.130 16625 (AKAMAI-AS)
1 1 91.228.74.198 16509 (AMAZON-02)
2 13.248.242.197 16509 (AMAZON-02)
1 2 209.54.178.82 16509 (AMAZON-02)
1 18.156.0.31 16509 (AMAZON-02)
1 2 34.253.109.165 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.236.212.156 14618 (AMAZON-AES)
127 41
2    212.32.237.91 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ccpaitalone.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: dreamstargroup.com
btpnav.com
2    34.194.124.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-124-180.compute-1.amazonaws.com
antig-hra.com
15    167.233.15.201 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.201.15.233.167.clients.your-server.de
www.auskunft.de
1    13.224.96.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-119.zrh50.r.cloudfront.net
cdn-a.yieldlove.com
12    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
1    91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de
script.ioam.de
3    95.216.224.232 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: server.alpha9.de
tracker.auskunft.de
2    91.215.100.40 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de
cb1aa126.de.ioam.de
1    18.156.133.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-133-101.eu-central-1.compute.amazonaws.com
ice.360yield.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
yieldlove-d.openx.net
eu-u.openx.net
us-u.openx.net
1    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    52.58.138.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-245.eu-central-1.compute.amazonaws.com
hb.adscale.de
2    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
5    3.123.197.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-197-131.eu-central-1.compute.amazonaws.com
prod-ingestion.tracking.v2.yieldlove-ad-serving.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com
2    2600:9000:2190:5c00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
12    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
12    3.124.64.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    2600:9000:2156:7200:12:6213:9cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
si.nuggad.net
1    2600:9000:2156:f400:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
nugmw.userreport.com
1    194.213.62.34 (Brno, Czech Republic)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid3.ibillboard.com
bbnaut.ibillboard.com
10    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
3    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
1    2600:9000:2156:6000:8:5c85:cdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sak.userreport.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu
tracking.m6r.eu
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    34.236.212.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-212-156.compute-1.amazonaws.com
nep.advangelists.com
Apex Domain
Subdomains		 Transfer
18 googlesyndication.com
55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
146 KB
18 auskunft.de
www.auskunft.de
tracker.auskunft.de
155 KB
15 adscale.de
hb.adscale.de
js.adscale.de
ih.adscale.de
15 KB
13 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
163 KB
12 ampproject.org
cdn.ampproject.org
228 KB
10 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
9 KB
6 google.com
adservice.google.com
www.google.com
837 B
6 adnxs.com
ib.adnxs.com
acdn.adnxs.com
21 KB
6 openx.net
yieldlove-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
5 yieldlove-ad-serving.net
prod-ingestion.tracking.v2.yieldlove-ad-serving.net
286 B
4 adform.net
adx.adform.net
track.adform.net
c1.adform.net
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 ioam.de
script.ioam.de
cb1aa126.de.ioam.de
10 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 indexww.com
js-sec.indexww.com
2 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 userreport.com
nugmw.userreport.com
sak.userreport.com
31 KB
2 gstatic.com
fonts.gstatic.com
42 KB
2 google.de
adservice.google.de
287 B
2 districtm.io
dmx.districtm.io
cdn.districtm.io
284 B
2 antig-hra.com
antig-hra.com
3 KB
2 btpnav.com
btpnav.com
3 KB
2 ccpaitalone.com
ccpaitalone.com
1 KB
1 advangelists.com
nep.advangelists.com
233 B
1 dotomi.com
casale-match.dotomi.com
187 B
1 yahoo.com
ups.analytics.yahoo.com
234 B
1 quantserve.com
pixel.quantserve.com
498 B
1 criteo.com
dis.criteo.com
579 B
1 ibillboard.com
bbnaut.ibillboard.com
352 B
1 nuggad.net
si.nuggad.net
511 B
1 googleapis.com
fonts.googleapis.com
674 B
1 smartadserver.com
prg.smartadserver.com
323 B
1 360yield.com
ice.360yield.com
309 B
1 yieldlove.com
cdn-a.yieldlove.com
119 KB
127 36
Domain Requested by
15 www.auskunft.de antig-hra.com
www.auskunft.de
12 ih.adscale.de js.adscale.de
ih.adscale.de
12 tpc.googlesyndication.com www.auskunft.de
securepubads.g.doubleclick.net
tpc.googlesyndication.com
cdn.ampproject.org
12 cdn.ampproject.org securepubads.g.doubleclick.net
cdn.ampproject.org
7 securepubads.g.doubleclick.net www.auskunft.de
securepubads.g.doubleclick.net
5 cm.g.doubleclick.net 4 redirects eu-u.openx.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 prod-ingestion.tracking.v2.yieldlove-ad-serving.net cdn-a.yieldlove.com
5 ib.adnxs.com 1 redirects cdn-a.yieldlove.com
acdn.adnxs.com
4 www.google.com 1 redirects www.auskunft.de
tpc.googlesyndication.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 eu-u.openx.net cdn-a.yieldlove.com
eu-u.openx.net
3 sync.mathtag.com 3 redirects
3 tracker.auskunft.de www.auskunft.de
tracker.auskunft.de
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 match.adsrvr.org eu-u.openx.net
ssum-sec.casalemedia.com
2 us-u.openx.net eu-u.openx.net
2 js-sec.indexww.com cdn-a.yieldlove.com
ssum-sec.casalemedia.com
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 js.adscale.de cdn-a.yieldlove.com
ih.adscale.de
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 htlb.casalemedia.com cdn-a.yieldlove.com
2 cb1aa126.de.ioam.de 1 redirects www.auskunft.de
2 antig-hra.com antig-hra.com
2 btpnav.com 1 redirects ccpaitalone.com
2 ccpaitalone.com 1 redirects
1 nep.advangelists.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ups.analytics.yahoo.com ssum-sec.casalemedia.com
1 c1.adform.net 1 redirects
1 pixel.quantserve.com 1 redirects
1 cdn.districtm.io cdn-a.yieldlove.com
1 acdn.adnxs.com cdn-a.yieldlove.com
1 dis.criteo.com 1 redirects
1 sak.userreport.com si.nuggad.net
1 bbnaut.ibillboard.com 1 redirects
1 nugmw.userreport.com
1 si.nuggad.net 1 redirects
1 googleads.g.doubleclick.net www.auskunft.de
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 dmx.districtm.io cdn-a.yieldlove.com
1 hb.adscale.de cdn-a.yieldlove.com
1 prg.smartadserver.com cdn-a.yieldlove.com
1 yieldlove-d.openx.net cdn-a.yieldlove.com
1 adx.adform.net cdn-a.yieldlove.com
1 ice.360yield.com cdn-a.yieldlove.com
1 script.ioam.de www.auskunft.de
1 cdn-a.yieldlove.com www.auskunft.de
127 56

This site contains links to these domains. Also see Links.

Domain
presse.auskunft.de
www.alpha9marketing.com
Subject Issuer Validity Valid
*.auskunft.de
Sectigo RSA Domain Validation Secure Server CA		 2019-09-12 -
2021-09-11		 2 years crt.sh
cdn-a.yieldlove.com
Amazon		 2020-09-18 -
2021-10-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.ioam.de
Thawte TLS RSA CA G1		 2019-09-18 -
2021-12-17		 2 years crt.sh
tracker.auskunft.de
cPanel, Inc. Certification Authority		 2021-05-28 -
2021-08-26		 3 months crt.sh
*.de.ioam.de
Thawte TLS RSA CA G1		 2021-07-12 -
2022-07-20		 a year crt.sh
*.360yield.com
Amazon		 2021-07-29 -
2022-08-27		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adscale.de
Amazon		 2021-05-09 -
2022-06-07		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
prod-ingestion.tracking.v2.yieldlove-ad-serving.net
R3		 2021-07-24 -
2021-10-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.userreport.com
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh

This page contains 12 frames:

Primary Page: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Frame ID: 56851CE0EF0511642D2DCA3F97F74D34
Requests: 57 HTTP requests in this frame

Frame: https://55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC64FBA4DD1A7C45B2A8CE10AD914886
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: C1420363A453CE2AFDAB3D07E102EED1
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 390BA6A81F0E80EDD344427368F32332
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 358B94AD5B5985A8A4E756E3B92E145E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 11354147A143D273467B5A20657F0206
Requests: 20 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Frame ID: 810FA45004805E6AA19AD79B6E8E60D2
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EE9EBB2DB8ABAD3FD31EB3D0C1E8B986
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 2E568F189EAD454B1B386717AAAC52D2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 27855E3804467AE74EB7BA5EB7D16540
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: 01C7C9269B092EA9D03D03D99EE36668
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0D01813FA7FD93A86221E12CBB8E7927
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ccpaitalone.com/ Page URL
  2. http://ccpaitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODI... HTTP 302
    http://btpnav.com/click?data=aFFPZ2pLU25pUGdhLVRHRUE4NWRVSUhCTXFkSmhGX3N4UXJQZTltdkFXMXF2Z2dCa... Page URL
  3. http://btpnav.com/Redirect/ HTTP 302
    http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b... Page URL
  4. http://antig-hra.com/zcredirect?visitid=5c605167-f707-11eb-81c0-0ae04f593591&type=js&browserWidth... Page URL
  5. https://www.auskunft.de/?rt=y&scr=zep&c=672097 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

