auth.gbm.com Open in urlscan Pro
45.60.17.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://auth.gbm.com/
Effective URL:
https://auth.gbm.com/
Submission: On September 22 via api (September 22nd 2023, 12:07:16 am UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 24 domains to perform 78 HTTP transactions. The main IP is 45.60.17.67, located in United States and belongs to INCAPSULA, US. The main domain is auth.gbm.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on June 2nd 2023. Valid for: 6 months.

This is the only time auth.gbm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	45.60.17.67 45.60.17.67	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:5e00:e:f5be:ab40:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.126.37.147 104.126.37.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:3800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223c:e200:16:bac9:b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:5e00:1d:e55:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	44.217.154.18 44.217.154.18	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	() ()
78	29

15 45.60.17.67 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

auth.gbm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:5e00:e:f5be:ab40:21 (United States)

ASN16509 (AMAZON-02, US)

d22vs62oi46xf1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

gbmmx.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
locationv2.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sentinel.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-147.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

carrier.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e200:16:bac9:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

statestore.rollout.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:5e00:1d:e55:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

conf.rollout.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.154.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-154-18.compute-1.amazonaws.com

push.rollout.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gbm.com 1 redirects auth.gbm.com fb.gbm.com Failed	708 KB
10	useinsider.com gbmmx.api.useinsider.com carrier.useinsider.com — Cisco Umbrella Rank: 32833 segment.api.useinsider.com — Cisco Umbrella Rank: 18748 locationv2.api.useinsider.com — Cisco Umbrella Rank: 20074 hit.api.useinsider.com — Cisco Umbrella Rank: 16179 sentinel.api.useinsider.com — Cisco Umbrella Rank: 86787	116 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	2 KB
5	google.de www.google.de — Cisco Umbrella Rank: 3974	885 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 875	142 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	5 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1031	3 KB
4	cloudfront.net d22vs62oi46xf1.cloudfront.net	54 KB
3	rollout.io statestore.rollout.io — Cisco Umbrella Rank: 37780 conf.rollout.io — Cisco Umbrella Rank: 24597 push.rollout.io — Cisco Umbrella Rank: 24636	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 691	14 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830 px4.ads.linkedin.com — Cisco Umbrella Rank: 7048	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	167 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1150	20 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1593	9 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	209 KB
1	facebook.com www.facebook.com	185 B
1	gstatic.com fonts.gstatic.com	50 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	878 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 2079	374 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1780	50 KB
0	newrelic.com Failed js-agent.newrelic.com Failed
78	24

	Domain	Requested by
15	auth.gbm.com	1 redirects auth.gbm.com
5	www.google.de	auth.gbm.com
5	analytics.tiktok.com	auth.gbm.com analytics.tiktok.com
4	carrier.useinsider.com	auth.gbm.com
4	www.google.com	1 redirects auth.gbm.com
4	ct.pinterest.com	auth.gbm.com
4	d22vs62oi46xf1.cloudfront.net	auth.gbm.com
3	bat.bing.com	auth.gbm.com
3	googleads.g.doubleclick.net	1 redirects auth.gbm.com
2	stats.g.doubleclick.net	www.googletagmanager.com auth.gbm.com
2	region1.analytics.google.com	www.googletagmanager.com
2	fonts.googleapis.com	auth.gbm.com
2	gbmmx.api.useinsider.com	auth.gbm.com
2	connect.facebook.net	auth.gbm.com
2	s.pinimg.com	auth.gbm.com
2	snap.licdn.com	auth.gbm.com
2	www.google-analytics.com	auth.gbm.com
2	www.googletagmanager.com	auth.gbm.com
1	www.facebook.com	auth.gbm.com
1	push.rollout.io	auth.gbm.com
1	fonts.gstatic.com	fonts.googleapis.com
1	conf.rollout.io	auth.gbm.com
1	statestore.rollout.io	auth.gbm.com
1	sentinel.api.useinsider.com	auth.gbm.com
1	hit.api.useinsider.com	auth.gbm.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	locationv2.api.useinsider.com	auth.gbm.com
1	segment.api.useinsider.com	auth.gbm.com
1	px4.ads.linkedin.com	auth.gbm.com
1	px.ads.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	auth.gbm.com
1	www.googleadservices.com	auth.gbm.com
1	www.googleoptimize.com	auth.gbm.com
0	js-agent.newrelic.com Failed	auth.gbm.com
0	fb.gbm.com Failed	auth.gbm.com
78	35

This site contains no links.

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-02` - `2023-11-29`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-09-29`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
rollout.io Amazon RSA 2048 M02	`2023-02-21` - `2023-12-22`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://auth.gbm.com/
Frame ID: 3BB352735EBD35FC913E34E01EDFF3B8
Requests: 75 HTTP requests in this frame

Frame: https://gbmmx.api.useinsider.com/worker-new.html
Frame ID: BF6B9A54047086F8CCA5515AC36C7AE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GBM | Auth

Page URL History Show full URLs

http://auth.gbm.com/ HTTP 301
https://auth.gbm.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

78
Requests

95 %
HTTPS

76 %
IPv6

24
Domains

35
Subdomains

29
IPs

3
Countries

1575 kB
Transfer

4499 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://auth.gbm.com/ HTTP 301
https://auth.gbm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2981026&time=1695341230908&url=https%3A%2F%2Fauth.gbm.com%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2981026&time=1695341230908&url=https%3A%2F%2Fauth.gbm.com%2F&e_ipv6=AQIA7EaLhiUqsAAAAYq6Njvnc172a2OChp0WEGpzEjXGPt1E8Tal8KIdTFWNtLYgb8ApQ4xY

Request Chain 38

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82BCMykgaUBEPnNs-MD&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&value=0&auid=1556443577.1695341231&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rtoMZcXSMaWYlQf4t7OgDw&sscte=1&crd=&eitems=ChAI8NOvqAYQ3LimlcqfwssLEh0A6AMoE444aFXld0ecIzNQannuIOUO_eiSTyx0TA&pscrd=Ek5DaEFJOE5PdnFBWVFuYmZVdkl1anRQaFVFaVlBVF9rUjdIUkNxN3RDeWFLU2tNdjVmU3NiR1RGYzZCdGZJWG95TDRsTUN3M19WOUR2dncaWkNoRUk4Tk92cUFZUXFiblBwWWpFbHEyVUFSSXVBTWNCNmVrOGNNMHp3Nkp6RkVndFVyaXVmS3pmMTBsdXFOZm5jcjczNWVJelVKdDN2RXlMYzFVc2ptMzhjdyITCMXh1572vIEDFSVM5Qod-NsM9A HTTP 302
https://www.google.com/pagead/1p-conversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82BCMykgaUBEPnNs-MD&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&value=0&auid=1556443577.1695341231&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PdnFBWVFuYmZVdkl1anRQaFVFaVlBVF9rUjdIUkNxN3RDeWFLU2tNdjVmU3NiR1RGYzZCdGZJWG95TDRsTUN3M19WOUR2dncaWkNoRUk4Tk92cUFZUXFiblBwWWpFbHEyVUFSSXVBTWNCNmVrOGNNMHp3Nkp6RkVndFVyaXVmS3pmMTBsdXFOZm5jcjczNWVJelVKdDN2RXlMYzFVc2ptMzhjdyITCMXh1572vIEDFSVM5Qod-NsM9A&is_vtc=1&ocp_id=rtoMZcXSMaWYlQf4t7OgDw&cid=CAQSKQBpAlJW2lMOSDf8XukiXMPWlhFma0fJNrbD9RIXcUPHsBOoM4UymTP8&eitems=ChAI8NOvqAYQ3LimlcqfwssLEh0A6AMoE4yFOqeIR9B0AVK0ntnaK5U_GwqSHTtWkw&random=987803952 HTTP 302
https://www.google.de/pagead/1p-conversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82BCMykgaUBEPnNs-MD&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&value=0&auid=1556443577.1695341231&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PdnFBWVFuYmZVdkl1anRQaFVFaVlBVF9rUjdIUkNxN3RDeWFLU2tNdjVmU3NiR1RGYzZCdGZJWG95TDRsTUN3M19WOUR2dncaWkNoRUk4Tk92cUFZUXFiblBwWWpFbHEyVUFSSXVBTWNCNmVrOGNNMHp3Nkp6RkVndFVyaXVmS3pmMTBsdXFOZm5jcjczNWVJelVKdDN2RXlMYzFVc2ptMzhjdyITCMXh1572vIEDFSVM5Qod-NsM9A&is_vtc=1&ocp_id=rtoMZcXSMaWYlQf4t7OgDw&cid=CAQSKQBpAlJW2lMOSDf8XukiXMPWlhFma0fJNrbD9RIXcUPHsBOoM4UymTP8&eitems=ChAI8NOvqAYQ3LimlcqfwssLEh0A6AMoE4yFOqeIR9B0AVK0ntnaK5U_GwqSHTtWkw&random=987803952&ipr=y

