urlscan.io logo urlscan.io
SecurityTrails logo

www.auskunft.de Open in urlscan Pro
167.233.15.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://avalonacess.com/
Effective URL: https://www.auskunft.de/?rt=y
Submission: On May 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 10 countries across 40 domains to perform 176 HTTP transactions. The main IP is 167.233.15.201, located in Hallbergmoos, Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.
This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 209.15.13.134 13768 (COGECO-PEER1)
1 2 209.15.13.136 13768 (COGECO-PEER1)
2 54.174.112.67 14618 (AMAZON-AES)
15 167.233.15.201 24940 (HETZNER-AS)
1 52.222.158.86 16509 (AMAZON-02)
5 142.250.186.130 15169 (GOOGLE)
1 91.215.100.39 43407 (INFONLINE-AS)
3 95.216.224.232 24940 (HETZNER-AS)
1 2 91.215.100.40 43407 (INFONLINE-AS)
6 23.37.38.181 16625 (AKAMAI-AS)
3 15 185.33.221.90 29990 (ASN-APPNEX)
3 52.58.167.152 16509 (AMAZON-02)
18 34.98.64.218 15169 (GOOGLE)
6 104.16.190.66 13335 (CLOUDFLAR...)
2 5 37.157.4.23 198622 (ADFORM)
3 185.86.139.59 201081 (SMARTADSE...)
3 52.28.38.50 16509 (AMAZON-02)
4 69.173.144.141 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 104.109.91.53 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 18.197.81.144 16509 (AMAZON-02)
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 1 62.209.227.211 5588 (GTSCE GTS...)
5 27 104.108.145.8 16625 (AKAMAI-AS)
5 5 185.29.135.190 30419 (MEDIAMATH...)
1 2600:9000:21f... 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
11 16 142.250.186.34 15169 (GOOGLE)
2 2 104.111.237.88 16625 (AKAMAI-AS)
3 104.108.144.200 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 104.111.230.142 16625 (AKAMAI-AS)
3 3 2620:116:800d... 16509 (AMAZON-02)
3 4 37.157.4.39 198622 (ADFORM)
7 13.248.242.197 16509 (AMAZON-02)
4 68.232.35.16 15133 (EDGECAST)
3 6 52.46.130.13 16509 (AMAZON-02)
2 2 135.125.8.70 16276 (OVH)
1 185.33.221.52 29990 (ASN-APPNEX)
2 2 54.82.140.85 14618 (AMAZON-AES)
1 1 54.78.251.22 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 159.253.128.183 36351 (SOFTLAYER)
2 2 18.193.131.224 16509 (AMAZON-02)
1 2 52.48.137.92 16509 (AMAZON-02)
4 4 151.101.114.49 54113 (FASTLY)
1 3.126.56.137 16509 (AMAZON-02)
4 7 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
176 44
1    209.15.13.134 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
avalonacess.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
btpnav.com
2    54.174.112.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-112-67.compute-1.amazonaws.com
steinn-nik.com
15    167.233.15.201 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.201.15.233.167.clients.your-server.de
www.auskunft.de
1    52.222.158.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-86.cdg52.r.cloudfront.net
cdn-a.yieldlove.com
5    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de
script.ioam.de
3    95.216.224.232 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: server.alpha9.de
tracker.auskunft.de
2    91.215.100.40 (Germany)