127
Requests

96 %
HTTPS

35 %
IPv6

36
Domains

56
Subdomains

41
IPs

10
Countries

949 kB
Transfer

2557 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ccpaitalone.com/ Page URL
  2. http://ccpaitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODI5Njg1NCwiaWF0IjoxNjI4Mjg5NjU0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWNkaGszYTU4dDhwMTdxdmcwcGM0YzEiLCJuYmYiOjE2MjgyODk2NTQsInRzIjoxNjI4Mjg5NjU0OTQwMzAyfQ.nfJYHU8or2lU4Tbb5P-MrBr0gXrMRxoR6PDMP3mdDYU&sid=5c3c8816-f707-11eb-b0a6-df420426893e HTTP 302
    http://btpnav.com/click?data=aFFPZ2pLU25pUGdhLVRHRUE4NWRVSUhCTXFkSmhGX3N4UXJQZTltdkFXMXF2Z2dCanJhT2JweHh2X3BPZ2h0Si1SdFZ6RnJNMFFTSm9POGJ1YUstbDV3blM5b0pvb3VIeUNEZVQ0cHdhaXZHc1VVaVR0b3l6ekpSX2VtaEFwTFhNaEUzNXBYUnVOOUVnbVhwYTFMMXFnMg2&id=52f89188-eef8-41aa-9b02-c12bebcf65a9 Page URL
  3. http://btpnav.com/Redirect/ HTTP 302
    http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
  4. http://antig-hra.com/zcredirect?visitid=5c605167-f707-11eb-81c0-0ae04f593591&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  5. https://www.auskunft.de/?rt=y&scr=zep&c=672097 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://ccpaitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODI5Njg1NCwiaWF0IjoxNjI4Mjg5NjU0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWNkaGszYTU4dDhwMTdxdmcwcGM0YzEiLCJuYmYiOjE2MjgyODk2NTQsInRzIjoxNjI4Mjg5NjU0OTQwMzAyfQ.nfJYHU8or2lU4Tbb5P-MrBr0gXrMRxoR6PDMP3mdDYU&sid=5c3c8816-f707-11eb-b0a6-df420426893e HTTP 302
  • http://btpnav.com/click?data=aFFPZ2pLU25pUGdhLVRHRUE4NWRVSUhCTXFkSmhGX3N4UXJQZTltdkFXMXF2Z2dCanJhT2JweHh2X3BPZ2h0Si1SdFZ6RnJNMFFTSm9POGJ1YUstbDV3blM5b0pvb3VIeUNEZVQ0cHdhaXZHc1VVaVR0b3l6ekpSX2VtaEFwTFhNaEUzNXBYUnVOOUVnbVhwYTFMMXFnMg2&id=52f89188-eef8-41aa-9b02-c12bebcf65a9
Request Chain 2
  • http://btpnav.com/Redirect/ HTTP 302
  • http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Request Chain 17
  • https://cb1aa126.de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=antig-hra.com&r2=http%3A%2F%2Fantig-hra.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0015&i2=001534894ecfc5976610dba78&ep=1650094395&vr=434&id=qn28vx&i3=001534894ecfc5976610dba78%3A1659220856679%3A1628289656679%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1628289656679&n1=1&dntt=0&lt=1628289656680&ev=&cs=9pl2s2&mo=1 HTTP 302
  • https://cb1aa126.de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=antig-hra.com&r2=http%3A%2F%2Fantig-hra.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0015&i2=001534894ecfc5976610dba78&ep=1650094395&vr=434&id=qn28vx&i3=001534894ecfc5976610dba78%3A1659220856679%3A1628289656679%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1628289656679&n1=1&dntt=0&lt=1628289656680&ev=&cs=9pl2s2&mo=1&sr=71
Request Chain 61
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 92
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
  • https://nugmw.userreport.com/rc-ap/6e37a38b-72c1-483e-8c93-a462d3e1290d/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Request Chain 94
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=862eda5199014220b8f7a2bedf794f2b&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=101&tpuid=BBID-01-03030036590708855-16359804
Request Chain 95
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0ae41a593c47745f4b8eb54991de45fd3871224f9665d6718cdd93f58eff02d1&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg&s=183592&tpid=63&uid=0ae41a593c47745f4b8eb54991de45fd3871224f9665d6718cdd93f58eff02d1&C=1 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YQ26e-er2nHmFFFoFf6I0wAA%261126
Request Chain 97
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=1d2f54c57ff6fcfc7ee1b5fe216223f085d92400d3cc7babc9d7fb49ed2ddb8b&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Request Chain 98
  • https://track.adform.net/serving/cookie/match/?party=9&uid=f9f1d4e45571afefabf67d624619ec1b641875381f59072d1c8e84111d0ae264&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=f9f1d4e45571afefabf67d624619ec1b641875381f59072d1c8e84111d0ae264&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=42&tpuid=7441351604953165658
Request Chain 101
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=7a569c2e7584f424a83bf5ff768654526652007e74cebd4f533a521bc7c72ebe&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fc65abc5-8c92-4c11-a066-22c833f6636a
Request Chain 102
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=df3fe35bbda479844bfccfb658ec8f052bc28f684114848ae3122da8976e0cd6&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=2068b27f9197b3f9b26d4ebc0997f3768338c5686fe0bb006c7e02a1b30832d3&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?uid=2068b27f9197b3f9b26d4ebc0997f3768338c5686fe0bb006c7e02a1b30832d3&tpid=38&tpuid=CAESEBWeQLQDMyaBcXoz9n72-js&google_cver=1
Request Chain 104
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=99e36d06ba8df8b76747d4f019da6aa6b12ac81e4c941f01656053ec8d072d93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fjs HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=99e36d06ba8df8b76747d4f019da6aa6b12ac81e4c941f01656053ec8d072d93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fjs&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/js?tpid=48&tpuid=0363c8e9b8cc9d79f585cc2982f3b59c
Request Chain 110
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Request Chain 111
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=5CNwP7Bzdzj_J3lr63FtOOFweWn_cXJosSp6JaYD
Request Chain 112
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7441351604953165658
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPvSSVMJdwjDCNaH33mGVUE&google_cver=1
Request Chain 116
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAw1mrSijynOvhV8d9wgdOM&google_cver=1
Request Chain 120
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQ26e-er2nHmFFFoFf6I0wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPes6KXwPBTb3vd1C1GSuGk&google_cver=1&gdpr=1
Request Chain 121
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB&dcc=t
Request Chain 123
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQ26e-er2nHmFFFoFf6I0wAA%261126?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQ26e-er2nHmFFFoFf6I0wAA%261126?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 124
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628376060&gdpr=1
Request Chain 125
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5d048336-821b-47b8-9cf9-abd2518bfdef

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ccpaitalone.com/ 		471 B
830 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ccpaitalone.com/
Protocol
HTTP/1.1
Server
212.32.237.91 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
83309f105530110a5e0572987eaa7a879990353fdba3b1a43ca59dfa03438c56

Request headers

Host
ccpaitalone.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
471
content-type
text/html; charset=utf-8
date
Fri, 06 Aug 2021 22:40:54 GMT
server
nginx
set-cookie
sid=5c3c8816-f707-11eb-b0a6-df420426893e; path=/; domain=.ccpaitalone.com; expires=Thu, 25 Aug 2089 01:55:01 GMT; max-age=2147483647; HttpOnly
Cookie set click
btpnav.com/
Redirect Chain
  • http://ccpaitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODI5Njg1NCwiaWF0IjoxNjI4Mjg5NjU0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWNkaGszYTU4dDhwMTdxdmcwcGM0Y...
  • http://btpnav.com/click?data=aFFPZ2pLU25pUGdhLVRHRUE4NWRVSUhCTXFkSmhGX3N4UXJQZTltdkFXMXF2Z2dCanJhT2JweHh2X3BPZ2h0Si1SdFZ6RnJNMFFTSm9POGJ1YUstbDV3blM5b0pvb3VIeUNEZVQ0cHdhaXZHc1VVaVR0b3l6ekpSX2VtaEFw...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btpnav.com/click?data=aFFPZ2pLU25pUGdhLVRHRUE4NWRVSUhCTXFkSmhGX3N4UXJQZTltdkFXMXF2Z2dCanJhT2JweHh2X3BPZ2h0Si1SdFZ6RnJNMFFTSm9POGJ1YUstbDV3blM5b0pvb3VIeUNEZVQ0cHdhaXZHc1VVaVR0b3l6ekpSX2VtaEFwTFhNaEUzNXBYUnVOOUVnbVhwYTFMMXFnMg2&id=52f89188-eef8-41aa-9b02-c12bebcf65a9
Requested by
Host: ccpaitalone.com
URL: http://ccpaitalone.com/
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
dreamstargroup.com
Software
Microsoft-IIS/8.5 /
Resource Hash
8138b5f1bed7dac12f99e90aca5f64402c487e9f4fc60a8325c237a29f200d78

Request headers

Host
btpnav.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ccpaitalone.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://ccpaitalone.com/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Set-Cookie
FjBMpaGjoetOftp=FjBMpaGjoetOftp; path=/
X-Server
web02
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Fri, 06 Aug 2021 22:40:54 GMT
Content-Length
2181