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
auth.gbm.com/
Redirect Chain

http://auth.gbm.com/
https://auth.gbm.com/

1 KB
1 KB

560ms
264ms

Document
text/html

45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.17.67 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4abe4c4230beee308c194633795d18e37fb92d8a11c6ee7988fd2164d62d471b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 22 Sep 2023 00:07:11 GMT
etag: "f8b53a6bb0792d11d31a6544eb45ddac"
last-modified: Tue, 20 Jun 2023 04:52:13 GMT
referrer-policy: no-referrer
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 68d0308c2ef809661e524bd15564b0bc.cloudfront.net (CloudFront)
x-amz-cf-id: jFMsr7aTd7jgwh9o2Ny8rCSvNUhgHnh51KMYtmIxfpiATDl-vodRdA==
x-amz-cf-pop: MIA3-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 17-47971864-47971918 NNYN CT(1 3 0) RT(1695341229725 156) q(0 0 0 -1) r(0 1) U24

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Fri, 22 Sep 2023 00:07:09 GMT
Location: https://auth.gbm.com/
Server: CloudFront
Via: 1.1 9c1e51085ad77fbbab78fe2feb46cf98.cloudfront.net (CloudFront)
X-Amz-Cf-Id: WwrL1se2fNotuJegPCL6E9QckQebQzgPAxIJJwm58AAL0BVUy69ztA==
X-Amz-Cf-Pop: MIA3-C2
X-CDN: Imperva
X-Cache: Redirect from cloudfront
X-Iinfo: 17-47971782-47971783 NNNN CT(0 -1 0) RT(1695341229428 0) q(0 0 0 0) r(0 0) U24

GET
H2 200 main.cd9f546b.js Show response
auth.gbm.com/static/js/ 9 KB
4 KB 301ms
300ms Script
application/javascript 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/js/main.cd9f546b.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 571ce63858b22ce497393012ea766063fdb83baedd90a9965e8022681afdca81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 02:51:51 GMT
via: 1.1 68d0308c2ef809661e524bd15564b0bc.cloudfront.net (CloudFront)
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 76520
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47971918 PNYN RT(1695341229725 417) q(0 0 0 -1) r(0 0) U24
last-modified: Tue, 20 Jun 2023 04:52:14 GMT
server: AmazonS3
etag: "8fca3acf5dc76aebdf3411154732517f"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: KdEEkr9Ljx-n2I-I2H-CA_oy8q8QEw84_t2rI-B1QtbqyjAgwTjD0A==

GET
H2 200 _Incapsula_Resource Show response
auth.gbm.com/ 144 KB
20 KB 153ms
153ms Script
application/javascript 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=159256205
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 399166d8dd9d3668e02a8648e4fc953fc602d2d63563397cd6e13d73e2b124b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20624
content-type: application/javascript

GET
H2 200 newrelic.js Show response
auth.gbm.com/ 27 KB
10 KB 282ms
281ms Script
application/javascript 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.gbm.com/newrelic.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.17.67 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae54d36af742b355411dcfd15fd87afe88145a4f408491f03f3fc7f01a9a85db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 68d0308c2ef809661e524bd15564b0bc.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-cache: Miss from cloudfront
x-iinfo: 17-47971864-47971918 PNYN RT(1695341229725 437) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer
last-modified: Tue, 20 Jun 2023 04:52:13 GMT
server: AmazonS3
etag: "dc347bc59b21100023f5b247c6d8e207"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: tJbexUa7_PYn1dvaWmyu0T88L_WJlLHM1p_yV9IkQpQuF-WUNxf-sA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 363 KB
108 KB 213ms
88ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KB4HCZN

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e071e4d1bec1746977386445c4063c213ae8cbdfcef98ddc26a4d692759dd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 00:07:10 GMT

GET
H2 200 _Incapsula_Resource
auth.gbm.com/ 1 B
35 B 148ms
148ms Image
text/plain 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.gbm.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7753050805700685
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 409.adca9b2d.chunk.css
auth.gbm.com/static/css/ 53 KB
12 KB 155ms
155ms Stylesheet
text/css 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/css/409.adca9b2d.chunk.css
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/static/js/main.cd9f546b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 045eb33928e7d02116fa861c3d32dfd947e7e70f1788f3d555fa72b28d5292c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:24:36 GMT
via: 1.1 68d0308c2ef809661e524bd15564b0bc.cloudfront.net (CloudFront)
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 42155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47971918 PNYN RT(1695341229725 759) q(0 0 0 -1) r(0 0) U24
last-modified: Tue, 20 Jun 2023 04:52:13 GMT
server: AmazonS3
etag: "7f9c9dba5d2ca045d5ecf49f39fea16c"
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: PsHs0mRS5nFzu1jHzO_mPRnf2fDGwsGN4uGHxexUbBJwMpPPrr2MnQ==

GET
H2 200 409.b14c9a29.chunk.js Show response
auth.gbm.com/static/js/ 808 KB
233 KB 168ms
168ms Script
application/javascript 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/js/409.b14c9a29.chunk.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/static/js/main.cd9f546b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf2b2f854f90e9569556ba61dab6049c37aa96f3b25f95c1c908ccd79e1da49f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 04:49:23 GMT
via: 1.1 880eb84cefca849ee159a7c4d89c31ea.cloudfront.net (CloudFront)
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 69468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47972074 NNYN CT(3 6 0) RT(1695341229725 762) q(0 0 0 -1) r(0 1) U24
last-modified: Tue, 20 Jun 2023 04:52:14 GMT
server: AmazonS3
etag: "c508968e149c37862995b016c399a962"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: D-3b5-CD-fSBT0eot0HfCr8WxzZDR5zgsbNJGzUu1vcoszu3MzSM6A==

GET
H2 200 remoteEntry.js Show response
d22vs62oi46xf1.cloudfront.net/ 7 KB
7 KB 516ms
427ms Script
application/javascript 2600:9000:2156:5e00:e:f5be:ab40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22vs62oi46xf1.cloudfront.net/remoteEntry.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/static/js/main.cd9f546b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:e:f5be:ab40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b3176c9f2ccca5d85f9a9cd5fed349820e793efdcad76a75fe121bdcb27698

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 06 Mar 2023 22:04:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "88958e7d138f65145a9095eafb87c293"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 6865
x-amz-cf-id: 6Zs5Ohws-GiUP2aWi1GlcZ4a5_wOFEvQ2eyQHAsob0y7Ke_u4hptRA==

