urlscan.io logo urlscan.io
SecurityTrails logo

f.revotas.com Open in urlscan Pro
176.236.94.116  Public Scan

Go To Rescan Add Verdict Report
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Submission: On January 27 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 13 HTTP transactions. The main IP is 176.236.94.116, located in Turkey and belongs to TELLCOM-AS, TR. The main domain is f.revotas.com. The Cisco Umbrella rank of the primary domain is 417137.
This is the only time f.revotas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    176.236.94.116 (Turkey)

ASN34984 (TELLCOM-AS, TR)
f.revotas.com
2    185.93.251.254 (Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: mail18593251254.revomailtr.com
www.revotas.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:206f:d800:15:90db:9f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
a.adroll.com
5    2600:9000:211a:c00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2a05:d018:cc3:fe05:6ad2:4f5e:efba:26cb (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
Apex Domain
Subdomains		 Transfer
7 adroll.com
a.adroll.com — Cisco Umbrella Rank: 172000
s.adroll.com — Cisco Umbrella Rank: 2416
d.adroll.com — Cisco Umbrella Rank: 1473
23 KB
3 revotas.com
f.revotas.com — Cisco Umbrella Rank: 417137
www.revotas.com
5 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5986
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
985 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
17 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 167
19 KB
13 7
Domain Requested by
5 s.adroll.com 2 redirects a.adroll.com
2 www.google.de f.revotas.com
2 www.google.com 2 redirects
2 www.google-analytics.com 1 redirects f.revotas.com
2 www.googleadservices.com f.revotas.com
www.googleadservices.com
2 www.revotas.com f.revotas.com
1 d.adroll.com a.adroll.com
1 a.adroll.com f.revotas.com
1 googleads.g.doubleclick.net 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 f.revotas.com
13 11

This site contains no links.

Subject Issuer Validity Valid
www.googleadservices.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
s.adroll.com
Amazon		 2022-07-03 -
2023-08-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh

This page contains 1 frames:

Primary Page: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Frame ID: 8C7B1B08916666AD7A9C479A3922B717
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Unsubscribe

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

13
Requests

23 %
HTTPS

73 %
IPv6

7
Domains

11
Subdomains

8
IPs

5
Countries

64 kB
Transfer

154 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 4
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=246102363&utmhn=f.revotas.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Unsubscribe&utmhid=316262612&utmr=-&utmp=%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&utmht=1674810844729&utmac=UA-618301-6&utmcc=__utma%3D115622225.2018577719.1674810845.1674810845.1674810845.1%3B%2B__utmz%3D115622225.1674810845.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=836674735&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=246102363&utmhn=f.revotas.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Unsubscribe&utmhid=316262612&utmr=-&utmp=%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&utmht=1674810844729&utmac=UA-618301-6&utmcc=__utma%3D115622225.2018577719.1674810845.1674810845.1674810845.1%3B%2B__utmz%3D115622225.1674810845.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=836674735&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363&slf_rd=1&random=2410365878
Request Chain 6
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1055764569/?random=600157481&cv=9&fst=1674810844759&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Ff.revotas.com%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&tiba=Unsubscribe&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3JXTY4KYMZ_FmLAP5ayE0AQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1055764569/?random=600157481&cv=9&fst=1674810000000&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Ff.revotas.com%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&tiba=Unsubscribe&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3740642947&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/1055764569/?random=600157481&cv=9&fst=1674810000000&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Ff.revotas.com%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&tiba=Unsubscribe&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3740642947&resp=GooglemKTybQhCsO&ipr=y
Request Chain 8
  • https://s.adroll.com/j/exp/KVN3M4OXKVAUVB7QGCJCDY/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 9
  • https://s.adroll.com/j/pre/KVN3M4OXKVAUVB7QGCJCDY/JBJAAUIN4FGKTJZHIU6MWO/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sb
f.revotas.com/frm/sv/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
HTTP/1.1
Server
176.236.94.116 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0cdee452aff62a75bb81d88a3e7f4de088f546f3d040a0950784e4435ae51851