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 06 Aug 2021 22:40:55 GMT
location
http://btpnav.com/click?data=aFFPZ2pLU25pUGdhLVRHRUE4NWRVSUhCTXFkSmhGX3N4UXJQZTltdkFXMXF2Z2dCanJhT2JweHh2X3BPZ2h0Si1SdFZ6RnJNMFFTSm9POGJ1YUstbDV3blM5b0pvb3VIeUNEZVQ0cHdhaXZHc1VVaVR0b3l6ekpSX2VtaEFwTFhNaEUzNXBYUnVOOUVnbVhwYTFMMXFnMg2&id=52f89188-eef8-41aa-9b02-c12bebcf65a9
server
nginx
set-cookie
sid=5c3c8816-f707-11eb-b0a6-df420426893e; path=/; domain=.ccpaitalone.com; expires=Thu, 25 Aug 2089 01:55:02 GMT; max-age=2147483647; HttpOnly
fa8076ca-64e7-4648-95fb-59f8b6b1f6e1
antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/
Redirect Chain
  • http://btpnav.com/Redirect/
  • http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
996 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Protocol
HTTP/1.1
Server
34.194.124.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-124-180.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
f98f9dc2df11dea4ebc85e3f8d4a8a7b69969bbbe30a255d2b973e389739ccb9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
antig-hra.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://btpnav.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://btpnav.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://btpnav.com/

Response headers

Date
Fri, 06 Aug 2021 22:40:56 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web02
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Fri, 06 Aug 2021 22:40:55 GMT
Content-Length
269
zcredirect
antig-hra.com/ 		274 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
http://antig-hra.com/zcredirect?visitid=5c605167-f707-11eb-81c0-0ae04f593591&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: antig-hra.com
URL: http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Protocol
HTTP/1.1
Server
34.194.124.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-124-180.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
0b7c88f2c736a740539f7f0ca6226e5b9d2a556363db7ac4938020fcf980535c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
antig-hra.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://antig-hra.com/zcvisitor/5c605167-f707-11eb-81c0-0ae04f593591/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Date
Fri, 06 Aug 2021 22:40:56 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request /
www.auskunft.de/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/?rt=y&scr=zep&c=672097
Requested by
Host: antig-hra.com
URL: http://antig-hra.com/zcredirect?visitid=5c605167-f707-11eb-81c0-0ae04f593591&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
e1a46e020b4ac58f00534bdae8194be1af3d5ab2312d41b27ab90da27b9c63b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.auskunft.de
:scheme
https
:path
/?rt=y&scr=zep&c=672097
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://antig-hra.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://antig-hra.com/

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Aug 2021 22:40:56 GMT
expires
Sat, 21 Aug 2021 00:40:56 GMT
pragma
no-cache
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
auskunftc688b075af97f61dac87.woff2
www.auskunft.de/assets/bundles/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/auskunftc688b075af97f61dac87.woff2
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
d3302542a5cb48952467539fee7065b4811d8d574c6d4c83e1a20f4f440780be

Request headers

:path
/assets/bundles/auskunftc688b075af97f61dac87.woff2
pragma
no-cache
origin
https://www.auskunft.de
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.auskunft.de
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:39:26 GMT
last-modified
Mon, 02 Aug 2021 13:15:47 GMT
etag
"6107f003-39dc"
content-type
application/octet-stream
cache-control
public
accept-ranges
bytes
content-length
14812
expires
Sun, 05 Sep 2021 22:40:56 GMT
main-index.c8748c63f60ab966d8dc.css
www.auskunft.de/assets/bundles/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main-index.c8748c63f60ab966d8dc.css
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
d4a920d3b9f8cbd304ba9e5b7d19cf554f0c6f6b94483ec18b8650311890b1ff

Request headers

:path
/assets/bundles/main-index.c8748c63f60ab966d8dc.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:40:46 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 08:30:33 GMT
age
0
etag
"60f689a9-d9ae"
vary
Accept-Encoding
content-type
text/css
cache-control
public
accept-ranges
bytes
content-length
13360
expires
Sun, 05 Sep 2021 22:40:56 GMT
yieldlove-bidder.js
cdn-a.yieldlove.com/ 		406 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-119.zrh50.r.cloudfront.net
Software
/ Express
Resource Hash
2b7c6d1226154499ea73a3eb13e6ee6b76e76b4769511d40508d4cc133eb73c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:14:23 GMT
content-encoding
gzip
etag
"6560d-ogq20xVjz6HoUCaEJDm3o3k4n48"
age
1717
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
GeGVWlr7nePU0Hb6pZGnYmInW9CDvZn7RgdmZVmtS3zy8JNsibGNCQ==
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
69cb8af6bcbd3ef6bf3ec3d81ec444a6f92975840bb6c1f83fbd5097f80dd516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"951 / 324 of 1000 / last-modified: 1628287704"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24935
x-xss-protection
0
expires
Fri, 06 Aug 2021 22:40:56 GMT
auskunft_de_logo.webp
www.auskunft.de/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5

Request headers

:path
/img/auskunft_de_logo.webp?v=20170717
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:38:56 GMT
last-modified
Fri, 21 Jul 2017 08:52:49 GMT
etag
"5971c0e1-4ee"
content-type
image/webp
cache-control
public
accept-ranges
bytes
content-length
1262
expires
Sun, 05 Sep 2021 22:40:56 GMT
auskunft_de_logo_bubble_white.png
www.auskunft.de/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/auskunft_de_logo_bubble_white.png
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
7308dc6dd335964ca45b89f31b5570bb22337e0286e80eec2ee71e9800ab1e34

Request headers

:path
/img/auskunft_de_logo_bubble_white.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:38:56 GMT
last-modified
Mon, 04 Jan 2021 13:50:23 GMT
age
0
etag
"5ff31d1f-1393"
content-type
image/png
cache-control
public
accept-ranges
bytes
content-length
5011
expires
Sun, 05 Sep 2021 22:40:56 GMT
geo-location-icon_index.svg
www.auskunft.de/img/ 		812 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/geo-location-icon_index.svg
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
c285249174df5820775029de102f702bfddba0c0a7fa21f2f52350b0ac87274c

Request headers

:path
/img/geo-location-icon_index.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:40:46 GMT
last-modified
Wed, 16 Sep 2020 08:42:09 GMT
age
0
etag
"5f61cfe1-32c"
content-type
image/svg+xml
cache-control
public
accept-ranges
bytes
content-length
812
expires
Sun, 05 Sep 2021 22:40:56 GMT
main.5924d34f30e5bf18d55e.js
www.auskunft.de/assets/bundles/ 		104 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
266293d165ce8be7ab278fd881988461995b486a51058688f3f6fae1a7ff3034

Request headers

:path
/assets/bundles/main.5924d34f30e5bf18d55e.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:38:56 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 12:57:13 GMT
age
0
etag
"60ed8da9-1a146"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
41466
expires
Sun, 05 Sep 2021 22:40:56 GMT
iam.js
script.ioam.de/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js?m=1
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script3.ioam.de
Software
nginx / BLACKBIRD-SRC v0.13 0015
Resource Hash
25c79575cc09ee572d3b103f1cfe588faf8f25c6a78478aa2f3b7329efb1cebb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 22:40:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Aug 2021 22:40:56 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.13 0015
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Sat, 07 Aug 2021 00:40:56 GMT
container_XeGgyOy3.js
tracker.auskunft.de/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.auskunft.de/js/container_XeGgyOy3.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.224.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.alpha9.de
Software
Apache /
Resource Hash
080151775ec00e445940ccdaee1eeeaec7b94ff71b73bd57650b4131251b1f7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
br
last-modified
Mon, 22 Feb 2021 13:50:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7710
matomo.js
tracker.auskunft.de/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.auskunft.de/matomo.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.224.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.alpha9.de
Software
Apache /
Resource Hash
c55802f234ad7b9b16b8d6f0950f46b1214db417d3f687ec27646ed754cd1168