GET
H2 200 329.037dc9c7.chunk.css
auth.gbm.com/static/css/ 66 KB
12 KB 165ms
164ms Stylesheet
text/css 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/css/329.037dc9c7.chunk.css
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/static/js/main.cd9f546b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26485fa43916cae24f153b337666137df2402a052bd6d7f97282dc5517eca392

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 03:18:04 GMT
via: 1.1 f0ccde3c63bb0c13552807c8453d7f50.cloudfront.net (CloudFront)
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 74947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47972076 NNYN CT(4 3 0) RT(1695341229725 764) q(0 0 0 -1) r(1 1) U24
last-modified: Tue, 20 Jun 2023 04:52:13 GMT
server: AmazonS3
etag: "f83c8ebfab6d95d231bcf1a1d6104cdf"
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: _PEegG4ihe_hgFkI2BLN38j6EZwnvwzJ6OQrZ6OG3FAEdSQ7uVan9w==

GET
H2 200 329.15b88127.chunk.js Show response
auth.gbm.com/static/js/ 134 KB
29 KB 303ms
302ms Script
application/javascript 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/js/329.15b88127.chunk.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/static/js/main.cd9f546b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd0ba2b22c438aae849af8755c2f8569783a296c7d5e0406576ec4603bb65957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 23:59:48 GMT
via: 1.1 9c1e51085ad77fbbab78fe2feb46cf98.cloudfront.net (CloudFront)
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47972078 NNYN CT(3 5 0) RT(1695341229725 768) q(0 0 1 -1) r(1 1) U24
last-modified: Tue, 20 Jun 2023 04:52:14 GMT
server: AmazonS3
etag: "f7eeeb16e968a5c442a845084e360500"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: UM1DGXuDFyNUH-gVZ4o2BMb_LOVeZpVeY7Ndp3CClL9GcqvXe3WOxg==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
50 KB 222ms
81ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KWV3KK6

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34587acfbf2fd27bc078ed5dedfbbd934d93e62187e4ec8e95804c7998b75088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 00:07:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 195ms
57ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 23:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1369
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Sep 2023 01:44:21 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1013769977/ 3 KB
2 KB 213ms
73ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1013769977/?random=1695341230645&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82BCMykgaUBEPnNs-MD&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&value=0&bttype=purchase&auid=1556443577.1695341231&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e799df4bb57ca914c791ea976dd20103f9bbdcdbbc26d4b7f51d79f9efe0f762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1607
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013769977/ 3 KB
2 KB 206ms
78ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1013769977/?random=1695341230653&cv=11&fst=1695341230653&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&auid=1556443577.1695341231&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e45cead778d97d0fb6306d97b4348a21354fe8b09cec1f38794b73e487d0e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 130ms
53ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 22 Sep 2023 00:07:10 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C740E5C630B74FD8999F1395826CC60F Ref B: FRAEDGE1907 Ref C: 2023-09-22T00:07:10Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12993

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 112ms
38ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=74500
accept-ranges: bytes
content-length: 3822

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 111ms
33ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
x-cdn: fastly
etag: "d27ea869d7ce22e300e4a4a927526193"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1473

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 107ms
32ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 00:07:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53243
x-xss-protection: 0
pragma: public
x-fb-debug: zKUn7DWyiCt2VOs59uBLeLoZpdjh76PD+rcAzEfdtoXdizXqOsOAROXZY7iq0xNsPO4Ja6GcxZAx+uYookcCSA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ins.js Show response
gbmmx.api.useinsider.com/ 438 KB
110 KB 170ms
120ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbmmx.api.useinsider.com/ins.js?id=10008202

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b9dc40356b4ae400339f552c875097e5d1e635b124bf590b322bd294d8b4386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fAyP9Gw4J4oJvQkkKpNMLfuEuKPdtZnC
cf-cache-status: HIT
x-amz-request-id: 43ASM87X8JTW97H0
content-encoding: br
x-amz-id-2: +P6lFOHaYqkT5BztNAWuvW0Egke0Tv25Sr5pukKaiZYlDTCmNq8cEzoFWTUJvpOZTOyOCtBvuf0=
x-xss-protection: 1
pragma: public
last-modified: Thu, 21 Sep 2023 23:22:15 GMT
server: cloudflare
etag: W/"0b0b8c55f98dbcf1da597a161aad03ca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 80a64e640993aca7-TXL
expires: Fri, 22 Sep 2023 12:07:10 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 396ms
142ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4ELQJE9UAPKMTRVN290&lib=ttq
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4c4a955585b7b318e203eab367e1a8f54c005df2835a5cd42d113cefe4a4cc94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 959a84d.130772f8
date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
x-parent-response-time: 96,104.126.37.143
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=9, inner; dur=4
content-length: 1718
pragma: no-cache
server: nginx
x-tt-logid: 2023092200071129BAFB0DEC8843ECBB37
x-cache-remote: TCP_MISS from a23-222-16-61.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.222.16.61
x-tt-trace-host: 0160d385163ea06058700b559f5251d3f5a543aedea00846c41f17c5267ff3f40b452aff42dffabc86595423cb4ebde2eda734a7ed7df44761b74b21dfd05aaea837a7e75b8b33e02e90517bf49b3960868ec111084d69d94af7c0d6d8cda790d2ee47fb0887dc50dd2be2e64fd4986ab1
expires: Fri, 22 Sep 2023 00:07:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
102 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5ZQKK09K40&l=dataLayer&cx=c

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33738fabb2a6da7a4e8efc88a07749fdda4d9f3c53fb8cbe7fb3d65bdb378ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 00:07:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
962 B 200ms
65ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700&display=swap

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/static/css/409.adca9b2d.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b2bcad1b638234e845761aa204554993de41753e07d281b6e837a2945017fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 00:00:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 00:07:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
556 B 204ms
70ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Mono&display=swap

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/static/css/409.adca9b2d.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf58aae3faf3c465e103e765c8826fd478dba7c5148ea3078d169a6ea84cb655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 23:56:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 00:07:10 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 33ms
32ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=70366
accept-ranges: bytes
content-length: 4862

GET
H2 200 main.b4887131.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 28ms
27ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
x-cdn: fastly
etag: "aa7df97ef17cd5e7b3b0e69ee5fe57f8"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18175

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 98ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5ZQKK09K40&gtm=45je39k0&_p=1774872401&_gaz=1&cid=1636468986.1695341231&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695341230&sct=1&seg=0&dl=https%3A%2F%2Fauth.gbm.com%2F&dt=GBM%20%7C%20Auth&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ZQKK09K40&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.gbm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 105ms
35ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5ZQKK09K40&cid=1636468986.1695341231&gtm=45je39k0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ZQKK09K40&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.gbm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/357057278/ 3 KB
1 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/357057278/?random=1695341230832&cv=11&fst=1695341230832&bg=ffffff&guid=ON&async=1&gtm=45je39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&auid=1556443577.1695341231&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37f0877dafda38fe3fd1a2cbf11e8fd6ae4ff4eb33cfb041c9b7785c1785cf02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 188ms
68ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5ZQKK09K40&cid=1636468986.1695341231&gtm=45je39k0&aip=1&z=156292610

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1858980964431645 Show response
connect.facebook.net/signals/config/ 368 KB
114 KB 5121ms
5120ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1858980964431645?v=2.9.128&r=stable&domain=auth.gbm.com

