c1.alladtracks.com Open in urlscan Pro
18.159.175.214  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request x1qnb Show response c1.alladtracks.com/	25 KB 11 KB	25ms 11ms	Document text/html	18.159.175.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol HTTP/1.1 Server 18.159.175.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-175-214.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash c66e4248a38a65b262b164d02ead1ef7655aa1766e0bedc937f9d30a07f0c720 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.14.0 (Ubuntu) Date Wed, 26 Jan 2022 13:47:41 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive x-page-name g-look3-tallyman.v1-mo Cache-Control no-transform Content-Encoding gzip
GET H/1.1	200 OK	main.3842b55e.css d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/css/	21 KB 7 KB	32ms 12ms	Stylesheet text/css	2600:9000:214f:6200:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/css/main.3842b55e.css Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol HTTP/1.1 Server 2600:9000:214f:6200:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d47209b4ea86960f3051c936641daf415579f377749ac94278c7335236a5105a Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 25 Jan 2022 05:24:10 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 02 Dec 2021 15:15:39 GMT Server AmazonS3 Age 116612 ETag W/"60ae3be23f555a2d353ed3b217bfdbeb" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css; charset=utf-8 Via 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront) Cache-Control max-age=604800 Transfer-Encoding chunked X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id nPm6vbyAoGkpTvgrCLGgI2Lkjy0vT3e1b-PkH9fOywEUslcMNMGlnA==
GET H/1.1	200 OK	main.f0d682e930deacf9a0d9.js Show response d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/js/	739 KB 206 KB	33ms 13ms	Script application/javascript	2600:9000:214f:6200:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/js/main.f0d682e930deacf9a0d9.js Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol HTTP/1.1 Server 2600:9000:214f:6200:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4860759c6d03e5b39a26844a9c4ba647e280b0cb8a2f7ba939be821f4d660706 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 24 Jan 2022 10:39:36 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 02 Dec 2021 11:13:56 GMT Server AmazonS3 Age 184086 ETag W/"5601bf96196684556e7ce3d72111c594" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript; charset=utf-8 Via 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront) Cache-Control max-age=604800 Transfer-Encoding chunked X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id z0BqEVQq7Uje3YiBoThT6XpnWplpScRDLVGUz92TaLqlUG6x79ucbg==
GET H/1.1	200 OK	mstore de-pacman.analytickz.com/api/v2/	43 B 322 B	92ms 47ms	Image image/gif	18.196.181.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://de-pacman.analytickz.com/api/v2/mstore?r=87da42407eae11eca79c33648be87d42&m=1&b=0&d[0][t]=image Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-181-99.eu-central-1.compute.amazonaws.com Software nginx/1.13.8 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 26 Jan 2022 13:47:41 GMT Cache-control private Server nginx/1.13.8 Access-Control-Allow-Headers Content-Type Transfer-Encoding chunked Content-Type image/gif
GET H/1.1	200 OK	/ Show response de-ads.tallymans.com/tallyman/v1/	56 KB 24 KB	236ms 182ms	Script application/javascript	52.58.224.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.58.224.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-224-59.eu-central-1.compute.amazonaws.com Software Apache / PHP/7.2.24-0ubuntu0.18.04.6 Resource Hash 68e9ec5c6e76c4f799bc74597ef698d1040cd2d488b99b833e41c07bf6385957 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 26 Jan 2022 13:47:41 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/7.2.24-0ubuntu0.18.04.6 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-control private Content-Length 23894
GET H2	200	gtm.js Show response www.googletagmanager.com/	263 KB 73 KB	48ms 20ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2 Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7dccbe68e3f85fc863ac686b6aa72b79a1f03303acf9b32fb25cec1eeca00e48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 13:47:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74741 x-xss-protection 0 last-modified Wed, 26 Jan 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 26 Jan 2022 13:47:41 GMT