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, max-age=0, must-revalidate, post-check=0, pre-check=0
Content-Type
text/html;charset=UTF-8
Date
Fri, 27 Jan 2023 09:14:02 GMT
Expires
0
Pragma
no-cache
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
unsub.js
www.revotas.com/host/js/ 		959 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.revotas.com/host/js/unsub.js
Requested by
Host: f.revotas.com
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
HTTP/1.1
Server
185.93.251.254 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
mail18593251254.revomailtr.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c6061243a6d8b5561b612405eca5762e34dfcdf4101f31ddac303a5dd3d0e62b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 09:14:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jul 2012 13:49:31 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
516
1x1.gif
www.revotas.com/images/ 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.revotas.com/images/1x1.gif
Requested by
Host: f.revotas.com
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
HTTP/1.1
Server
185.93.251.254 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
mail18593251254.revomailtr.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
834fa0a764d2fbf8d1bdc9095fc3f93d708bda023b4225fab907f25f51939a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 09:14:04 GMT
Last-Modified
Wed, 12 Feb 2014 12:12:29 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43
conversion.js
www.googleadservices.com/pagead/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion.js
Requested by
Host: f.revotas.com
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
HTTP/1.1
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8e64e05876bfc8cfa6cdba87b39852c21ee344149d047e9cefb1accc680f484b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 09:14:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9276738928452068410
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
17377
X-XSS-Protection
0
Expires
Fri, 27 Jan 2023 09:14:04 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: f.revotas.com
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
H2
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 27 Jan 2023 07:21:30 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6754
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 27 Jan 2023 09:21:30 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=246102363&utmhn=f.revotas.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Unsubscr...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=246102363&utmhn=f.revotas.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Unsubsc...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363&slf_rd=1&random=2410365878
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363&slf_rd=1&random=2410365878
Requested by
Host: f.revotas.com
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Jan 2023 09:14:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Jan 2023 09:14:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-618301-6&cid=2018577719.1674810845&jid=836674735&_v=5.7.2&z=246102363&slf_rd=1&random=2410365878
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1055764569/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1055764569/?random=1674810844759&cv=9&fst=1674810844759&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Ff.revotas.com%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&tiba=Unsubscribe&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a5946597e52184479aea5891dc6fb037aa073ab231cdd7c289d74c4553027ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Jan 2023 09:14:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1055764569/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1055764569/?random=600157481&cv=9&fst=1674810844759&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTyb...
  • https://www.google.com/pagead/1p-user-list/1055764569/?random=600157481&cv=9&fst=1674810000000&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w...
  • https://www.google.de/pagead/1p-user-list/1055764569/?random=600157481&cv=9&fst=1674810000000&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w=...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1055764569/?random=600157481&cv=9&fst=1674810000000&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Ff.revotas.com%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&tiba=Unsubscribe&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3740642947&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: f.revotas.com
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Jan 2023 09:14:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Jan 2023 09:14:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-user-list/1055764569/?random=600157481&cv=9&fst=1674810000000&num=1&value=0&label=i7aeCO-s1gIQ2eC29wM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Ff.revotas.com%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&tiba=Unsubscribe&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3740642947&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roundtrip.js
a.adroll.com/j/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.adroll.com/j/roundtrip.js
Requested by
Host: f.revotas.com
URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900
Protocol
HTTP/1.1
Server
2600:9000:206f:d800:15:90db:9f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
187dd959c1c8b5b67dd697aa19ebe24c0973eae61cc3f93baea8f91220b72e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id
bntwPEMHiM2VGhRpRaGiN3p9n4.eWDa1
Content-Encoding
gzip
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Date
Fri, 27 Jan 2023 09:14:04 GMT
Age
36
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 18 Jan 2023 16:29:54 GMT
Server
AmazonS3
Etag
W/"0746318b259b1f107827e097348569d8"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
vynPz3w1q6duyc8yGMxV7xL47ueNHuLDQsiApcWblIFb2KATroxDrQ==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/KVN3M4OXKVAUVB7QGCJCDY/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:211a:c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id
CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Date
Fri, 27 Jan 2023 07:41:08 GMT
Via
1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
Age
10244
X-Amz-Cf-Pop
VIE50-C2
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 01 Dec 2022 00:29:34 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
wtBiS73zMJZxY90wmwdGQH_fRkAiARZFL3aY2a8Tak0OtNSf7AdmHQ==