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

275fc6406323fc280e5ebe7fcb1512469492579d03bedbef900010ae2c37bca0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 00:07:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: NaxEcY4ZhCMBd9jCNQS3PsxffJHneyoMaOeTmb+enkimmeSfR0PhhRp6TLDRuNuQnU8+vCo0j8A4NJImdsL/vw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2981026/domain/auth.gbm.com/ 36 B
374 B 109ms
29ms XHR
application/json 2600:9000:20eb:3800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2981026/domain/auth.gbm.com/token
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 23:24:40 GMT
content-encoding: gzip
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2551
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: nNpW-HmGwYSln6e3ZM9Zo0rId-LmGyeARLdDsi99SpoTNryCn9zYrA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2981026&time=1695341230908&url=https%3A%2F%2Fauth.gbm.com%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2981026&time=1695341230908&url=https%3A%2F%2Fauth.gbm.com%2F&e_ipv6=AQIA7EaLhiUqsAAAAYq6Njvnc172a2OChp0WEGpzEjXGPt1E8Tal8KIdTFWNtLYgb8ApQ4xY

0
264 B

284ms
183ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2981026&time=1695341230908&url=https%3A%2F%2Fauth.gbm.com%2F&e_ipv6=AQIA7EaLhiUqsAAAAYq6Njvnc172a2OChp0WEGpzEjXGPt1E8Tal8KIdTFWNtLYgb8ApQ4xY
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8EFADAFD18D84A2E838FAA226C66BE86 Ref B: FRAEDGE2018 Ref C: 2023-09-22T00:07:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYF52PeWxYKQPj608dmlQ==

Redirect headers

date: Fri, 22 Sep 2023 00:07:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 21EB7480B1B14032B8DDC9ACEC0E2135 Ref B: FRAEDGE1711 Ref C: 2023-09-22T00:07:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2981026&time=1695341230908&url=https%3A%2F%2Fauth.gbm.com%2F&e_ipv6=AQIA7EaLhiUqsAAAAYq6Njvnc172a2OChp0WEGpzEjXGPt1E8Tal8KIdTFWNtLYgb8ApQ4xY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYF52PZ7KcBRIAwCKB/2g==

GET
H2 200 / Show response
ct.pinterest.com/user/ 567 B
903 B 200ms
64ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613440229679&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1695341230913&dep=2%2CPAGE_LOAD

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.ded5ce17.1695341231.3dea3b1
x-envoy-upstream-service-time: 1
content-length: 389
x-pinterest-rid: 1633173236718477
pin-unauth: dWlkPU5XUmhOalEyWkdJdFlXRm1ZUzAwTUdOa0xUbGhNRFl0WkdVNFl6azFPV1E1TjJSag
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auth.gbm.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 567 B
904 B 191ms
56ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613440229679&cb=1695341230914&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.ded5ce17.1695341231.3dea3b2
x-envoy-upstream-service-time: 0
content-length: 389
x-pinterest-rid: 4625957238201077
pin-unauth: dWlkPU5HSXpPVEU0TXpjdE9XSmhaaTAwWlRBeUxXSTBOMkl0WW1VMU1EaGxNalZoWWpabQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auth.gbm.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 56283534.js Show response
bat.bing.com/p/action/ 0
115 B 51ms
51ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56283534.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 22 Sep 2023 00:07:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 27A49926782847EA93F04755D46C164D Ref B: FRAEDGE1907 Ref C: 2023-09-22T00:07:10Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 75ms
74ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56283534&tm=gtm002&Ver=2&mid=fb22a45e-e361-42e8-ad97-fe841cc919a4&sid=f9eca5d058db11ee91eb7f6bab7c5b6f&vid=f9eccca058db11ee96f103aea7aa2a8e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GBM%20%7C%20Auth&p=https%3A%2F%2Fauth.gbm.com%2F&r=&lt=1341&evt=pageLoad&sv=1&rn=266614

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 22 Sep 2023 00:07:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE8FFFFFB85C4C3FBEE97D2ECAD42E36 Ref B: FRAEDGE1907 Ref C: 2023-09-22T00:07:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1013769977/ 42 B
108 B 193ms
70ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1013769977/?random=1695341230653&cv=11&fst=1695340800000&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&frm=0&tiba=GBM%20%7C%20Auth&fmt=3&is_vtc=1&random=2712688352&rmt_tld=0&ipr=y

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1013769977/ 42 B
154 B 114ms
70ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1013769977/?random=1695341230653&cv=11&fst=1695340800000&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&frm=0&tiba=GBM%20%7C%20Auth&fmt=3&is_vtc=1&random=2712688352&rmt_tld=1&ipr=y

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1013769977/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth...
https://www.google.com/pagead/1p-conversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82...
https://www.google.de/pagead/1p-conversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82B...

42 B
108 B

71ms
70ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82BCMykgaUBEPnNs-MD&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&value=0&auid=1556443577.1695341231&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PdnFBWVFuYmZVdkl1anRQaFVFaVlBVF9rUjdIUkNxN3RDeWFLU2tNdjVmU3NiR1RGYzZCdGZJWG95TDRsTUN3M19WOUR2dncaWkNoRUk4Tk92cUFZUXFiblBwWWpFbHEyVUFSSXVBTWNCNmVrOGNNMHp3Nkp6RkVndFVyaXVmS3pmMTBsdXFOZm5jcjczNWVJelVKdDN2RXlMYzFVc2ptMzhjdyITCMXh1572vIEDFSVM5Qod-NsM9A&is_vtc=1&ocp_id=rtoMZcXSMaWYlQf4t7OgDw&cid=CAQSKQBpAlJW2lMOSDf8XukiXMPWlhFma0fJNrbD9RIXcUPHsBOoM4UymTP8&eitems=ChAI8NOvqAYQ3LimlcqfwssLEh0A6AMoE4yFOqeIR9B0AVK0ntnaK5U_GwqSHTtWkw&random=987803952&ipr=y

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1013769977/?random=984373583&cv=11&fst=1695341230645&bg=ffffff&guid=ON&async=1&gtm=45He39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&label=D82BCMykgaUBEPnNs-MD&hn=www.googleadservices.com&frm=0&tiba=GBM%20%7C%20Auth&value=0&auid=1556443577.1695341231&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5PdnFBWVFuYmZVdkl1anRQaFVFaVlBVF9rUjdIUkNxN3RDeWFLU2tNdjVmU3NiR1RGYzZCdGZJWG95TDRsTUN3M19WOUR2dncaWkNoRUk4Tk92cUFZUXFiblBwWWpFbHEyVUFSSXVBTWNCNmVrOGNNMHp3Nkp6RkVndFVyaXVmS3pmMTBsdXFOZm5jcjczNWVJelVKdDN2RXlMYzFVc2ptMzhjdyITCMXh1572vIEDFSVM5Qod-NsM9A&is_vtc=1&ocp_id=rtoMZcXSMaWYlQf4t7OgDw&cid=CAQSKQBpAlJW2lMOSDf8XukiXMPWlhFma0fJNrbD9RIXcUPHsBOoM4UymTP8&eitems=ChAI8NOvqAYQ3LimlcqfwssLEh0A6AMoE4yFOqeIR9B0AVK0ntnaK5U_GwqSHTtWkw&random=987803952&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
455 B 171ms
60ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613440229679&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fauth.gbm.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1695341230938

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ded5ce17.1695341231.3dea3b5
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1844439410419563
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 worker-new.html Show response
gbmmx.api.useinsider.com/ Frame BF6B 10 KB
3 KB 83ms
83ms Document
text/html 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbmmx.api.useinsider.com/worker-new.html
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-cache-status: HIT
cf-ray: 80a64e658c2aaca7-TXL
content-encoding: br
content-type: text/html
date: Fri, 22 Sep 2023 00:07:11 GMT
expires: Fri, 06 Oct 2023 00:07:11 GMT
last-modified: Wed, 20 Sep 2023 08:29:54 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 65ms
64ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1774872401&t=pageview&_s=1&dl=https%3A%2F%2Fauth.gbm.com%2F&ul=en-us&de=UTF-8&dt=GBM%20%7C%20Auth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEABRAAAACAAI~&jid=1396078337&gjid=194970771&cid=1636468986.1695341231&tid=UA-24773801-1&_gid=1627838290.1695341231&_slc=1&gtm=45He39k0n81KB4HCZN&z=1573715171

