URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Submission: On January 26 via manual from IL — Scanned from DE

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 18 HTTP transactions. The main IP is 18.159.175.214, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is c1.alladtracks.com.
This is the only time c1.alladtracks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
2 google.de
www.google.de — Cisco Umbrella Rank: 5557
611 B
2 google.com
www.google.com — Cisco Umbrella Rank: 13
611 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
2 KB
2 analytickz.com
de-pacman.analytickz.com — Cisco Umbrella Rank: 320961
322 B
2 cloudfront.net
d2b4jmuffp1l21.cloudfront.net
213 KB
1 dcbprotect.com
notify.dcbprotect.com — Cisco Umbrella Rank: 235133
313 B
1 sam-media.com
de-pacman.sam-media.com
264 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
73 KB
1 tallymans.com
de-ads.tallymans.com
24 KB
1 alladtracks.com
c1.alladtracks.com
11 KB
18 12
Domain Requested by
2 www.google.de c1.alladtracks.com
2 www.google.com c1.alladtracks.com
2 www.google-analytics.com www.googletagmanager.com
c1.alladtracks.com
2 de-pacman.analytickz.com c1.alladtracks.com
2 d2b4jmuffp1l21.cloudfront.net c1.alladtracks.com
1 notify.dcbprotect.com de-ads.tallymans.com
1 stats.g.doubleclick.net www.google-analytics.com
1 de-pacman.sam-media.com d2b4jmuffp1l21.cloudfront.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com c1.alladtracks.com
1 de-ads.tallymans.com c1.alladtracks.com
1 c1.alladtracks.com
18 13

This site contains links to these domains. Also see Links.

Domain
mobivas.gr
www.mesa.com.gr
Subject Issuer Validity Valid
*.analytickz.com
R3
2021-12-30 -
2022-03-30
3 months crt.sh
de-ads.tallymans.com
R3
2021-12-10 -
2022-03-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.sam-media.com
Go Daddy Secure Certificate Authority - G2
2021-02-24 -
2022-01-29
a year crt.sh
www.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh

This page contains 1 frames:

Primary Page: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Frame ID: 2B0258B685551D845FE3C69BADC10F6E
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Verify Number

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

18
Requests

72 %
HTTPS

67 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

361 kB
Transfer

1201 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request x1qnb
c1.alladtracks.com/
25 KB
11 KB
Document
General
Full URL
http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
HTTP/1.1
Server
18.159.175.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-175-214.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c66e4248a38a65b262b164d02ead1ef7655aa1766e0bedc937f9d30a07f0c720

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 26 Jan 2022 13:47:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-page-name
g-look3-tallyman.v1-mo
Cache-Control
no-transform
Content-Encoding
gzip
main.3842b55e.css
d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/css/
21 KB
7 KB
Stylesheet
General
Full URL
http://d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/css/main.3842b55e.css
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
HTTP/1.1
Server
2600:9000:214f:6200:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d47209b4ea86960f3051c936641daf415579f377749ac94278c7335236a5105a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 05:24:10 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 02 Dec 2021 15:15:39 GMT
Server
AmazonS3
Age
116612
ETag
W/"60ae3be23f555a2d353ed3b217bfdbeb"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css; charset=utf-8
Via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
nPm6vbyAoGkpTvgrCLGgI2Lkjy0vT3e1b-PkH9fOywEUslcMNMGlnA==
main.f0d682e930deacf9a0d9.js
d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/js/
739 KB
206 KB
Script
General
Full URL
http://d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/js/main.f0d682e930deacf9a0d9.js
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
HTTP/1.1
Server
2600:9000:214f:6200:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4860759c6d03e5b39a26844a9c4ba647e280b0cb8a2f7ba939be821f4d660706

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 10:39:36 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 02 Dec 2021 11:13:56 GMT
Server
AmazonS3
Age
184086
ETag
W/"5601bf96196684556e7ce3d72111c594"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
z0BqEVQq7Uje3YiBoThT6XpnWplpScRDLVGUz92TaLqlUG6x79ucbg==
mstore
de-pacman.analytickz.com/api/v2/
43 B
322 B
Image
General
Full URL
https://de-pacman.analytickz.com/api/v2/mstore?r=87da42407eae11eca79c33648be87d42&m=1&b=0&d[0][t]=image
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-181-99.eu-central-1.compute.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Jan 2022 13:47:41 GMT
Cache-control
private
Server
nginx/1.13.8
Access-Control-Allow-Headers
Content-Type
Transfer-Encoding
chunked
Content-Type
image/gif
/
de-ads.tallymans.com/tallyman/v1/
56 KB
24 KB
Script
General
Full URL
https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.224.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-224-59.eu-central-1.compute.amazonaws.com
Software
Apache / PHP/7.2.24-0ubuntu0.18.04.6
Resource Hash
68e9ec5c6e76c4f799bc74597ef698d1040cd2d488b99b833e41c07bf6385957