ASN43407 (INFONLINE-AS, NL)
de.ioam.de
6    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
15    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    52.58.167.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
hb.adscale.de
18    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
yieldlove-d.openx.net
eu-u.openx.net
us-u.openx.net
6    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
5    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
3    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    52.28.38.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
4    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
50b7c75fa5f66f28d05f9c47a71582ea.safeframe.googlesyndication.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    104.109.91.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
js.adscale.de
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
12    18.197.81.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ih.adscale.de
1    2600:9000:20eb:4c00:12:6213:9cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
si.nuggad.net
1    2600:9000:206f:3200:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
nugmw.userreport.com
1    62.209.227.211 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
bbnaut.ibillboard.com
27    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    185.29.135.190 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2600:9000:21f3:2600:8:5c85:cdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sak.userreport.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
16    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
tracking.m6r.eu
3    104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
4    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ec-ns.sascdn.com
6    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
PTR: ns3184584.ip-135-125-8.eu
gu.dyntrk.com
1    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
2    54.82.140.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
1    54.78.251.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    18.193.131.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
Apex Domain
Subdomains		 Transfer
27 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
27 KB
21 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
133 KB
19 adscale.de
hb.adscale.de
js.adscale.de
ih.adscale.de
26 KB
19 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
63 KB
18 openx.net
yieldlove-d.openx.net
eu-u.openx.net
us-u.openx.net
5 KB
18 auskunft.de
www.auskunft.de
tracker.auskunft.de
152 KB
13 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
18 KB
9 adform.net
adx.adform.net
track.adform.net
c1.adform.net
4 KB
7 adsrvr.org
match.adsrvr.org
2 KB
7 googlesyndication.com
50b7c75fa5f66f28d05f9c47a71582ea.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
25 KB
6 amazon-adsystem.com
s.amazon-adsystem.com
3 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 districtm.io
dmx.districtm.io
cdn.districtm.io
465 B
5 mathtag.com
sync.mathtag.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 sascdn.com
ec-ns.sascdn.com
13 KB
4 google.com
adservice.google.com
www.google.com
2 KB
4 smartadserver.com
prg.smartadserver.com
csync.smartadserver.com
2 KB
3 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 google.de
adservice.google.de
1 KB
3 360yield.com
ice.360yield.com
930 B
3 ioam.de
script.ioam.de
de.ioam.de
10 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
996 B
2 w55c.net
pm.w55c.net
1 KB
2 advangelists.com
nep.advangelists.com
465 B
2 dyntrk.com
gu.dyntrk.com
850 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 userreport.com
nugmw.userreport.com
sak.userreport.com
34 KB
2 steinn-nik.com
steinn-nik.com
3 KB
2 btpnav.com
btpnav.com
3 KB
1 rlcdn.com
id.rlcdn.com
1 simpli.fi
um.simpli.fi
625 B
1 bttrack.com
bttrack.com
380 B
1 adroll.com
d.adroll.com
112 B
1 criteo.com
dis.criteo.com
514 B
1 ibillboard.com
bbnaut.ibillboard.com
352 B
1 nuggad.net
si.nuggad.net
511 B
1 yieldlove.com
cdn-a.yieldlove.com
120 KB
1 avalonacess.com
avalonacess.com
546 B
176 40
Domain Requested by
16 cm.g.doubleclick.net 11 redirects eu-u.openx.net
15 ib.adnxs.com 3 redirects cdn-a.yieldlove.com
acdn.adnxs.com
15 www.auskunft.de steinn-nik.com
www.auskunft.de
13 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
12 ih.adscale.de js.adscale.de
ih.adscale.de
9 eu-u.openx.net cdn-a.yieldlove.com
eu-u.openx.net
7 match.adsrvr.org eu-u.openx.net
ssum-sec.casalemedia.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
6 us-u.openx.net eu-u.openx.net
6 js-sec.indexww.com cdn-a.yieldlove.com
ssum-sec.casalemedia.com
6 htlb.casalemedia.com cdn-a.yieldlove.com
5 sync.mathtag.com 5 redirects
5 securepubads.g.doubleclick.net www.auskunft.de
securepubads.g.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 ec-ns.sascdn.com csync.smartadserver.com
4 c1.adform.net 3 redirects ssum-sec.casalemedia.com
4 js.adscale.de cdn-a.yieldlove.com
ih.adscale.de
4 fastlane.rubiconproject.com cdn-a.yieldlove.com
3 pixel.rubiconproject.com
3 pixel.quantserve.com 3 redirects
3 acdn.adnxs.com cdn-a.yieldlove.com
3 cdn.districtm.io cdn-a.yieldlove.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 ice.360yield.com cdn-a.yieldlove.com
3 prg.smartadserver.com cdn-a.yieldlove.com
3 adx.adform.net cdn-a.yieldlove.com
3 dmx.districtm.io cdn-a.yieldlove.com
3 yieldlove-d.openx.net cdn-a.yieldlove.com
3 hb.adscale.de cdn-a.yieldlove.com
3 tracker.auskunft.de www.auskunft.de
tracker.auskunft.de
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 nep.advangelists.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 eus.rubiconproject.com cdn-a.yieldlove.com
eus.rubiconproject.com
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 de.ioam.de 1 redirects www.auskunft.de
2 steinn-nik.com steinn-nik.com
2 btpnav.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.yahoo.com
1 id.rlcdn.com
1 ups.analytics.yahoo.com ssum-sec.casalemedia.com
1 um.simpli.fi 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 csync.smartadserver.com cdn-a.yieldlove.com
1 dis.criteo.com 1 redirects
1 sak.userreport.com si.nuggad.net
1 bbnaut.ibillboard.com 1 redirects
1 nugmw.userreport.com
1 si.nuggad.net 1 redirects
1 www.google.com tpc.googlesyndication.com
1 50b7c75fa5f66f28d05f9c47a71582ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 script.ioam.de www.auskunft.de
1 cdn-a.yieldlove.com www.auskunft.de
1 avalonacess.com 1 redirects
176 65