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.gbm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 36ms
35ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24773801-1&cid=1636468986.1695341231&jid=1396078337&gjid=194970771&_gid=1627838290.1695341231&_u=aCDAiEABRAAAAGAAI~&z=1251412516

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Sep 2023 00:07:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.gbm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/357057278/ 42 B
455 B 115ms
68ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/357057278/?random=1695341230832&cv=11&fst=1695340800000&bg=ffffff&guid=ON&async=1&gtm=45je39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&frm=0&tiba=GBM%20%7C%20Auth&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3228505517&rmt_tld=0&ipr=y

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/357057278/ 42 B
108 B 70ms
69ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/357057278/?random=1695341230832&cv=11&fst=1695340800000&bg=ffffff&guid=ON&async=1&gtm=45je39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.gbm.com%2F&frm=0&tiba=GBM%20%7C%20Auth&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3228505517&rmt_tld=1&ipr=y

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 81ms
69ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24773801-1&cid=1636468986.1695341231&jid=1396078337&_u=aCDAiEABRAAAAGAAI~&z=1119386631

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 70ms
67ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24773801-1&cid=1636468986.1695341231&jid=1396078337&_u=aCDAiEABRAAAAGAAI~&z=1119386631

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 z Show response
carrier.useinsider.com/y/v2/ 59 B
351 B 63ms
62ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8041c99205769da6623c6221f3ed4cdbd2506dad34f2caadb46ca56b4f55bc32

Request headers

Referer
accept-language: de-DE,de;q=0.9
partner: gbmmx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 80a64e67e9315902-TXL

GET
H2 200 1695341231080673b9043e2.ca7472b8 Show response
segment.api.useinsider.com/v4/segments/ 927 B
773 B 718ms
522ms XHR
application/json 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/1695341231080673b9043e2.ca7472b8?partnerid=10008202&fields=642962da9a5482529da34e2ed07dc051,8f038067f49893b2a1f5b87ef4ebe4b1,46d51a632332b018b50dc13e5cf8e594&
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5860f92a268d828c42a1fb3253b5e9543dc5c07a21c35dc0f5273f6a12b2698b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 80a64e677c7444f8-TXL

GET
H2 200 / Show response
locationv2.api.useinsider.com/ 240 B
509 B 234ms
75ms XHR
application/json 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://locationv2.api.useinsider.com/?v=2&pId=10008202&
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8847a5471533daefa70123d3dc9b10daac8e2bdf1ad437a41d5d9fac4355525

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 80a64e677d90451c-TXL

GET
H2 200 web Show response
carrier.useinsider.com/v2/event/trigger-events/gbmmx/ 506 B
466 B 84ms
83ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/v2/event/trigger-events/gbmmx/web?
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e7604560da32a3a785bfd664f32afae6542cc4f3db01c283c783eb7be5f4e9

Request headers

Referer
accept-language: de-DE,de;q=0.9
partner: gbmmx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 80a64e67e93d5902-TXL

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
700 B 59ms
59ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613440229679&cb=1695341231160&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fauth.gbm.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:11 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ded5ce17.1695341231.3dea43d
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 7613033186903154
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 784.ee4087df4c64281a.chunk.js Show response
d22vs62oi46xf1.cloudfront.net/ 6 KB
3 KB 45ms
40ms Script
application/javascript 2600:9000:2156:5e00:e:f5be:ab40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d22vs62oi46xf1.cloudfront.net/784.ee4087df4c64281a.chunk.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:e:f5be:ab40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a6a4ed8a34a09bd83664b42e2fc401eecdbc65db8635c9e35d2dc182ac4192c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 08:05:07 GMT
content-encoding: br
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 57725
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 20:24:09 GMT
server: AmazonS3
etag: W/"3afb9642695c8e5dcd2cef60ea45d0da"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: JJ0u_iFpoJO9kGS-E1_VmwgA9HZVgAgU6cS0guklmvajjTlWklMESQ==

GET
H2 200 235.c89ed241.chunk.js Show response
auth.gbm.com/static/js/ 117 KB
36 KB 174ms
170ms Script
application/javascript 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/js/235.c89ed241.chunk.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ef5eeb57f107d8d3466aae8f85ec24f53306ef273af8d7a88b36c8d04fcb737

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 23:56:02 GMT
via: 1.1 880eb84cefca849ee159a7c4d89c31ea.cloudfront.net (CloudFront)
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47972074 PNYN RT(1695341229725 1365) q(0 0 0 -1) r(1 1) U24
last-modified: Tue, 20 Jun 2023 04:52:14 GMT
server: AmazonS3
etag: "14c9409d45284411586b77c6a981e0b8"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: BMLTcDIEOpS9zb9CZfQ7Fhlv2FH8ocs6zXJZsglaB05Ntam8r_s6aA==

GET
H2 200 427.bc5d302f2d048b84.chunk.js Show response
d22vs62oi46xf1.cloudfront.net/ 138 KB
42 KB 48ms
44ms Script
application/javascript 2600:9000:2156:5e00:e:f5be:ab40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d22vs62oi46xf1.cloudfront.net/427.bc5d302f2d048b84.chunk.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:e:f5be:ab40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a60814dc8b52542a70b1c3863574ab93111a7e33749dd20e8ee08907210e77d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 08:29:57 GMT
content-encoding: br
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 56235
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 20:24:06 GMT
server: AmazonS3
etag: W/"061d1d532e0883b354218a8ab4b478ed"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: BJ349R4oempuBUPEklqWeVi73pU4KO0bu0TMs9Lck8jNL1AHZPxOrQ==

GET
H2 200 306.f6550addb81bc1df.chunk.js Show response
d22vs62oi46xf1.cloudfront.net/ 4 KB
2 KB 72ms
69ms Script
application/javascript 2600:9000:2156:5e00:e:f5be:ab40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d22vs62oi46xf1.cloudfront.net/306.f6550addb81bc1df.chunk.js

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:e:f5be:ab40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7621dc7181d5e38d0a5bbc7ddfcf70e8196bcbe3810cf2cbf7432c472fb1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 08:51:55 GMT
content-encoding: br
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
age: 54917
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 20:24:05 GMT
server: AmazonS3
etag: W/"6404ead3e3dfde01f4eaeff016fbdedd"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: jjYbwMV6FXWXl5h99S1OKfAt8qiI2Fws7vWmeqQ6XSY-rpXyGlA1rg==

GET
H2 200 main.MWQ0NWRkZTlhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 389 KB
102 KB 33ms
33ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 130773ce
date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921130153A0C0D1DCBF83E04103BF
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01903b6f43e934512392829dbaeada1c066fdb24a477096d8792d9960012d5c13caf77c2fddc8b447148e2d90ebc4ce71826a659a5509fa8730fd595d2a8c76153f088fa0f1c3b927b9d9360ce389042248cf95de22a80be711ec58df175f8f925
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 104325

OPTIONS
H2 204 z
carrier.useinsider.com/y/v2/ Frame 0
0 269ms
67ms Preflight 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,partner
Access-Control-Request-Method: POST
Origin: https://auth.gbm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: content-type,partner
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 80a64e6778695902-TXL
date: Fri, 22 Sep 2023 00:07:11 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 web
carrier.useinsider.com/v2/event/trigger-events/gbmmx/ Frame 0
0 218ms
74ms Preflight 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/v2/event/trigger-events/gbmmx/web?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: partner
Access-Control-Request-Method: GET
Origin: https://auth.gbm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: partner
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 80a64e67786e5902-TXL
date: Fri, 22 Sep 2023 00:07:11 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 32ms
32ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 1307749d
date: Fri, 22 Sep 2023 00:07:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907112840758A3262CB3C6D7E822E
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019714a35781e0d7a6235d085218768c5f4e543b989014847a45e9ff4231b5a77731547d7db578b0b6aea46cb9103103c50dd821f90d1f6e87ae988fd67bfb61e168bee8a484acf9fd224b09c28f2eb23898a1deda39db5893fc2b8cf614d26085
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 36019