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e2846fb612475e4f1c8fafc796d12d907154f68aad3814d1505c3532641f7b87 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 756dafb52687eac0ff3997e1622f27193b949ccba8a75e6a8931e838a538f1de Request headers Accept-Language de-DE,de;q=0.9 Referer http://d2b4jmuffp1l21.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd84a814df1ce43de49d0eb48e8270d6ff9442be64f5376419657ea8bff671db Request headers Accept-Language de-DE,de;q=0.9 Referer http://d2b4jmuffp1l21.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	58ms 33ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2 Protocol HTTP/1.1 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Timing-Allow-Origin * Date Wed, 26 Jan 2022 13:47:41 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 17539559064140624452 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 14855 X-XSS-Protection 0 Expires Wed, 26 Jan 2022 13:47:41 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/754261975/	2 KB 2 KB	154ms 64ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754261975/?random=1643204861257&cv=9&fst=1643204861257&num=1&label=v4O8CMCO_aEBENe_1OcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&tiba=Verify%20Number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: http://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66ce2bccc6d0fad34addb93b73a05f376918527c3f50f617bd56f536c96df508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jan 2022 13:47:41 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1082 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	mstore Show response de-pacman.sam-media.com/api/v2/	0 264 B	260ms 68ms	XHR text/html	18.196.181.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de-pacman.sam-media.com/api/v2/mstore Requested by Host: d2b4jmuffp1l21.cloudfront.net URL: http://d2b4jmuffp1l21.cloudfront.net/os-ui/static/g-look3-tallyman.v1-mo/js/main.f0d682e930deacf9a0d9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-181-99.eu-central-1.compute.amazonaws.com Software nginx/1.13.8 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://c1.alladtracks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Wed, 26 Jan 2022 13:47:41 GMT Server nginx/1.13.8 Access-Control-Allow-Headers Content-Type Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	173ms 54ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 767 date Wed, 26 Jan 2022 13:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 26 Jan 2022 15:34:54 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/754261975/	42 B 548 B	180ms 62ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/754261975/?random=1643204861257&cv=9&fst=1643202000000&num=1&label=v4O8CMCO_aEBENe_1OcC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&frm=0&url=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&tiba=Verify%20Number&async=1&fmt=3&is_vtc=1&random=2934339024&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jan 2022 13:47:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/754261975/	42 B 548 B	181ms 63ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/754261975/?random=1643204861257&cv=9&fst=1643202000000&num=1&label=v4O8CMCO_aEBENe_1OcC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&frm=0&url=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&tiba=Verify%20Number&async=1&fmt=3&is_vtc=1&random=2934339024&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jan 2022 13:47:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	68ms 25ms	XHR text/plain	2a00:1450:400c:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-136232877-11&cid=1813760833.1643204862&jid=1755144040&gjid=81704861&_gid=1962415773.1643204862&_u=YGBAgEABAAAAAE~&z=925772470 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://c1.alladtracks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 26 Jan 2022 13:47:41 GMT content-type text/plain access-control-allow-origin http://c1.alladtracks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	11ms 10ms	Image image/gif	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=586130036&t=pageview&_s=1&dl=http%3A%2F%2Fc1.alladtracks.com%2Fx1qnb%3Fclickid%3D3542644670%26pubid%3D140363&dp=g-look3-tallyman.v1-mo&ul=en-us&de=UTF-8&dt=Verify%20Number&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1755144040&gjid=81704861&cid=1813760833.1643204862&tid=UA-136232877-11&_gid=1962415773.1643204862&gtm=2wg1o0N8MFSR2&cd1=GGNB&cd2=x1qnb&z=770783656 Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 25 Jan 2022 18:08:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 