This site contains links to these domains. Also see Links.

Domain
presse.auskunft.de
www.alpha9marketing.com
Subject Issuer Validity Valid
*.auskunft.de
Sectigo RSA Domain Validation Secure Server CA		 2019-09-12 -
2021-09-11		 2 years crt.sh
cdn-a.yieldlove.com
Amazon		 2020-09-18 -
2021-10-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.ioam.de
Thawte TLS RSA CA G1		 2019-09-18 -
2021-12-17		 2 years crt.sh
tracker.auskunft.de
cPanel, Inc. Certification Authority		 2021-03-13 -
2021-06-11		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adscale.de
Amazon		 2021-05-09 -
2022-06-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA		 2020-10-23 -
2021-11-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.userreport.com
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-08 -
2022-04-13		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-11 -
2021-06-30		 2 months crt.sh

This page contains 21 frames:

Primary Page: https://www.auskunft.de/?rt=y
Frame ID: 7D7D68705BB58B4E0570F363603DF284
Requests: 81 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 56319C9702C0B5C43DBF132E2EEEB473
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B02CF7AD5D12C0557BEBA28E969C5947
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Frame ID: E600C1691B18D5A16B3B37466680CE21
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 75C1E6191E64774A69AA70F188C49CDE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 45269D22C6221655578D0AF7675D01C5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C71F98E7950A67CA989064CB73D77C01
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 1A921A1B3F5ED026B790E6F726255C49
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 456B1DF411D127734251603A69E2D784
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Frame ID: F67C05DCECDF5D3940E23A4F44116025
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4939781E1A6AB88948FEFB8F73FE89D6
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E9877BB3AC7FE8FC79D6390A72659386
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C8F240F00F5A3BC30400AB98516C090
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: 286A8DFC57EAC0D2E2AEDF3E44C6A2F8
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 88D51C26CEEF3F7077F1C34034DEF3D0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: D2FF2F1D424AAC6C451D5F10431D10A9
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: E6EAEA6A7CFED931F4A9A613EA8A8E7F
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: 7D9471BD82BD97B16C0683B6AD0F1AE2
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C8FA187CB4CE8AB1298AC4689EDD2D94
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BBCB8638AAF3A816804468D01BB3659A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B142BDDB6A0D544EABE3179DD0E114A6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://avalonacess.com/ HTTP 302
    http://btpnav.com/click?data=U0drdnRRR3dHdE5vczI3dmZYSWZhNzJfMjRpcDBhZXRTYURDUVBuSDFfR29kSGI0e... Page URL
  2. http://btpnav.com/Redirect/ HTTP 302
    http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b... Page URL
  3. http://steinn-nik.com/zcredirect?visitid=efccc1f2-be65-11eb-9a9b-0af87b92b1dd&type=js&browserWidth... Page URL
  4. https://www.auskunft.de/?rt=y Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