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
br
last-modified
Mon, 31 May 2021 07:14:18 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
19577
pubads_impl_2021080301.js
securepubads.g.doubleclick.net/gpt/ 		325 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
428f71e1b03adf42ada780217e07a5ebbad73a5c7843502197e3eece8764adbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 08:37:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116108
x-xss-protection
0
expires
Fri, 06 Aug 2021 22:40:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2aed3df476c139a40a27586d697a0fa5b88607dcfa64e14d2c0bb21fb42c30d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71
x-xss-protection
0
expires
Fri, 06 Aug 2021 22:40:56 GMT
tx.io
cb1aa126.de.ioam.de/
Redirect Chain
  • https://cb1aa126.de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=antig-hra.com&r2=http%3A%2F%2Fantig-hra.com%2F&ur=www.auskunft.de...
  • https://cb1aa126.de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=antig-hra.com&r2=http%3A%2F%2Fantig-hra.com%2F&ur=www.auskunft.de...
0
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cb1aa126.de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=antig-hra.com&r2=http%3A%2F%2Fantig-hra.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0015&i2=001534894ecfc5976610dba78&ep=1650094395&vr=434&id=qn28vx&i3=001534894ecfc5976610dba78%3A1659220856679%3A1628289656679%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1628289656679&n1=1&dntt=0&lt=1628289656680&ev=&cs=9pl2s2&mo=1&sr=71
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
de4.ioam.de
Software
nginx / BLACKBIRD-RCV v1.06.2 0038
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 22:40:56 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.06.2 0038
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Fri, 06 Aug 2021 22:40:56 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.06.2 0038
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Fri, 06 Aug 2021 22:40:56 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=antig-hra.com&r2=http%3A%2F%2Fantig-hra.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0015&i2=001534894ecfc5976610dba78&ep=1650094395&vr=434&id=qn28vx&i3=001534894ecfc5976610dba78%3A1659220856679%3A1628289656679%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1628289656679&n1=1&dntt=0&lt=1628289656680&ev=&cs=9pl2s2&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Thu, 06 Aug 2020 22:40:56 GMT
hb
ice.360yield.com/ 		93 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2225387bb15756fe%22%2C%22version%22%3A%227.3.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26scr%3Dzep%26c%3D672097%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222d030e6fff4316%22%2C%22pid%22%3A22324396%2C%22tid%22%3A%222ec53f54-722d-4f31-805c-55ffed9fd47f%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.133.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-133-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2413ca7659a46ba05b7d749c833fd0b35e083043a0100b8947c9bda30508d114

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.auskunft.de
date
Fri, 06 Aug 2021 22:40:56 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
93
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPTJlYzUzZjU0LTcyMmQtNGYzMS04MDVjLTU1ZmZlZDlmZDQ3Zg%3D%3D&pt=gross&stid=54463aee-8bf9-4da4-950f-97a5708697ad&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
arj
yieldlove-d.openx.net/w/1.0/ 		172 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26scr%3Dzep%26c%3D672097&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=57cafd9d-b912-4d77-8c3d-8933d05097a1%2C2ec53f54-722d-4f31-805c-55ffed9fd47f&nocache=1628289656726&aus=300x250%2C200x200%2C250x250%7C728x90&divIds=%252F53015287%252Fauskunft.de_d_300x250_1%2C%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797124%2C540797111
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
2c8d561cf849d2cc1c8af4cbe599326d62559ee680ced674970518cee83fd3ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
server
OXGW/16.213.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.auskunft.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:55 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392699&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210843aeff0a86f8%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fantig-hra.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26scr%3Dzep%26c%3D672097%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211bee588c659675%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221265d392be19d19%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213fe39a04a1faf6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22146a9f3be2ea89b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2fe1626c6ce5f01c844a3c7b8aba39c0a336f519c5e76e74f94462d787edcb5e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 06 Aug 2021 22:40:56 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392699&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2210843aeff0a86f8%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fantig-hra.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26scr%3Dzep%26c%3D672097%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211bee588c659675%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22video%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A4%7D%7D%2C%7B%22id%22%3A%22146a9f3be2ea89b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22placement%22%3A4%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2fe1626c6ce5f01c844a3c7b8aba39c0a336f519c5e76e74f94462d787edcb5e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 06 Aug 2021 22:40:56 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6624c30e6f6a70ef2a82eb9937b2229429ed07cf8a4a0621bdc705a4fd4620cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:40:56 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0ba83315-cf97-4896-a02b-33ea8f60cb9f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dsh
hb.adscale.de/ 		11 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
content-type
text/plain
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
prebid
ib.adnxs.com/ut/v3/ 		250 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0e6e81f750805fd1ea6955e25cad0f8f206e781aab81de4c1530975054a2de7a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:40:56 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c719f6de-ca7f-48db-af05-089c472393a6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Aug 2021 22:40:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.auskunft.de
access-control-allow-credentials
true
cf-ray
67abc512ec9b32a7-CDG
access-control-allow-headers
Content-Type, Origin
session
prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/session
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.197.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-197-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 06 Aug 2021 22:40:56 GMT
auction
prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/auction
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.197.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-197-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 06 Aug 2021 22:40:56 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1458042366900506&correlator=1092933508901771&output=ldjh&impl=fifs&eid=31062206%2C20211866%2C31062065&vrg=2021080301&ptt=17&sc=1&sfv=1-0-38&ecs=20210806&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1628289656&dt=1628289656777&dlt=1628289656527&idt=231&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=844&adks=3358614790&ucis=1&ifi=1&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26scr%3Dzep%26c%3D672097&ref=http%3A%2F%2Fantig-hra.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=27830490.1628289657&ga_sid=1628289657&ga_hid=23747582&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b8e5987e90cc7cf49622e04b781a1f7a93e41d65539902e0e6e9907fd78b8b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12790
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC64 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 06 Aug 2021 22:40:56 GMT
expires
Sat, 06 Aug 2022 22:40:56 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
matomo.php
tracker.auskunft.de/ 		0
75 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.auskunft.de/matomo.php?action_name=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%2C%20Gesch%C3%A4ften%20und%20Jobs&idsite=1&rec=1&r=909794&h=0&m=40&s=56&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26scr%3Dzep%26c%3D672097&urlref=http%3A%2F%2Fantig-hra.com%2F&_id=&_idn=1&_refts=1628289657&_ref=http%3A%2F%2Fantig-hra.com%2F&send_image=0&cookie=1&res=1600x1200&pv_id=45oZCJ&devicePixelRatio=1&pf_net=39&pf_srv=139&pf_tfr=1&pf_dm1=69
Requested by
Host: tracker.auskunft.de
URL: https://tracker.auskunft.de/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.224.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.alpha9.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.auskunft.de
date
Fri, 06 Aug 2021 22:40:56 GMT
access-control-allow-credentials
true
server
Apache
vary
Origin
770.723bc5e515e25799c77f.js
www.auskunft.de/assets/bundles/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/770.723bc5e515e25799c77f.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
656fa173073aa63f9f6ad0d811bfac85d2c0da5a65e4e63f4a913a8f5f52390d

Request headers

:path
/assets/bundles/770.723bc5e515e25799c77f.js
pragma
no-cache
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:39:56 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 13:15:47 GMT
age
0
etag
"6107f003-bd28"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
19422
expires
Sun, 05 Sep 2021 22:40:56 GMT
app.d33a586141165ed51a43.js
www.auskunft.de/assets/bundles/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/app.d33a586141165ed51a43.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
1342e45e303e33d94394c68360c28268123f739f1dd09509972871be263a8544

Request headers

:path
/assets/bundles/app.d33a586141165ed51a43.js
pragma
no-cache
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:40:46 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 12:57:13 GMT
age
0
etag
"60ed8da9-9531"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
12034
expires
Sun, 05 Sep 2021 22:40:56 GMT
geolocation.e1647304385d87510f36.js
www.auskunft.de/assets/bundles/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/geolocation.e1647304385d87510f36.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
7ecb113f28cdcfa9fc7384271af128a04ecf7b1d6b16b82a8e93f3f6812b026c

Request headers

:path
/assets/bundles/geolocation.e1647304385d87510f36.js
pragma
no-cache
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:39:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 16:18:36 GMT
age
0
etag
"60e7255c-1eec"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
2875
expires
Sun, 05 Sep 2021 22:40:56 GMT
navigation-dropdown.aefa295b3b84385af9dc.js
www.auskunft.de/assets/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/navigation-dropdown.aefa295b3b84385af9dc.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
99dd0535828df2d11e71a61f354761dae517cd4509013f1d93dc3cc872466800

Request headers

:path
/assets/bundles/navigation-dropdown.aefa295b3b84385af9dc.js
pragma
no-cache
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:40:26 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 16:18:36 GMT
etag
"60e7255c-2260"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
3063
expires
Sun, 05 Sep 2021 22:40:56 GMT
searchbar.0fb82f40977ccd60e4f4.js
www.auskunft.de/assets/bundles/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/searchbar.0fb82f40977ccd60e4f4.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
c542dd780bddccf378b09f16ab5f1fec4c11b4c347592873b7e5232c3b053129

Request headers

:path
/assets/bundles/searchbar.0fb82f40977ccd60e4f4.js
pragma
no-cache
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:39:46 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 16:18:36 GMT
age
0
etag
"60e7255c-2d96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
4125
expires
Sun, 05 Sep 2021 22:40:56 GMT
job-search-bar-suggestion.9f4a6877be5baeaaa377.js
www.auskunft.de/assets/bundles/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/job-search-bar-suggestion.9f4a6877be5baeaaa377.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
7943d76e22de0aefed39ab1fe4b54214cd3e541e8371577448a1737db4e656b0

Request headers

:path
/assets/bundles/job-search-bar-suggestion.9f4a6877be5baeaaa377.js
pragma
no-cache
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:39:56 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 12:57:13 GMT
etag
"60ed8da9-1d9b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
2628
expires
Sun, 05 Sep 2021 22:40:56 GMT
session.263be6c3879e2a88c244.js
www.auskunft.de/assets/bundles/ 		1 KB
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/session.263be6c3879e2a88c244.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.5924d34f30e5bf18d55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
36836a20ba7993fec6a9778833dfe3948255a849dcb15952483d47b956466080