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
878 B 222ms
128ms Ping
text/plain 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 23848483.225cd5c9
date: Fri, 22 Sep 2023 00:07:11 GMT
x-bytefaas-request-id: 202309220007110C9CAB8DB1B9406D7592
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
x-parent-response-time: 96,23.54.206.24
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=14, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202309220007110C9CAB8DB1B9406D7592
x-cache-remote: TCP_MISS from a23-54-160-28.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 3.71
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 14,23.54.160.28
x-tt-trace-host: 0160d385163ea06058700b559f5251d3f5d15f8950da6132db5de00a1179aa3af68edcca4ef3ac51963447db5158fef3092eeff640e8f4aa55f8c256e3936471e0a9b33b31478d1d4ad32bb112baade9a6239bbc28c1777da7a33a9db0baec9c4faf1aa556baea7f1875647812ba286ab8
access-control-allow-headers: *
expires: Fri, 22 Sep 2023 00:07:11 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
792 B 178ms
177ms Ping
text/plain 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: e46d4d5.130774f3
date: Fri, 22 Sep 2023 00:07:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
x-parent-response-time: 135,104.126.37.143
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=38, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230922000711E09770A52178D77461AC
x-cache-remote: TCP_MISS from a23-222-16-85.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.222.16.85
x-tt-trace-host: 0160d385163ea06058700b559f5251d3f5a543aedea00846c41f17c5267ff3f40b3861aa6278b743bd7be6a0cfde95111db0476c34aa118e5f5b78f930f7fad7f2122355d942218ed6bd4eb60889b29929e9251b62007c7d50d20bd4c131b9a831f9d222de557b2cc7a43e843a2eefe78e
access-control-allow-headers: Authorization,*
expires: Fri, 22 Sep 2023 00:07:11 GMT

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
331 B 69ms
59ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 16bc7b6d-4e31-48c8-8b91-71d7b4ee8e15
cf-ray: 80a64e6839b25902-TXL
content-length: 16

GET
H2 200 log.png
sentinel.api.useinsider.com/ 68 B
416 B 86ms
78ms Image
image/png 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sentinel.api.useinsider.com/log.png?s=ReferenceError%3A%20contract_alta_date%20is%20not%20defined%0A%20%20%20%20at%20eval%20(eval%20at%20Functions.eval%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A438024)%2C%20%3Canonymous%3E%3A1%3A1)%0A%20%20%20%20at%20Functions.eval%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A438024)%0A%20%20%20%20at%20Functions.eval%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A448034)%0A%20%20%20%20at%20H.%3Canonymous%3E%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A147397)%0A%20%20%20%20at%20Array.forEach%20(%3Canonymous%3E)%0A%20%20%20%20at%20H.addCustomUserAttributesToPayload%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A147305)%0A%20%20%20%20at%20H.addCustomUserAttributesToPayload%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A448034)%0A%20%20%20%20at%20H.getUserEventData%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A145794)%0A%20%20%20%20at%20H.getUserEventData%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A448034)%0A%20%20%20%20at%20H._sendEventData%20(https%3A%2F%2Fgbmmx.api.useinsider.com%2Fins.js%3Fid%3D10008202%3A1%3A139928)
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:11 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P3
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 68
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 May 2019 11:22:43 GMT
server: cloudflare
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 80a64e68386baca7-TXL
x-amz-cf-id: f4oUVGe_pBJ8lEch5ugcueERrqFWFV37kV72g8E015yfVQLi9IxNPQ==
expires: Fri, 22 Sep 2023 00:37:11 GMT

GET
H2 200 1782008415f6ff01e234a461694b5d70 Show response
statestore.rollout.io/5d83cc8fe0455c42be5ba0b4/ 14 B
570 B 141ms
33ms XHR
application/json 2600:9000:223c:e200:16:bac9:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://statestore.rollout.io/5d83cc8fe0455c42be5ba0b4/1782008415f6ff01e234a461694b5d70
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e200:16:bac9:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ae277e741844927863cae71ab0bec2158f46bba0636e5a9b18a590f28f40fc5

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 05:28:00 GMT
content-encoding: gzip
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 67152
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34
last-modified: Thu, 11 May 2023 21:30:28 GMT
server: AmazonS3
etag: "87d1790312276e91ba9f837e0f0960cb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
content-language: en
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: pw65XUhVVed4Z7mrofS8hAAdrdTjnWLtsC9x_un1IONG0NL2XctsvQ==

GET
H2 200 7238f7fd73be25b1f1c86789e3aeff6b Show response
conf.rollout.io/5d83cc8fe0455c42be5ba0b4/ 8 KB
3 KB 539ms
412ms XHR
application/json 2600:9000:2490:5e00:1d:e55:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://conf.rollout.io/5d83cc8fe0455c42be5ba0b4/7238f7fd73be25b1f1c86789e3aeff6b?distinct_id=961e858c-535b-445b-b8eb-e25acae5b8ab
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5e00:1d:e55:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a7d2215fbcef356b608ea57696cdd9567cf61c55483d8bef874227d5b8976de

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: mNlqmkW5C22H6Goyoump3lxHjBjiJKza
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 22 Sep 2023 00:07:13 GMT
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2345
last-modified: Sun, 27 Aug 2023 18:57:50 GMT
server: AmazonS3
etag: "794407defd4b26341ff8c259d2bce7c1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
content-language: en
cache-control: no-cache
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: _KXheukr11X-e3MJZpiaUqA7CIYJgYQ2HrwjKCgtEx_44kzrgwvsmw==

GET
H2 200 translations.json Show response
auth.gbm.com/locales/es/ 21 KB
6 KB 227ms
226ms Fetch
application/json 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.gbm.com/locales/es/translations.json

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.17.67 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1943695ac915471b4837994cf1e81130efc21e185cdd76b50f10531771828a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 880eb84cefca849ee159a7c4d89c31ea.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-cache: Miss from cloudfront
x-iinfo: 17-47971864-47972074 PNYN RT(1695341229725 1803) q(0 0 0 -1) r(1 1) U24
referrer-policy: no-referrer
last-modified: Tue, 20 Jun 2023 04:52:13 GMT
server: AmazonS3
etag: "403788cb517b09393b395a3904ea078b"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: ise7oxYRdcQNTfQEOKM-vyHOcIjclooJAeu9d_O9M4dkUBKcr5rVug==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
793 B 158ms
158ms Ping
text/plain 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4310dc15.130776b7
date: Fri, 22 Sep 2023 00:07:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
x-parent-response-time: 111,104.126.37.143
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202309220007118CE2792AD74798FC94F7
x-cache-remote: TCP_MISS from a23-222-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.222.16.92
x-tt-trace-host: 0160d385163ea06058700b559f5251d3f5a543aedea00846c41f17c5267ff3f40bd66f45bcb918726948f84a9c82c38973abf1c6095acd96836f036ef8c5c9247aadb5e0c12b1814628fb30daa470d3f6e472ba4008137fe913f514b5d35354d59d6d23e1e4b1f2f5a15604db0b0b1983a
access-control-allow-headers: Authorization,*
expires: Fri, 22 Sep 2023 00:07:11 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 199ms
57ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth.gbm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 18:36:55 GMT
x-content-type-options: nosniff
age: 19816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 18:36:55 GMT