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 13:47:41 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.2.24-0ubuntu0.18.04.6
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-control
private
Content-Length
23894
gtm.js
www.googletagmanager.com/
263 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dccbe68e3f85fc863ac686b6aa72b79a1f03303acf9b32fb25cec1eeca00e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:47:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74741
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jan 2022 13:47:41 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2846fb612475e4f1c8fafc796d12d907154f68aad3814d1505c3532641f7b87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756dafb52687eac0ff3997e1622f27193b949ccba8a75e6a8931e838a538f1de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://d2b4jmuffp1l21.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd84a814df1ce43de49d0eb48e8270d6ff9442be64f5376419657ea8bff671db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://d2b4jmuffp1l21.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2
Protocol
HTTP/1.1
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 26 Jan 2022 13:47:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17539559064140624452
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
14855
X-XSS-Protection
0
Expires
Wed, 26 Jan 2022 13:47:41 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/754261975/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754261975/?random=1643204861257&cv=9&fst=1643204861257&num=1&label=v4O8CMCO_aEBENe_1OcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&tiba=Verify%20Number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66ce2bccc6d0fad34addb93b73a05f376918527c3f50f617bd56f536c96df508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1082
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mstore
de-pacman.sam-media.com/api/v2/
0
264 B
XHR
General
Full URL
https://de-pacman.sam-media.com/api/v2/mstore
Requested by
Host: d2b4jmuffp1l21.cloudfront.net
URL: http://d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/js/main.f0d682e930deacf9a0d9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-181-99.eu-central-1.compute.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://c1.alladtracks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Jan 2022 13:47:41 GMT
Server
nginx/1.13.8
Access-Control-Allow-Headers
Content-Type
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
767
date
Wed, 26 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 26 Jan 2022 15:34:54 GMT
/
www.google.com/pagead/1p-user-list/754261975/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/754261975/?random=1643204861257&cv=9&fst=1643202000000&num=1&label=v4O8CMCO_aEBENe_1OcC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&frm=0&url=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&tiba=Verify%20Number&async=1&fmt=3&is_vtc=1&random=2934339024&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/754261975/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/754261975/?random=1643204861257&cv=9&fst=1643202000000&num=1&label=v4O8CMCO_aEBENe_1OcC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&frm=0&url=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&tiba=Verify%20Number&async=1&fmt=3&is_vtc=1&random=2934339024&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-136232877-11&cid=1813760833.1643204862&jid=1755144040&gjid=81704861&_gid=1962415773.1643204862&_u=YGBAgEABAAAAAE~&z=925772470
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://c1.alladtracks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 26 Jan 2022 13:47:41 GMT
content-type
text/plain
access-control-allow-origin
http://c1.alladtracks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=586130036&t=pageview&_s=1&dl=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&dp=g-look3-tallyman.v1-mo&ul=en-us&de=UTF-8&dt=Verify%20Number&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1755144040&gjid=81704861&cid=1813760833.1643204862&tid=UA-136232877-11&_gid=1962415773.1643204862&gtm=2wg1o0N8MFSR2&cd1=GGNB&cd2=x1qnb&z=770783656
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 18:08:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70768
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-136232877-11&cid=1813760833.1643204862&jid=1755144040&_u=YGBAgEABAAAAAE~&z=1449807307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-136232877-11&cid=1813760833.1643204862&jid=1755144040&_u=YGBAgEABAAAAAE~&z=1449807307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c1.alladtracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
A1080291493350044896297369704224432213086355587072
notify.dcbprotect.com/
0
313 B
XHR
General
Full URL
http://notify.dcbprotect.com/A1080291493350044896297369704224432213086355587072
Requested by
Host: de-ads.tallymans.com
URL: https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart
Protocol
HTTP/1.1
Server
2a05:d018:d54:2a01:ca24:18d7:9174:8ed1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://c1.alladtracks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Jan 2022 13:47:42 GMT
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
mstore
de-pacman.analytickz.com/api/v2/
0
0
Fetch
General
Full URL
https://de-pacman.analytickz.com/api/v2/mstore
Requested by
Host: c1.alladtracks.com
URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-181-99.eu-central-1.compute.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash

Request headers

Referer
http://c1.alladtracks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Jan 2022 13:47:42 GMT
Server
nginx/1.13.8
Access-Control-Allow-Headers
Content-Type
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| event object| pac_analytics object| dataLayer function| gtag object| designer_obj object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| fraudeur boolean| has_K911_script string| billing_url function| evina_notify string| tid object| regeneratorRuntime object| pacman string| GoogleAnalyticsObject function| ga function| report_ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
c1.alladtracks.com/ Name: userId
Value: 87da42407eae11eca79c33648be87d42
c1.alladtracks.com/ Name: abTestVariant
Value: a
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.alladtracks.com/ Name: _ga
Value: GA1.2.1813760833.1643204862
.alladtracks.com/ Name: _gid
Value: GA1.2.1962415773.1643204862
.alladtracks.com/ Name: _dc_gtm_UA-136232877-11
Value: 1

2 Console Messages

Source Level URL
Text
other warning URL: https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.alladtracks.com
d2b4jmuffp1l21.cloudfront.net
de-ads.tallymans.com
de-pacman.analytickz.com
de-pacman.sam-media.com
googleads.g.doubleclick.net
notify.dcbprotect.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.226
18.159.175.214
18.196.181.99
2600:9000:214f:6200:f:4439:7640:93a1
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c08::9a
2a05:d018:d54:2a01:ca24:18d7:9174:8ed1
52.58.224.59
4860759c6d03e5b39a26844a9c4ba647e280b0cb8a2f7ba939be821f4d660706
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
66ce2bccc6d0fad34addb93b73a05f376918527c3f50f617bd56f536c96df508
68e9ec5c6e76c4f799bc74597ef698d1040cd2d488b99b833e41c07bf6385957
756dafb52687eac0ff3997e1622f27193b949ccba8a75e6a8931e838a538f1de
7dccbe68e3f85fc863ac686b6aa72b79a1f03303acf9b32fb25cec1eeca00e48
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
bd84a814df1ce43de49d0eb48e8270d6ff9442be64f5376419657ea8bff671db
c66e4248a38a65b262b164d02ead1ef7655aa1766e0bedc937f9d30a07f0c720
d47209b4ea86960f3051c936641daf415579f377749ac94278c7335236a5105a
e2846fb612475e4f1c8fafc796d12d907154f68aad3814d1505c3532641f7b87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629