Request headers

:path
/assets/bundles/session.263be6c3879e2a88c244.js
pragma
no-cache
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 22:39:36 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 13:15:47 GMT
age
0
etag
"6107f003-569"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
599
expires
Sun, 05 Sep 2021 22:40:56 GMT
userconnect.js
js.adscale.de/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PU2jw1UpXYdxb7_s5N9z9C2Wbpw_NRZJ
content-encoding
br
last-modified
Sat, 10 Jul 2021 00:26:53 GMT
server
AmazonS3
age
68
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 06 Aug 2021 22:39:49 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
WmsklxWYvwqtnRb01zSE0UIYDHll0xvEBAuLht7TSqdaxfpYL5ip0Q==
user-data
www.auskunft.de/api/ 		62 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/api/user-data?features=geoLocationInformation
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/geolocation.e1647304385d87510f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
17ec9306cf3776e9a261e143132370ba9657c07843d257d58dc5f3c15ee9f8e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
iom_consent=0000000000&1628289656677; ioam2018=001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
:path
/api/user-data?features=geoLocationInformation
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y&scr=zep&c=672097
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
deny
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
AUSKUNFT_SESSION=cfkkob279lh9p7dmh2g831rrgh; path=/; HttpOnly
accept-ranges
bytes
x-robots-tag
noindex
vary
Accept-Encoding
content-length
84
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 01:00:00 GMT
bid
prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/bid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.197.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-197-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 06 Aug 2021 22:40:57 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107240354000/ Frame C142 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
39999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55201
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"56e2a7f7d448fcb3"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame C142 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
39999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4865
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ff227f97ed674b5b"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame C142 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
39999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3719646983ab1de2"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame C142 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
39999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1653
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"687e73129cfc4c8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame C142 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
39999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12828
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4abe217821914203"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
css
fonts.googleapis.com/ Frame C142 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 20:43:12 GMT
server
ESF
date
Fri, 06 Aug 2021 22:40:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Aug 2021 22:40:57 GMT
truncated
/ Frame C142 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8d1787657f9f6560a168e592bb5a1943c1598f0ef01db1be7d37d9820653f2a

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
de_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C142 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de_bl.png
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
368be5b1af24c639407189f0b87ac8725576dfa28c4a6b3c34fabe6bc290ae1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 23:02:19 GMT
x-content-type-options
nosniff
server
cafe
age
85118
etag
8099720053858202446
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2952
x-xss-protection
0
expires
Fri, 06 Aug 2021 23:02:19 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C142 		295 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
34396
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 07 Aug 2021 13:07:41 GMT
l
www.google.com/ads/measurement/ Frame C142 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8kxj-ie0_jXRnhuWhdKtO-wgVDkzn2LS7MpOUqdDVt0IPSXxe6e7dukDAPvYuWgL_TQojItq37CIa77kBBdTTOQzPVQ
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C142 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWzsveLoNYdyEMtOAx_AP3varoAby8NmQY6OKy9-ZDcCNtwEQASCXwNofYJX68IGMB6ABqKGLxgPIAQGpAo2tPLUeu7M-4AIAqAMByAMKqgTmAU_QkClgzrsfcSpQA9-62HKbwLu0p00Oo47Y_CnuTzvPLuj6W52YstLi62Sbe-bPTW5W_7k5IEgfdDqc78jd0aLktG8ejajOjBpeo7plEveOlSokwzAaNTc_hSU2QC8f3v-Ap5XL8SP4rFSxVaW9mBqRxHii-aXxtxDnbRdaDjvjYYoAyuLhYWyMzVZHrOMyRvBH4dCWzK189qYhW4sA42jz-URQ21GPpcURAzp1dbtm6BpXIje1Es3SPr7fNVq-K0nfaaql8eHta3wCFRe4ezWUFjCTLsqWpYQGouCsn1q1snEvFqpywATV-vLSpAPgBAGSBQQIBBgBkgUECAUYBKAGUYAHwN70OagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDWlwTSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkwNjg5NjY2MzEzODk2NzeACgPICwHYEwrQFQGAFwGyFxoKGAgAEhRwdWItMTI3NDQxNjM1MzY5MzU5OA&sigh=ODetFC4GX6A
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
win
prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/win
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.197.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-197-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 06 Aug 2021 22:40:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b985d771ffa26bf95a2a3bf201a61b72df38be7657e240f8c7369eb9e7aded0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 22:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8648
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame C142 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.auskunft.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 02:22:18 GMT
x-content-type-options
nosniff
age
332319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 02:22:18 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame C142 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.auskunft.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 13:46:22 GMT
x-content-type-options
nosniff
age
291275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:46:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 06 Aug 2021 22:40:57 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C142
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 06 Aug 2021 22:40:57 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 390B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 06 Aug 2021 21:35:25 GMT
expires
Sat, 06 Aug 2022 21:35:25 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3932
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 358B 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dde4e094d302a801e05f974e50317e862fd0a3957b557f9ca5508b628398b772
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-alvZi3b+4za8KX/AhGWyzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 06 Aug 2021 22:40:57 GMT
date
Fri, 06 Aug 2021 22:40:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-alvZi3b+4za8KX/AhGWyzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame 390B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 11:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
39671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 Aug 2022 11:39:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080301&jk=1458042366900506&bg=!AQKlAkbNAAals0SOpbM7ACkAdvg8WvFfuKN5uPKjR4wJQq6RtJI-gCyAn4ceqO31DIy6aJKDRG83KgIAAABHUgAAAAtoAQcKAPanerV7ltn8k22_t-fo_nv62XbrNLzkQHDSjmmZTaebQZQlNu86bgi_gNTVsgHDGgWnVxFsL0iMm9purOXOXiqjWpMKjf6stc5W4PkpkEujMLGB91FYbZTBqL8UIVE4Q17EtPM-ZCe86SXjJFWVppZ1yLmRtSIV8DCfatWMuvtj6Kahjg0Aqt1j_bYhSEwhk8AB8xD-ZEv7UiJrTGkLktYUB-EZbhaW8SqdH0OToh3Rfruv_NNhEbhe2ZXRaWQrI7GtYzXa0TGw3OviShEvQW3LRtubnzCY5aLIxyYwaxyeycBq7vevw6_KEf0znfAxacRCRSsHbA6ZAnTq3cbJJWUM9E6wuUGeVmSM3Z10SaQjnv4xt_h26k9CXtPdl6xJBLxIMzylPXiA8nuVokbK5jcKa3xYU4czeiq2w_f9BXLgpRvSwi4tycBgaA93jNy1D6xxd2HL3GFRBxrtMf8yjLgJxKbylNRZDDMKNSpWhW8aa3s0u0nXgMkgF07zweEwfbdzFjExUoNRxCm-1itbE21dopHYJkftZcgx_PYfPzeLPhHUzG3NHFjNH7ofmdV-Yz12EpwokGJHn997w3y0VHCHzW1xvXnJj7a1y_T8Pg8LgmMpvXE-0DPNa5zjExHtAFIfs58UqIA8KL32Ej1UKV6HD7eywmtWaswaVMmToNUgGGDTKkn4AMqy24OK4CKAJAMGQUeVN0IvzY6xeRZoDcRgR44vR2l-eIdqkPi3AXBz-qvUIYmcUl-CWKumwXdW1fMVVZG3A1FwZE_F-WXsm8HYWCBJT8UE7v2CpMSOp0YAMAM3f3zeS_lCTr9RJd4QQlHxTgXKI4u_EcOIK0BZ9VoKsRTR8DlL0O89fQReENflF0H31Jhx4gbot9QuKVFFXwbCGFrj93OuyumBnBvMdiwOrFbiqZbq0ck4Pf3LXeL27LvuxDrKovOR34cZisxEC1APJebg3ZHuHdm8RAoeRtw0BxNZsa2Gn3eHs0o8UXTWQgEwWunYgtxOzwiEJ1y6YY9oN42FuwBVaNce4wcW86mKvjPPgJNKxM4yY83tG0HDo-jjEwFZR-L7xwk4mrAvyG21QgdHvCtLUQdYL5e3ems1zDJ4qwA2zvCassx-_fT2OQQTMc7pevYRnTxIm7YrDrLz3fCw0CBPycn3XQqE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 22:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 22:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1458042366900506&correlator=62167509530334&output=ldjh&impl=fifs&eid=31062206%2C676982996%2C20211866%2C31062065&vrg=2021080301&ptt=17&sc=1&sfv=1-0-38&ecs=20210806&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=1&rcs=1&prev_scp=yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A19965.po%253Adefault%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1&eri=1&cookie=ID%3D76edc5d9a73f39dc-22e87f5199c8007f%3AT%3D1628289656%3AS%3DALNI_MYv1ZEPEiIoErz8gtfaytbHinfm-Q&bc=31&abxe=1&lmt=1628289658&dt=1628289658014&dlt=1628289656527&idt=231&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=844&adks=3358614790&ucis=2&ifi=2&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26scr%3Dzep%26c%3D672097&ref=http%3A%2F%2Fantig-hra.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=27830490.1628289657&ga_sid=1628289657&ga_hid=23747582&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eea8028996c909879311710a27e7c6f53174e4923f7758a5712476d4badd32e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11374
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C142 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaNpH81ob8Nc98Tj9e2AvuhJHfFBimvpY_K6l61vkxX2iHYO8Jpfr1QmLjubGNqwIeweXHZT0AakaZHbXwKvnZkKC-UshWBeR_pDy_Dc32P3EYvQLPvDiGXaOtyw&sai=AMfl-YRY5NIh5JbcKch-dwZGWOR954Hm3dRiUW8EjFjaGY9lLdlDBYarpUJUYKBOHGKsEfA-bX1kdR39lRS_OT_O60a97Z-fI-d04amtU0lIp7BxIfWUWz0b_LskFSs8CzM&sig=Cg0ArKJSzJPoPjkdSppyEAE&id=ampim&o=436,844&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=58&tls=1058&g=100&h=100&tt=1058&r=v&avms=ampa&adk=3358614790
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107240354000/ Frame 1135 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55201
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"56e2a7f7d448fcb3"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 1135 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4865
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ff227f97ed674b5b"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 1135 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3719646983ab1de2"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-bind-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 1135 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-bind-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4901830016ed5027781cf2a336c1c306c697bb05f103f8ece1cec4f929f9c61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
365651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13831
x-xss-protection
0
server
sffe
date
Mon, 02 Aug 2021 17:06:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e2482396d1f869d2"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 17:06:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 1135 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1653
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"687e73129cfc4c8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 1135 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12828
x-xss-protection
0
server
sffe
date
Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4abe217821914203"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 11:34:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1135 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
34397
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 07 Aug 2021 13:07:41 GMT
truncated
/ Frame 1135 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c288701201876cc31b3074f9bc919fa26aa851aff59dc7fbfbabe43ad2d80e8