GET
H2 200 754.3956b8d6.chunk.js Show response
auth.gbm.com/static/js/ 1 KB
648 B 157ms
157ms Script
application/javascript 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/js/754.3956b8d6.chunk.js
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c96bb09d8995e629fb32ae8ad37b824a22ede7f640e5716c094d80db82b6f27c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:00:39 GMT
via: 1.1 880eb84cefca849ee159a7c4d89c31ea.cloudfront.net (CloudFront)
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 11193
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47972074 PNYN RT(1695341229725 2048) q(0 0 0 -1) r(0 0) U24
last-modified: Tue, 20 Jun 2023 04:52:14 GMT
server: AmazonS3
etag: "2ca938dd3dabbd0da0e8e261b9437094"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: EwtDU1k0GvRzB-OElVlJtL2h8Abf6pz0QVdRc58PdoUk56aFSctkFg==

GET
H2 200 @2x-not-found-bg.5e8b1aa6eccaf10f24ed.png
auth.gbm.com/static/media/ 309 KB
310 KB 373ms
373ms Image
image/png 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.gbm.com/static/media/@2x-not-found-bg.5e8b1aa6eccaf10f24ed.png
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/static/css/329.037dc9c7.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88705acbb8757718640020339db165df3d7ab116215928d89bb9d7e7f0938761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.gbm.com/static/css/329.037dc9c7.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 00:07:13 GMT
via: 1.1 880eb84cefca849ee159a7c4d89c31ea.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jun 2023 04:52:15 GMT
server: AmazonS3
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
etag: "48c44dc5e1bfe4b6b86a07415aa03cc0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-iinfo: 17-47971864-47972074 PNNN RT(1695341229725 2212) q(0 0 0 -1) r(2 2) U24
cache-control: max-age=86400
accept-ranges: bytes
content-length: 316574
x-amz-cf-id: NgHovMtwczgxSsUgfx-_siR3V-VP-unOTlcdLjGbM4uhs-E9HE-kzg==

GET
H2 200 59997440b89141f96698.59997440b89141f96698.woff
auth.gbm.com/static/media/ 33 KB
33 KB 156ms
156ms Font
font/woff 45.60.17.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gbm.com/static/media/59997440b89141f96698.59997440b89141f96698.woff
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/static/css/409.adca9b2d.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.17.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3478a614ebb26ab5d50a0ba7399dbe8ad483fdc83b7a707883ccbe868aff6f46

Request headers

Referer: https://auth.gbm.com/static/css/409.adca9b2d.chunk.css
Origin: https://auth.gbm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 02:16:18 GMT
via: 1.1 9c1e51085ad77fbbab78fe2feb46cf98.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: MIA3-C2
age: 78655
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-iinfo: 17-47971864-47972078 PNNN RT(1695341229725 2215) q(0 0 0 -1) r(0 0) U24
content-length: 33876
last-modified: Tue, 20 Jun 2023 04:52:14 GMT
server: AmazonS3
etag: "11989ee55aeec152f961b31452c94cd1"
content-type: font/woff
cache-control: max-age=86400
x-incap-sess-cookie-hdr: 3tNbbLKvIky9Eur3Az0tFq/aDGUAAAAAKmBabn/gutrYbfXySOg0+Q==
accept-ranges: bytes
x-amz-cf-id: iOK7uFs40JTXgb5J7jdnDSBw40tesksC0P9hPvPq3eLvqYMmI8Xcsw==

GET
H2 200 5d83cc8fe0455c42be5ba0b4
push.rollout.io/sse/ 5 B
0 387ms
124ms EventSource
text/event-stream 44.217.154.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://push.rollout.io/sse/5d83cc8fe0455c42be5ba0b4
Requested by: Host: auth.gbm.com
URL: https://auth.gbm.com/not-found
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.217.154.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-217-154-18.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Sep 2023 00:07:12 GMT
cache-control: no-cache, no-transform
access-control-allow-headers: cache-control,accept,*
access-control-allow-methods: *
content-type: text/event-stream

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 36ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5ZQKK09K40&gtm=45je39k0&_p=1774872401&cid=1636468986.1695341231&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1695341230&sct=1&seg=0&dl=https%3A%2F%2Fauth.gbm.com%2F&dt=GBM%20%7C%20Auth&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ZQKK09K40&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 00:07:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.gbm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 194ms
30ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1858980964431645&ev=PageView&dl=https%3A%2F%2Fauth.gbm.com&rl=&if=false&ts=1695341236137&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=28&fbp=fb.1.1695341236133.1373034588&eid=ob3_plugin-set_dbb46a0403c1af0029986a0e2f4532c2b26f928952beeb406d6ba2239dabf25f&pm=1&hrl=8767cc&it=1695341230905&coo=false&cs_cc=1&cas=6070069979746838%2C5450390845045426%2C5794177287342861%2C4340595496022374%2C4335180919855526%2C2776800429031638%2C2100497409983081%2C2001321603246637%2C1848773771845535%2C1616685861733544%2C1518221214881129&rqm=GET

Requested by

Host: auth.gbm.com
URL: https://auth.gbm.com/not-found

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.gbm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 22 Sep 2023 00:07:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST events
fb.gbm.com/ 0
0

GET nr-spa-1184.min.js
js-agent.newrelic.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fb.gbm.com
URL: https://fb.gbm.com/events