176
Requests

98 %
HTTPS

24 %
IPv6

40
Domains

65
Subdomains

44
IPs

10
Countries

639 kB
Transfer

1741 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://avalonacess.com/ HTTP 302
    http://btpnav.com/click?data=U0drdnRRR3dHdE5vczI3dmZYSWZhNzJfMjRpcDBhZXRTYURDUVBuSDFfR29kSGI0eWFkZmxPbU1hLVUxb2h3X1Qzel91cnJtZUEza1licHQyYWhNdzFUSW9ucG9kTzZHSDJZMVpfangzWWlMaFZ3d0treGtocEtBUFZjaHhkbktlZEMxazJnckI2UVdJSHlIY0pKT25BMg2&id=05da7a20-1ea1-4b49-9a9f-c8e49f95d4d8 Page URL
  2. http://btpnav.com/Redirect/ HTTP 302
    http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
  3. http://steinn-nik.com/zcredirect?visitid=efccc1f2-be65-11eb-9a9b-0af87b92b1dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://www.auskunft.de/?rt=y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://avalonacess.com/ HTTP 302
  • http://btpnav.com/click?data=U0drdnRRR3dHdE5vczI3dmZYSWZhNzJfMjRpcDBhZXRTYURDUVBuSDFfR29kSGI0eWFkZmxPbU1hLVUxb2h3X1Qzel91cnJtZUEza1licHQyYWhNdzFUSW9ucG9kTzZHSDJZMVpfangzWWlMaFZ3d0treGtocEtBUFZjaHhkbktlZEMxazJnckI2UVdJSHlIY0pKT25BMg2&id=05da7a20-1ea1-4b49-9a9f-c8e49f95d4d8
Request Chain 1
  • http://btpnav.com/Redirect/ HTTP 302
  • http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Request Chain 17
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=steinn-nik.com&r2=http%3A%2F%2Fsteinn-nik.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0019&i2=0019cededcf2d8ce660aeb7d4&ep=1645893317&vr=424&id=qn28vx&i3=0019cededcf2d8ce660aeb7d4%3A1648933460233%3A1622063060233%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1622063060233&n1=1&dntt=0&lt=1622063060234&ev=&cs=vj4xho&mo=1 HTTP 302
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=steinn-nik.com&r2=http%3A%2F%2Fsteinn-nik.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0019&i2=0019cededcf2d8ce660aeb7d4&ep=1645893317&vr=424&id=qn28vx&i3=0019cededcf2d8ce660aeb7d4%3A1648933460233%3A1622063060233%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1622063060233&n1=1&dntt=0&lt=1622063060234&ev=&cs=vj4xho&mo=1&sr=71
Request Chain 81
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
  • https://nugmw.userreport.com/rc-ap/e3955416-a634-4498-a9cc-9fbf9b150ed2/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Request Chain 83
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=88e27fd3cdbb41ea8c9480ba23a62946&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=101&tpuid=BBID-01-02967770626641136-16297560
Request Chain 85
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=c243d4615a0ffbdedd7dee74d43d401ec8820bb9f5cc413b92fd93ab5526f360&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg&s=183592&tpid=63&uid=c243d4615a0ffbdedd7dee74d43d401ec8820bb9f5cc413b92fd93ab5526f360&C=1 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YK631iRw3IxKU1DQFNFSWgAA%261145
Request Chain 86
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=38a845723f50422dfa44d4e0fc6418a97d0139197e6fee9c0a47dd8c6f92a9f2&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
Request Chain 88
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c4d6aaedec3186fea3568af258cd5697a09f030ac2d57f5286ffe9d8ab98acb8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c4d6aaedec3186fea3568af258cd5697a09f030ac2d57f5286ffe9d8ab98acb8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=42&tpuid=6516209349515242746
Request Chain 89
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=9c536547ed9b8215ab80d2c4fa0d20ac89aaee9bd1cf7b3fd0da26586fd4fca7&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=17840b70-f50c-4720-8770-b64ef648411a
Request Chain 90
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=60db41892608d861be882c985559f8ab14853c34da7ce2b4aa6ba2d6ef1989ee&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f3da5accd392faba18aa13ffc3a1bae7c757eee0a5b25b95968d83c6c074a60e&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?uid=f3da5accd392faba18aa13ffc3a1bae7c757eee0a5b25b95968d83c6c074a60e&tpid=38&tpuid=CAESEGgg_iwCOV49vPc0NccqJl0&google_cver=1