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
7241444428259751008
tpc.googlesyndication.com/simgad/ Frame 1135 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7241444428259751008
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23deb9d1842fa144685cd3684ae20442a99c4ac1844c89bb7b5c3376cbe184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 22:40:32 GMT
x-content-type-options
nosniff
age
259226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50449
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 15:46:17 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 22:40:32 GMT
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1135 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 03:15:02 GMT
x-content-type-options
nosniff
server
cafe
age
69956
etag
6601037253665971276
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
expires
Sat, 07 Aug 2021 03:15:02 GMT
l
www.google.com/ads/measurement/ Frame 1135 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmSRC0TpSTyzwCImC3KDBFO5P3DBIiTYzXHhgEYVOS5m09v-qE1lV7TTbuf13JSHQv7UqbU99n1UO3RPlhXXzpdoZiwA
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1135 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoQE5eroNYZ6UA8rv7gOUoruYD-atzoBipY_IgcgMq9qe7JQaEAEgl8DaH2CV-vCBjAegAaS28_YDyAEDqQL2wQ2jOrqzPuACAKgDAcgDCKoE1wFP0HRqjwf3VXJNFQ2YCpsZfau5nBv9Qt5SzolPMOu5gn1KYw2V8odNCyjH1g3kFvpVYZM3KDYR5T1VHVNiC23s9f3ST7NqdBm17vr84B00l1RU42P-EjLGrWrLaRsodsujURE9KsFaXuCBPBYFzHgrYayhzj_C_BwUZ9O1-3a4i-caoS-kD7Q0Qh5E4kPRKseybTwA7UApOIetnctHEOMEIq6hOHx2EWxQegMao7OY6isbzOn_I852tb9Z62SwCvizoLaZF2HdVZ9fwV4GmrcVhoSWx-tgQ8AEtLPc-6kD4AQBkgUECAQYAZIFBAgFGASgBgOAB8TJjAmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ0fko0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MDY4OTY2NjMxMzg5Njc3gAoDyAsB2BMK0BUBmBYBgBcBshcaChgIABIUcHViLTEyNzQ0MTYzNTM2OTM1OTg&sigh=pyB8cwcvlhI
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 1135 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&scr=zep&c=672097
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 23:20:52 GMT
x-content-type-options
nosniff
server
cafe
age
84006
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 06 Aug 2021 23:20:52 GMT
win
prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/win
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.197.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-197-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 06 Aug 2021 22:40:58 GMT
ww.mjs
cdn.ampproject.org/rtv/012107240354000/ Frame 1135 		44 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107240354000/ww.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
931af590925d0bedacd3bf027cbd7b99eb6bdd38e99c9c47e28a49d83def050f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
459043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13291
x-xss-protection
0
server
sffe
date
Sun, 01 Aug 2021 15:10:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1aae50478301103b"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Aug 2022 15:10:15 GMT
7241444428259751008
tpc.googlesyndication.com/simgad/ Frame 1135 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7241444428259751008
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23deb9d1842fa144685cd3684ae20442a99c4ac1844c89bb7b5c3376cbe184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 22:40:32 GMT
x-content-type-options
nosniff
age
259226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50449
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 15:46:17 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 22:40:32 GMT
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1135 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 03:15:02 GMT
x-content-type-options
nosniff
server
cafe
age
69956
etag
6601037253665971276
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
expires
Sat, 07 Aug 2021 03:15:02 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1135 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 06 Aug 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
34397
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 07 Aug 2021 13:07:41 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 1135 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 23:20:52 GMT
x-content-type-options
nosniff
server
cafe
age
84006
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 06 Aug 2021 23:20:52 GMT
df1a6283-69f9-4b43-8b5f-7ed64706afbb
https://www.auskunft.de/ Frame 1135 		44 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.auskunft.de/df1a6283-69f9-4b43-8b5f-7ed64706afbb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d8b03b8bd1b92e75d574971cddff485f488714f6810a3839daf3e2197bc7d4e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
45161
Content-Type
text/javascript
userconnect
ih.adscale.de/ 		215 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=6de03fad-4fc8-45cf-bbc0-26a66c69ae06&cbfn=stroeerCoreConnect&ts=1628289658939&umd=false&gdpr_err=CMP_TIME_OUT&ref=http%3A%2F%2Fantig-hra.com%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
65fcd8fd5f73a3bae6ed81e0859e60fc226f958ba3ce3fb193aec20015d7717f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:58 GMT
content-length
215
content-type
application/javascript
map
ih.adscale.de/ Frame 810F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c52f2eebd47ddfb782e840bf3686089621414e2797b4c4e374229137acef90d7

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=862eda5199014220b8f7a2bedf794f2b; cct=1628289656876; ng=2#1410234677#27138160#85882
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:58 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2736
set-cookie
tu=4#3461380387#48~~452302~452302~1#101~~452302~452302~1#38~~452302~452302~1#39~~452302~452302~1#40~~452302~452302~1#42~~452302~452302~1#108~~452302~452302~1#63~~452302~452302~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None
nuggad
nugmw.userreport.com/rc-ap/6e37a38b-72c1-483e-8c93-a462d3e1290d/si.nuggad.net/
Redirect Chain
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
  • https://nugmw.userreport.com/rc-ap/6e37a38b-72c1-483e-8c93-a462d3e1290d/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nugmw.userreport.com/rc-ap/6e37a38b-72c1-483e-8c93-a462d3e1290d/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f400:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d4e311d44312a01ebfbc75d621b44d8b74b1b5bc19a7a9d7b97c3e4c82fe1a95

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
get, post, options
content-type
text/javascript
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
1862
x-amz-cf-id
kRb0LwhyQhQ6sAzGiENsB9bYLRI-tg-__LbRpcYEypJbnTZkiEQjUA==

Redirect headers

date
Fri, 06 Aug 2021 22:40:59 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
get, post, options
location
https://nugmw.userreport.com/rc-ap/6e37a38b-72c1-483e-8c93-a462d3e1290d/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
0
x-amz-cf-id
PpC9Dp0A8YQ15uEA21Arj4JE92wkQtJMVwXbQ7wqudSt-idfhBkqLg==
match.js
js.adscale.de/ Frame 810F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
w7posiEOdDsV4fA8cMvB1saOlh6.Szzy
content-encoding
br
last-modified
Sat, 10 Jul 2021 00:26:53 GMT
server
AmazonS3
age
5154
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 06 Aug 2021 21:15:05 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Prvf9czLuzcJVQUjY8Xxyd16fmHSULS5BtNiqQGeXFbyxcRu9U5XXQ==
img
ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/ Frame 810F
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=862eda5199014220b8f7a2bedf794f2b&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851c7f74bc37a%2F1628289658983%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=101&tpuid=BBID-01-03030036590708855-16359804
49 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=101&tpuid=BBID-01-03030036590708855-16359804
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Location
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=101&tpuid=BBID-01-03030036590708855-16359804
Date
Fri, 06 Aug 2021 22:40:59 GMT
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Transfer-Encoding
chunked
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 810F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0ae41a593c47745f4b8eb5499...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsi...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YQ26e-er2nHmFFFoFf6I0wAA%261126
49 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YQ26e-er2nHmFFFoFf6I0wAA%261126
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:40:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YQ26e-er2nHmFFFoFf6I0wAA%261126
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
299
Expires
Fri, 06 Aug 2021 22:40:59 GMT
nuggad
ih.adscale.de/ 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/nuggad?/nvars/d7=1&d10=5&d2=2&d4=0&d11=2&d8=2&d9=4&d12=3&d1=1&d3=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 810F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=1d2f54c57ff6fcfc7ee1b5f...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
49 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 06 Aug 2021 22:40:19 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 06 Aug 2021 22:40:18 GMT
img
ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/ Frame 810F
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=f9f1d4e45571afefabf67d624619ec1b641875381f59072d1c8e84111d0ae264&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bbec851...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=f9f1d4e45571afefabf67d624619ec1b641875381f59072d1c8e84111d0ae264&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea05462bb...
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=42&tpuid=7441351604953165658
49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=42&tpuid=7441351604953165658
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:59 GMT
server
nginx
location
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?tpid=42&tpuid=7441351604953165658
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
launcher.js
sak.userreport.com/sdm/ 		100 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sak.userreport.com/sdm/launcher.js
Requested by
Host: si.nuggad.net
URL: https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6000:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d373e56b3ff4747bb2b43375f96c23f516da11c078e0ee55a93780abee7c1022