Domain: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-1184.min.js

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gbm.com/	1970-01-20 23:40:15	Name: visid_incap_2435315 Value: nis+z6euRTuTG8QzcfzJkK3aDGUAAAAAQUIPAAAAAAC7naHuGTIz2jxfKLjUNLiE
.gbm.com/	1969-12-31 23:59:59	Name: nlbi_2435315 Value: 9+M3IoNpDD3GKB8hiTkyKwAAAAD5eToqFY9n+M2lHfIrBLnB
.gbm.com/	1969-12-31 23:59:59	Name: incap_ses_1598_2435315 Value: ZfigPLcLpi+9Eur3Az0tFq3aDGUAAAAAuyD8y8CgjvOgihKM7VpWcg==
.gbm.com/	1970-01-20 17:05:17	Name: _gcl_au Value: 1.1.1556443577.1695341231
.useinsider.com/	1970-01-20 14:55:43	Name: __cf_bm Value: _LQRNXtkL1NfLJVwDWuAvFaZq.gA3QV_Bpqxb3dxLqs-1695341230-0-AUTg2GYGMWvU45XoeFDnsKvbcBYQ5HwpU6zEkzNA8ze24Qv2coDxquKiA8a7gSyFYbfGarannCG4+ttKB8ZSyKo=
.gbm.com/	1970-01-20 14:57:07	Name: _uetsid Value: f9eca5d058db11ee91eb7f6bab7c5b6f
.gbm.com/	1970-01-21 00:17:17	Name: _uetvid Value: f9eccca058db11ee96f103aea7aa2a8e
.gbm.com/	1970-01-21 00:31:41	Name: _ga Value: GA1.2.1636468986.1695341231
.gbm.com/	1970-01-20 14:57:07	Name: _gid Value: GA1.2.1627838290.1695341231
.gbm.com/	1970-01-20 14:55:41	Name: _dc_gtm_UA-24773801-1 Value: 1
.bing.com/	1970-01-21 00:17:17	Name: MUID Value: 0E85B4D9E3796F7D0529A74DE2796EB5
.doubleclick.net/	1970-01-21 00:17:17	Name: IDE Value: AHWqTUkGIekOlEwhXYk38AqSb1JafVdJzLioj9JFIqSWpgBu2QWoexAkF1V-zn76
auth.gbm.com/	1970-01-20 14:57:07	Name: ln_or Value: eyIyOTgxMDI2IjoiZCJ9
.pinterest.com/	1970-01-20 23:41:17	Name: ar_debug Value: 1
.auth.gbm.com/	1970-01-20 23:41:17	Name: _pin_unauth Value: dWlkPU5XUmhOalEyWkdJdFlXRm1ZUzAwTUdOa0xUbGhNRFl0WkdVNFl6azFPV1E1TjJSag
.linkedin.com/	1970-01-20 23:41:17	Name: bcookie Value: "v=2&92cf7df5-bf94-40fe-8e82-06de5ea09656"
.linkedin.com/	1970-01-20 19:14:53	Name: li_gc Value: MTswOzE2OTUzNDEyMzE7MjswMjG4RGhhjqMebbsU9UgYwGTgvqTxC2SmeEJVG/9Mr9GlJg==
.linkedin.com/	1970-01-20 14:57:07	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2589:u=1:x=1:i=1695341231:t=1695427631:v=2:sig=AQHfcEmHVl4Emdx5AIErpT_kTularGEz"
.tiktok.com/	1970-01-21 00:17:17	Name: _ttp Value: 2VjEkQN2AatJsiQDraaWN3T3hXB
.ct.pinterest.com/	1970-01-20 23:41:17	Name: _pinterest_ct_ua Value: "TWc9PSY5cUxFM3ZwQXdJWEFzUHVUQWRMS0NpZ2daR0F6S3gwQlRxYTNKd0xwNlhRaWF6OWZISjVraUIwaVVlUnNlR2hSb2ZHRTJoeHpLM2pNNHVUejRBYk9oZ2Q2Ulo0VXB4VGZQdEJBdnkyWDd2bz0mdzNTbTJPSVZaL0x3VmZiWGdsVW9Fc3BxWUU4PQ=="
.gbm.com/	1970-01-21 00:17:17	Name: _tt_enable_cookie Value: 1
.gbm.com/	1970-01-21 00:17:17	Name: _ttp Value: rJQQx_Cs0E1CwYmwL6k1dTyxPNp
.gbm.com/	1970-01-20 23:41:17	Name: mp_3457f824a8dadfb4e99311b8ec7d87ce_mixpanel Value: %7B%22distinct_id%22%3A%20%2218aba363dea352-07eb0897186001-1d3b357e-1d4c00-18aba363debabb%22%2C%22%24device_id%22%3A%20%2218aba363dea352-07eb0897186001-1d3b357e-1d4c00-18aba363debabb%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.gbm.com/	1970-01-21 00:31:41	Name: _ga_5ZQKK09K40 Value: GS1.1.1695341230.1.1.1695341232.58.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pangle-ads.com
analytics.tiktok.com
auth.gbm.com
bat.bing.com
carrier.useinsider.com
cdn.linkedin.oribi.io
conf.rollout.io
connect.facebook.net
ct.pinterest.com
d22vs62oi46xf1.cloudfront.net
fb.gbm.com
fonts.googleapis.com
fonts.gstatic.com
gbmmx.api.useinsider.com
googleads.g.doubleclick.net
hit.api.useinsider.com
js-agent.newrelic.com
locationv2.api.useinsider.com
push.rollout.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.pinimg.com
segment.api.useinsider.com
sentinel.api.useinsider.com
snap.licdn.com
statestore.rollout.io
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
fb.gbm.com
js-agent.newrelic.com
104.126.37.147
13.107.42.14
142.250.185.98
193.108.153.24
2001:4860:4802:32::36
23.206.208.183
2600:9000:20eb:3800:2:53b2:240:93a1
2600:9000:2156:5e00:e:f5be:ab40:21
2600:9000:223c:e200:16:bac9:b40:93a1
2600:9000:2490:5e00:1d:e55:40:93a1
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0b::9b
2a02:26f0:3500:16::215:149b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:8d::84
44.217.154.18
45.60.17.67
045eb33928e7d02116fa861c3d32dfd947e7e70f1788f3d555fa72b28d5292c6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e45cead778d97d0fb6306d97b4348a21354fe8b09cec1f38794b73e487d0e27
26485fa43916cae24f153b337666137df2402a052bd6d7f97282dc5517eca392
275fc6406323fc280e5ebe7fcb1512469492579d03bedbef900010ae2c37bca0
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
28e7604560da32a3a785bfd664f32afae6542cc4f3db01c283c783eb7be5f4e9
2a7d2215fbcef356b608ea57696cdd9567cf61c55483d8bef874227d5b8976de
2b2bcad1b638234e845761aa204554993de41753e07d281b6e837a2945017fc9
33738fabb2a6da7a4e8efc88a07749fdda4d9f3c53fb8cbe7fb3d65bdb378ecf
34587acfbf2fd27bc078ed5dedfbbd934d93e62187e4ec8e95804c7998b75088
3478a614ebb26ab5d50a0ba7399dbe8ad483fdc83b7a707883ccbe868aff6f46
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37f0877dafda38fe3fd1a2cbf11e8fd6ae4ff4eb33cfb041c9b7785c1785cf02
399166d8dd9d3668e02a8648e4fc953fc602d2d63563397cd6e13d73e2b124b2
3b9dc40356b4ae400339f552c875097e5d1e635b124bf590b322bd294d8b4386
3ef5eeb57f107d8d3466aae8f85ec24f53306ef273af8d7a88b36c8d04fcb737
4abe4c4230beee308c194633795d18e37fb92d8a11c6ee7988fd2164d62d471b
4c4a955585b7b318e203eab367e1a8f54c005df2835a5cd42d113cefe4a4cc94
571ce63858b22ce497393012ea766063fdb83baedd90a9965e8022681afdca81
5860f92a268d828c42a1fb3253b5e9543dc5c07a21c35dc0f5273f6a12b2698b
5ae277e741844927863cae71ab0bec2158f46bba0636e5a9b18a590f28f40fc5
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e
8041c99205769da6623c6221f3ed4cdbd2506dad34f2caadb46ca56b4f55bc32
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88705acbb8757718640020339db165df3d7ab116215928d89bb9d7e7f0938761
8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841
905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
9e071e4d1bec1746977386445c4063c213ae8cbdfcef98ddc26a4d692759dd11
a1943695ac915471b4837994cf1e81130efc21e185cdd76b50f10531771828a8
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a60814dc8b52542a70b1c3863574ab93111a7e33749dd20e8ee08907210e77d5
a6a4ed8a34a09bd83664b42e2fc401eecdbc65db8635c9e35d2dc182ac4192c3
ae54d36af742b355411dcfd15fd87afe88145a4f408491f03f3fc7f01a9a85db
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
bf2b2f854f90e9569556ba61dab6049c37aa96f3b25f95c1c908ccd79e1da49f
bf58aae3faf3c465e103e765c8826fd478dba7c5148ea3078d169a6ea84cb655
c6b3176c9f2ccca5d85f9a9cd5fed349820e793efdcad76a75fe121bdcb27698
c7621dc7181d5e38d0a5bbc7ddfcf70e8196bcbe3810cf2cbf7432c472fb1386
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c96bb09d8995e629fb32ae8ad37b824a22ede7f640e5716c094d80db82b6f27c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e799df4bb57ca914c791ea976dd20103f9bbdcdbbc26d4b7f51d79f9efe0f762
e8847a5471533daefa70123d3dc9b10daac8e2bdf1ad437a41d5d9fac4355525
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fd0ba2b22c438aae849af8755c2f8569783a296c7d5e0406576ec4603bb65957

auth.gbm.com Open in urlscan Pro 45.60.17.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

95 %HTTPS

76 %IPv6

24 Domains

35 Subdomains

29 IPs

3 Countries

1575 kBTransfer

4499 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth.gbm.com Open in urlscan Pro
45.60.17.67 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

95 %
HTTPS

76 %
IPv6

24
Domains

35
Subdomains

29
IPs

3
Countries

1575 kB
Transfer

4499 kB
Size

24
Cookies

78 HTTP transactions
0 data transactions