Redirect headers

Date
Fri, 27 Jan 2023 06:01:57 GMT
Via
1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
Age
11527
X-Amz-Cf-Pop
VIE50-C2
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
ixJP3YJlUuK-HYdn4sgABpVLTzATHA-sWHQ4P3IUHg0tZ2SYJwl17w==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/KVN3M4OXKVAUVB7QGCJCDY/JBJAAUIN4FGKTJZHIU6MWO/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:211a:c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Fri, 27 Jan 2023 07:24:29 GMT
Via
1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
Age
6602
X-Amz-Cf-Pop
VIE50-C2
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
KCc2aQLZXqNuGlpO6uYdGZMhzK4340EO9Wx5UtUovwsUOF08B7sBeA==

Redirect headers

Date
Fri, 27 Jan 2023 07:36:39 GMT
Via
1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
Age
5845
X-Amz-Cf-Pop
VIE50-C2
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
-H4ZFP716WHSqFdhQO-HvX3lDzCk1CUqlY2sR2_RpRdMwaOwMR2dpw==
index.js
s.adroll.com/j/pre/KVN3M4OXKVAUVB7QGCJCDY/JBJAAUIN4FGKTJZHIU6MWO/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/KVN3M4OXKVAUVB7QGCJCDY/JBJAAUIN4FGKTJZHIU6MWO/index.js
Requested by
Host: a.adroll.com
URL: http://a.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id
s45KoLfPg51xbxVjfTleYjoT2Z9K2GQY
Date
Fri, 27 Jan 2023 09:14:05 GMT
Via
1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
Age
3290
X-Amz-Cf-Pop
VIE50-C2
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 25 Jan 2023 13:27:15 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
09D78o6d6BYchHIelD2J7X9DXVqLuGJgRt8tnaL1UqctEH9fNsT96A==
KVN3M4OXKVAUVB7QGCJCDY
d.adroll.com/consent/check/ 		463 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/KVN3M4OXKVAUVB7QGCJCDY?pv=33477111090.186672&arrfrr=http%3A%2F%2Ff.revotas.com%2Ffrm%2Fsv%2Fsb%3Ffid%3D1328289%26rr%3D10208050%26rk%3D4jjY%26c%3D30338900&_s=13f8695960ad8dd735474a8aecc2f9ab&_b=2
Requested by
Host: a.adroll.com
URL: http://a.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:6ad2:4f5e:efba:26cb Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
a415eafcf8521dcbce7b5dd69e6ee9d04b2a395c605a4100143ca8d4fdece88c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.revotas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 09:14:05 GMT
server
nginx/1.22.0
content-length
463
content-type
application/javascript

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange number| submitcount function| submitForm function| isEmail function| checkEmail string| adroll_adv_id string| adroll_pix_id string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal object| google_conversion_id object| google_conversion_language object| google_conversion_format object| google_conversion_color object| google_conversion_label object| google_conversion_value function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_currency object| google_conversion_domain object| google_disable_viewthrough object| google_gtag_event_data object| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments boolean| __adroll_loaded string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

6 Cookies

Domain/Path Name / Value
.f.revotas.com/ Name: __utma
Value: 115622225.2018577719.1674810845.1674810845.1674810845.1
.f.revotas.com/ Name: __utmc
Value: 115622225
.f.revotas.com/ Name: __utmz
Value: 115622225.1674810845.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.f.revotas.com/ Name: __utmt
Value: 1
.f.revotas.com/ Name: __utmb
Value: 115622225.1.10.1674810845
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
javascript warning URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900(Line 69)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://f.revotas.com/frm/sv/sb?fid=1328289&rr=10208050&rk=4jjY&c=30338900(Line 69)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.