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yVrMBfO6LqftMeeLOqdtSDoL5HVLbtxw
content-encoding
br
last-modified
Thu, 29 Jul 2021 10:31:59 GMT
server
AmazonS3
age
38
etag
W/"37f59a912ebf1f317cb3172fa128ab0f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=7200, s-maxage=60
date
Fri, 06 Aug 2021 22:40:23 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
hEpmlTv9RU8KA4F0FnMTeyVSzxxu2iWiWfs1BGAsZ4bKeWGT8MBKxw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 1135 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdhELM4UE9nDAGWn02h5MtO3mJlQzweGErJrljy3g0MKHI4A734UMkAcQ5CQDe5zoPQ9akCpSYy49zzHzfOdBiVWGV_ycWTfcebpIHCYHYZOyVmTRFD5KTFgFZpQ&sai=AMfl-YQJJN-VRJSGdIoNgslPCKJ-vPeqNHvXkm26fwOXf__SeETeWIpTKQLJ8ZWpiaMBhIaey0AqNqw4JkZNW1hW6ddBuxisKkSsFoWEbYP1FSKhu8P5g172D5Bhbqg&sig=Cg0ArKJSzGoIdDZJJHJsEAE&cid=CAASF-RoQv4nDv82uNe2wYWFycC54hJH-kKd&id=ampim&o=436,844&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=25&tls=1025&g=100&h=100&tt=1025&r=v&avms=ampa&adk=3358614790
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.auskunft.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 810F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fc65abc5-8c92-4c11-a066-22c833f6636a
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fc65abc5-8c92-4c11-a066-22c833f6636a
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fc65abc5-8c92-4c11-a066-22c833f6636a
cache-control
no-cache
date
Fri, 06 Aug 2021 22:40:58 GMT
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1999
content-type
text/html; charset=utf-8
content-length
237
expires
Fri, 06 Aug 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 810F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=df3fe35bbda479844bfccfb6...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
49 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 06 Aug 2021 22:40:19 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 06 Aug 2021 22:40:18 GMT
img
ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/ Frame 810F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=2068b27f9197b3f9b26d4ebc0997f3768338c5686fe0bb006c7e02a1b30832d3&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9...
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?uid=2068b27f9197b3f9b26d4ebc0997f3768338c5686fe0bb006c7e02a1b30832d3&tpid=38&tpuid=CAESEBWeQLQDMyaBcXoz9n72-js&google...
49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?uid=2068b27f9197b3f9b26d4ebc0997f3768338c5686fe0bb006c7e02a1b30832d3&tpid=38&tpuid=CAESEBWeQLQDMyaBcXoz9n72-js&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:40:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/img?uid=2068b27f9197b3f9b26d4ebc0997f3768338c5686fe0bb006c7e02a1b30832d3&tpid=38&tpuid=CAESEBWeQLQDMyaBcXoz9n72-js&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/ Frame 810F
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=99e36d06ba8df8b76747d4f019da6aa6b12ac81e4c941f01656053ec8d072d93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea0546...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=99e36d06ba8df8b76747d4f019da6aa6b12ac81e4c941f01656053ec8d072d93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3b9883b8ea0546...
  • https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/js?tpid=48&tpuid=0363c8e9b8cc9d79f585cc2982f3b59c
44 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/js?tpid=48&tpuid=0363c8e9b8cc9d79f585cc2982f3b59c
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ee1590756a00f12482e706e48e2d7edb6d065f393f7bef5641cded35048a3934

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:40:59 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Fri, 06 Aug 2021 22:40:59 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/3b9883b8ea05462bbec851c7f74bc37a/1628289658983/0/js?tpid=48&tpuid=0363c8e9b8cc9d79f585cc2982f3b59c
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
sium
ih.adscale.de/ Frame 810F 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.64.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fantig-hra.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Fri, 06 Aug 2021 22:40:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
async_usersync.html
acdn.adnxs.com/dmp/ Frame EE9E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 07 Aug 2021 22:41:02 GMT
Date
Fri, 06 Aug 2021 22:41:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 2E56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 22:41:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
67abc5273d9632a7-CDG
ixmatch.html
js-sec.indexww.com/um/ Frame 2785 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 06 Aug 2021 22:41:00 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 01C7 		668 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
53a49f3bb1b5456b675f964e17857a3450cf9509ccd5d65f8b65ec146bfeecd6

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=881ed7e8-65be-0c84-2b4c-00984aada8df|1628289656
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=881ed7e8-65be-0c84-2b4c-00984aada8df|1628289656; Version=1; Expires=Sat, 06-Aug-2022 22:41:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628289660|gekin0vNiygu; Version=1; Expires=Sat, 21-Aug-2021 22:41:00 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.213.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 06 Aug 2021 22:41:00 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
sd
eu-u.openx.net/w/1.0/ Frame 01C7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff75610d-ba7b-4600-a17a-b30f60f57c5c
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 06 Aug 2021 22:40:20 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff75610d-ba7b-4600-a17a-b30f60f57c5c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 06 Aug 2021 22:40:19 GMT
sd
us-u.openx.net/w/1.0/ Frame 01C7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=5CNwP7Bzdzj_J3lr63FtOOFweWn_cXJosSp6JaYD
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=5CNwP7Bzdzj_J3lr63FtOOFweWn_cXJosSp6JaYD
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=5CNwP7Bzdzj_J3lr63FtOOFweWn_cXJosSp6JaYD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 01C7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7441351604953165658
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7441351604953165658
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7441351604953165658
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 01C7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5bb2e8b1-cc39-3373-719a-c8702e8a9b22&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 01C7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdkZDNiN2ItMDU0ZS02ZGQ3LTY0N2EtOTJjOWU0Njg1NTQy
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 01C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPvSSVMJdwjDCNaH33mGVUE&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPvSSVMJdwjDCNaH33mGVUE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPvSSVMJdwjDCNaH33mGVUE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame EE9E
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f461d838-ee2c-4c80-ba66-7531a003a8e9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
99e32f5c-7b90-4c39-92ec-455b9d891d94
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 0D01 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00240fd8a8626976f01fd2a88103e656a28618becbd60a641d64a2962f265434

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YQ26e-er2nHmFFFoFf6I0wAA; CMPS=5186; CMPRO=1126; CMST=YQ26e2ENunsA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|206|221|65|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1926
Expires
Fri, 06 Aug 2021 22:41:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YQ26e-er2nHmFFFoFf6I0wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Aug 2022 22:41:00 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 04 Nov 2021 22:41:00 GMT CMPRO=1126;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 04 Nov 2021 22:41:00 GMT CMRUM3=41610dba7c05a0&27610dba7c0b40&c3610dba7c05a00&2d610dba7c05a0&ce610dba7c05a0&f1610dba7c05a0&dd610dba7c2760&e6610dba7c2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Aug 2022 22:41:00 GMT CMST=YQ26e2ENunwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 Aug 2021 22:41:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0D01 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQ26e-er2nHmFFFoFf6I0wAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 0D01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAw1mrSijynOvhV8d9wgdOM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAw1mrSijynOvhV8d9wgdOM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 06 Aug 2021 22:41:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAw1mrSijynOvhV8d9wgdOM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0D01
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQ26e-er2nHmFFFoFf6I0wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPes6KXwPBTb3vd1C1GSuGk&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPes6KXwPBTb3vd1C1GSuGk&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 06 Aug 2021 22:41:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPes6KXwPBTb3vd1C1GSuGk&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0D01
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P0YH9P9QQC7JA9NA5RBN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XC0C8FTGY0ST9ZG410WF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 0D01 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQ26e_er2nHmFFFoFf6I0wAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 22:41:00 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tpid=YQ26e-er2nHmFFFoFf6I0wAA%261126
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 0D01
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQ26e-er2nHmFFFoFf6I0wAA%261126?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQ26e-er2nHmFFFoFf6I0wAA%261126?gdpr_consent=&us_privacy=&gdpr=1
49 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQ26e-er2nHmFFFoFf6I0wAA%261126?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.59
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQ26e-er2nHmFFFoFf6I0wAA%261126?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.14.255
content-length
0
expires
0
rum
dsum.casalemedia.com/ Frame 0D01
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628376060&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628376060&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 06 Aug 2021 22:41:00 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628376060&gdpr=1
pragma
no-cache
date
Fri, 06 Aug 2021 22:41:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 0D01
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5d048336-821b-47b8-9cf9-abd2518bfdef
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5d048336-821b-47b8-9cf9-abd2518bfdef
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 06 Aug 2021 22:41:00 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5d048336-821b-47b8-9cf9-abd2518bfdef
date
Fri, 06 Aug 2021 22:41:00 GMT
server
Apache-Coyote/1.1
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0D01 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQ26e-er2nHmFFFoFf6I0wAA%261126
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 22:41:00 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1961
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 06 Aug 2021 23:13:41 GMT
async_usersync
ib.adnxs.com/ Frame EE9E 		0
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Aug 2021 22:41:01 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
aa28e144-89c7-4a06-bf61-61e1b7b82f78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| yieldlove_site_id object| googletag function| isLocalStorageEnabled undefined| gaProperty undefined| GA_LOCAL_STORAGE_KEY object| iam_data object| _mtm object| d object| g object| s object| _paq object| ggeac object| google_js_reporting_queue string| szmvars object| iom object| YLHH object| yieldlove_site_settings object| yieldlove_cmd object| pbjsYLHH function| pbjsYLHHChunk object| _pbjsGlobals object| stroeerCore object| MatomoTagManager function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| webpackChunkauskunft object| regeneratorRuntime function| stroeerCoreConnect number| retryHandle object| yieldlove_ab object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests object| NUGGjson function| aplauncherExec function| aplauncher string| apsrc