Request Chain 92
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d5e985ef65b9ba6e36cd57622d9e5cd32883d8067eb47a0bacd37ca266028a3b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fjs HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d5e985ef65b9ba6e36cd57622d9e5cd32883d8067eb47a0bacd37ca266028a3b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fjs&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/js?tpid=48&tpuid=c14804932f24ae1aa00b3928b3a99ece
Request Chain 108
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Request Chain 109
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=yEVKDpxCT1zTTBhdykEGXc9NE1PTRU5dyRPbBBP_
Request Chain 110
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
Request Chain 118
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Request Chain 119
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=icp80N3NeYKSwy6G2pswjIjKfNeSwiyNicsSanui
Request Chain 120
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
Request Chain 124
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Request Chain 125
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cZ0T4CWaFrJqlEGzcMlfs3WdQbVqmRTgdJS9WxdO
Request Chain 126
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
Request Chain 134
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 135
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 136
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 137
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YK631iRw3IxKU1DQFNFSWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
Request Chain 138
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
Request Chain 141
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 144
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6cd6ab-f057-49e9-aff3-85ab24e3bee4
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
Request Chain 148
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YK631iRw3IxKU1DQFNFSWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
Request Chain 149
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Request Chain 150
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 152
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7278E5D0422441FFB1EE7C20736EE6C4&gdpr=1
Request Chain 153
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=72LSqLoc1LM0Hv5&gdpr=1
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
Request Chain 157
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Request Chain 158
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YK631iRw3IxKU1DQFNFSWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
Request Chain 159
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YK631iRw3IxKU1DQFNFSWgAA%261145?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YK631iRw3IxKU1DQFNFSWgAA%261145?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 160
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YK631wABWSB1PQA4 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YK631wABWSB1PQA4&gdpr=1&_test=YK631wABWSB1PQA4
Request Chain 161
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7a006746-f34b-4e7b-99de-50c8b351bf5c
Request Chain 164
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1A1WUdTUEstMjMtS0NCNw==
Request Chain 166
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YK631wABIJP56wBg HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YK631wABIJP56wBg&_test=YK631wABIJP56wBg
Request Chain 168
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgyODJiNDA0YmJlMTllZmIwNDI0ODQ4NWI2MGEwZTk3NmQ4N2I5Yg
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaO9hI-DRpJOopvWuISN8g&google_cver=1
Request Chain 170
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KP5YGSPK-23-KCB7&sigv=1&esig=2~1a37231dd43d53ab21a0ae7476a956b4c4373020
Request Chain 171
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S2thDSvuSeryTpH0QmPp5Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=891006646496722987