70768 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	57ms 32ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-136232877-11&cid=1813760833.1643204862&jid=1755144040&_u=YGBAgEABAAAAAE~&z=1449807307 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jan 2022 13:47:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	56ms 31ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-136232877-11&cid=1813760833.1643204862&jid=1755144040&_u=YGBAgEABAAAAAE~&z=1449807307 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://c1.alladtracks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jan 2022 13:47:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	A1080291493350044896297369704224432213086355587072 Show response notify.dcbprotect.com/	0 313 B	136ms 51ms	XHR text/html	2a05:d018:d54:2a01:ca24:18d7:9174:8ed1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://notify.dcbprotect.com/A1080291493350044896297369704224432213086355587072 Requested by Host: de-ads.tallymans.com URL: https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart Protocol HTTP/1.1 Server 2a05:d018:d54:2a01:ca24:18d7:9174:8ed1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://c1.alladtracks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Access-Control-Allow-Origin * Date Wed, 26 Jan 2022 13:47:42 GMT Content-Encoding gzip Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	mstore de-pacman.analytickz.com/api/v2/	0 0	54ms 28ms	Fetch text/html	18.196.181.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de-pacman.analytickz.com/api/v2/mstore Requested by Host: c1.alladtracks.com URL: http://c1.alladtracks.com/x1qnb?clickid=3542644670&pubid=140363 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-181-99.eu-central-1.compute.amazonaws.com Software nginx/1.13.8 / Resource Hash Request headers Referer http://c1.alladtracks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Wed, 26 Jan 2022 13:47:42 GMT Server nginx/1.13.8 Access-Control-Allow-Headers Content-Type Transfer-Encoding chunked Content-Type text/html; charset=UTF-8

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| event object| pac_analytics object| dataLayer function| gtag object| designer_obj object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| fraudeur boolean| has_K911_script string| billing_url function| evina_notify string| tid object| regeneratorRuntime object| pacman string| GoogleAnalyticsObject function| ga function| report_ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			c1.alladtracks.com/	1970-01-20 00:28:11	Name: userId Value: 87da42407eae11eca79c33648be87d42
			c1.alladtracks.com/	1970-01-20 00:28:11	Name: abTestVariant Value: a
			.doubleclick.net/	1970-01-20 00:26:45	Name: test_cookie Value: CheckForPermission
			.alladtracks.com/	1970-01-20 17:57:56	Name: _ga Value: GA1.2.1813760833.1643204862
			.alladtracks.com/	1970-01-20 00:28:11	Name: _gid Value: GA1.2.1962415773.1643204862
			.alladtracks.com/	1970-01-20 00:26:44	Name: _dc_gtm_UA-136232877-11 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://de-ads.tallymans.com/tallyman/v1/?action=evina-light-session-start&country=gr&rockman_id=87da42407eae11eca79c33648be87d42&tid=87da42407eae11eca79c33648be87d42:1643204861&slug=gr-wmi54213-mo&device=smart Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.alladtracks.com
d2b4jmuffp1l21.cloudfront.net
de-ads.tallymans.com
de-pacman.analytickz.com
de-pacman.sam-media.com
googleads.g.doubleclick.net
notify.dcbprotect.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.226
18.159.175.214
18.196.181.99
2600:9000:214f:6200:f:4439:7640:93a1
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c08::9a
2a05:d018:d54:2a01:ca24:18d7:9174:8ed1
52.58.224.59
4860759c6d03e5b39a26844a9c4ba647e280b0cb8a2f7ba939be821f4d660706
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
66ce2bccc6d0fad34addb93b73a05f376918527c3f50f617bd56f536c96df508
68e9ec5c6e76c4f799bc74597ef698d1040cd2d488b99b833e41c07bf6385957
756dafb52687eac0ff3997e1622f27193b949ccba8a75e6a8931e838a538f1de
7dccbe68e3f85fc863ac686b6aa72b79a1f03303acf9b32fb25cec1eeca00e48
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
bd84a814df1ce43de49d0eb48e8270d6ff9442be64f5376419657ea8bff671db
c66e4248a38a65b262b164d02ead1ef7655aa1766e0bedc937f9d30a07f0c720
d47209b4ea86960f3051c936641daf415579f377749ac94278c7335236a5105a
e2846fb612475e4f1c8fafc796d12d907154f68aad3814d1505c3532641f7b87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629