3 Cookies

Domain/Path Name / Value
www.auskunft.de/ Name: AUSKUNFT_SESSION
Value: cfkkob279lh9p7dmh2g831rrgh
.auskunft.de/ Name: ioam2018
Value: 001534894ecfc5976610dba78:1659220856679:1628289656679:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1628289656679:tjj438
.auskunft.de/ Name: iom_consent
Value: 0000000000&1628289656677

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107240354000 https://www.auskunft.de/?rt=y&scr=zep&c=672097
console-api info URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107240354000 https://www.auskunft.de/?rt=y&scr=zep&c=672097

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55d6fdff42bdf17365f51c6d25f0f4c5.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
antig-hra.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
btpnav.com
c1.adform.net
casale-match.dotomi.com
cb1aa126.de.ioam.de
ccpaitalone.com
cdn-a.yieldlove.com
cdn.ampproject.org
cdn.districtm.io
cm.g.doubleclick.net
dis.criteo.com
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.adscale.de
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
ih.adscale.de
js-sec.indexww.com
js.adscale.de
match.adsrvr.org
nep.advangelists.com
nugmw.userreport.com
pagead2.googlesyndication.com
pixel.quantserve.com
prg.smartadserver.com
prod-ingestion.tracking.v2.yieldlove-ad-serving.net
s.amazon-adsystem.com
sak.userreport.com
script.ioam.de
securepubads.g.doubleclick.net
si.nuggad.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync.mathtag.com
tpc.googlesyndication.com
track.adform.net
tracker.auskunft.de
tracking.m6r.eu
ups.analytics.yahoo.com
us-u.openx.net
www.auskunft.de
www.google.com
yieldlove-d.openx.net
104.16.68.69
13.224.96.119
13.248.242.197
142.250.181.226
167.233.15.201
178.250.2.151
18.156.0.31
18.156.133.101
184.31.84.150
185.29.135.234
185.33.221.53
185.86.138.32
194.213.62.34
2.18.232.130
2.18.234.21
209.15.13.136
209.54.178.82
212.32.237.91
2600:9000:2156:6000:8:5c85:cdc0:93a1
2600:9000:2156:7200:12:6213:9cc0:93a1
2600:9000:2156:f400:1f:a1b:34c0:93a1
2600:9000:2190:5c00:f:4f64:8940:93a1
2a00:1450:4001:802::2004
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:fa8:8806:16::1400
3.123.197.131
3.124.64.122
34.194.124.180
34.236.212.156
34.253.109.165
35.244.159.8
37.157.2.237
37.157.3.29
52.58.138.245
72.251.244.140
91.215.100.40
91.215.103.64
91.228.74.198
95.216.224.232
00240fd8a8626976f01fd2a88103e656a28618becbd60a641d64a2962f265434
080151775ec00e445940ccdaee1eeeaec7b94ff71b73bd57650b4131251b1f7b
0b7c88f2c736a740539f7f0ca6226e5b9d2a556363db7ac4938020fcf980535c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8b03b8bd1b92e75d574971cddff485f488714f6810a3839daf3e2197bc7d4e
0e6e81f750805fd1ea6955e25cad0f8f206e781aab81de4c1530975054a2de7a
1342e45e303e33d94394c68360c28268123f739f1dd09509972871be263a8544
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
17ec9306cf3776e9a261e143132370ba9657c07843d257d58dc5f3c15ee9f8e3
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2413ca7659a46ba05b7d749c833fd0b35e083043a0100b8947c9bda30508d114
25c79575cc09ee572d3b103f1cfe588faf8f25c6a78478aa2f3b7329efb1cebb
266293d165ce8be7ab278fd881988461995b486a51058688f3f6fae1a7ff3034
2aed3df476c139a40a27586d697a0fa5b88607dcfa64e14d2c0bb21fb42c30d4
2b7c6d1226154499ea73a3eb13e6ee6b76e76b4769511d40508d4cc133eb73c3
2c8d561cf849d2cc1c8af4cbe599326d62559ee680ced674970518cee83fd3ac
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe1626c6ce5f01c844a3c7b8aba39c0a336f519c5e76e74f94462d787edcb5e
36836a20ba7993fec6a9778833dfe3948255a849dcb15952483d47b956466080
368be5b1af24c639407189f0b87ac8725576dfa28c4a6b3c34fabe6bc290ae1c
3c288701201876cc31b3074f9bc919fa26aa851aff59dc7fbfbabe43ad2d80e8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
428f71e1b03adf42ada780217e07a5ebbad73a5c7843502197e3eece8764adbb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53a49f3bb1b5456b675f964e17857a3450cf9509ccd5d65f8b65ec146bfeecd6
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b985d771ffa26bf95a2a3bf201a61b72df38be7657e240f8c7369eb9e7aded0
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
656fa173073aa63f9f6ad0d811bfac85d2c0da5a65e4e63f4a913a8f5f52390d
65fcd8fd5f73a3bae6ed81e0859e60fc226f958ba3ce3fb193aec20015d7717f
6624c30e6f6a70ef2a82eb9937b2229429ed07cf8a4a0621bdc705a4fd4620cd
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69cb8af6bcbd3ef6bf3ec3d81ec444a6f92975840bb6c1f83fbd5097f80dd516
6b23deb9d1842fa144685cd3684ae20442a99c4ac1844c89bb7b5c3376cbe184
7308dc6dd335964ca45b89f31b5570bb22337e0286e80eec2ee71e9800ab1e34
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
7943d76e22de0aefed39ab1fe4b54214cd3e541e8371577448a1737db4e656b0
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ecb113f28cdcfa9fc7384271af128a04ecf7b1d6b16b82a8e93f3f6812b026c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8138b5f1bed7dac12f99e90aca5f64402c487e9f4fc60a8325c237a29f200d78
83309f105530110a5e0572987eaa7a879990353fdba3b1a43ca59dfa03438c56
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
931af590925d0bedacd3bf027cbd7b99eb6bdd38e99c9c47e28a49d83def050f
99dd0535828df2d11e71a61f354761dae517cd4509013f1d93dc3cc872466800
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
a4901830016ed5027781cf2a336c1c306c697bb05f103f8ece1cec4f929f9c61
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
b8e5987e90cc7cf49622e04b781a1f7a93e41d65539902e0e6e9907fd78b8b34
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c285249174df5820775029de102f702bfddba0c0a7fa21f2f52350b0ac87274c
c52f2eebd47ddfb782e840bf3686089621414e2797b4c4e374229137acef90d7
c542dd780bddccf378b09f16ab5f1fec4c11b4c347592873b7e5232c3b053129
c55802f234ad7b9b16b8d6f0950f46b1214db417d3f687ec27646ed754cd1168
c8d1787657f9f6560a168e592bb5a1943c1598f0ef01db1be7d37d9820653f2a
d3302542a5cb48952467539fee7065b4811d8d574c6d4c83e1a20f4f440780be
d373e56b3ff4747bb2b43375f96c23f516da11c078e0ee55a93780abee7c1022
d4a920d3b9f8cbd304ba9e5b7d19cf554f0c6f6b94483ec18b8650311890b1ff
d4e311d44312a01ebfbc75d621b44d8b74b1b5bc19a7a9d7b97c3e4c82fe1a95
dde4e094d302a801e05f974e50317e862fd0a3957b557f9ca5508b628398b772
e1a46e020b4ac58f00534bdae8194be1af3d5ab2312d41b27ab90da27b9c63b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1590756a00f12482e706e48e2d7edb6d065f393f7bef5641cded35048a3934
eea8028996c909879311710a27e7c6f53174e4923f7758a5712476d4badd32e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f98f9dc2df11dea4ebc85e3f8d4a8a7b69969bbbe30a255d2b973e389739ccb9