176 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set click
btpnav.com/
Redirect Chain
  • http://avalonacess.com/
  • http://btpnav.com/click?data=U0drdnRRR3dHdE5vczI3dmZYSWZhNzJfMjRpcDBhZXRTYURDUVBuSDFfR29kSGI0eWFkZmxPbU1hLVUxb2h3X1Qzel91cnJtZUEza1licHQyYWhNdzFUSW9ucG9kTzZHSDJZMVpfangzWWlMaFZ3d0treGtocEtBUFZjaHhk...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btpnav.com/click?data=U0drdnRRR3dHdE5vczI3dmZYSWZhNzJfMjRpcDBhZXRTYURDUVBuSDFfR29kSGI0eWFkZmxPbU1hLVUxb2h3X1Qzel91cnJtZUEza1licHQyYWhNdzFUSW9ucG9kTzZHSDJZMVpfangzWWlMaFZ3d0treGtocEtBUFZjaHhkbktlZEMxazJnckI2UVdJSHlIY0pKT25BMg2&id=05da7a20-1ea1-4b49-9a9f-c8e49f95d4d8
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e7f751aef62d8a25294805685e96d4dd5d2d20bf5e5cea409df0faa81dbd4fad

Request headers

Host
btpnav.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Set-Cookie
vliIhfNkThHgvJL=vliIhfNkThHgvJL; path=/
X-Server
web01
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Wed, 26 May 2021 21:04:18 GMT
Content-Length
2180

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://btpnav.com/click?data=U0drdnRRR3dHdE5vczI3dmZYSWZhNzJfMjRpcDBhZXRTYURDUVBuSDFfR29kSGI0eWFkZmxPbU1hLVUxb2h3X1Qzel91cnJtZUEza1licHQyYWhNdzFUSW9ucG9kTzZHSDJZMVpfangzWWlMaFZ3d0treGtocEtBUFZjaHhkbktlZEMxazJnckI2UVdJSHlIY0pKT25BMg2&id=05da7a20-1ea1-4b49-9a9f-c8e49f95d4d8
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web01
Date
Wed, 26 May 2021 21:04:18 GMT
Connection
close
Content-Length
393
fa8076ca-64e7-4648-95fb-59f8b6b1f6e1
steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/
Redirect Chain
  • http://btpnav.com/Redirect/
  • http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
998 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Protocol
HTTP/1.1
Server
54.174.112.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-112-67.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
9f1448b95a6a11130d4ff4839d1f1702c4861e3c7811cc6724743f37e4b76f82
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
steinn-nik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://btpnav.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://btpnav.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://btpnav.com/

Response headers

Date
Wed, 26 May 2021 21:04:19 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web01
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Wed, 26 May 2021 21:04:18 GMT
Content-Length
270
zcredirect
steinn-nik.com/ 		240 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
http://steinn-nik.com/zcredirect?visitid=efccc1f2-be65-11eb-9a9b-0af87b92b1dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: steinn-nik.com
URL: http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Protocol
HTTP/1.1
Server
54.174.112.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-112-67.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
8233428f4a24209f98d55daf9ae15e0718579000903337f78a20065d2681a9b3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
steinn-nik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://steinn-nik.com/zcvisitor/efccc1f2-be65-11eb-9a9b-0af87b92b1dd/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Date
Wed, 26 May 2021 21:04:19 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request /
www.auskunft.de/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/?rt=y
Requested by
Host: steinn-nik.com
URL: http://steinn-nik.com/zcredirect?visitid=efccc1f2-be65-11eb-9a9b-0af87b92b1dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
0ce9d9fb6cf3ce5421bc9018629f81b0468e9cd076e74c519c11375ec0ff8138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.auskunft.de
:scheme
https
:path
/?rt=y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://steinn-nik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://steinn-nik.com/

Response headers

accept-ranges
bytes
age
0
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 26 May 2021 21:04:13 GMT
expires
Wed, 09 Jun 2021 23:04:19 GMT
pragma
no-cache
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
auskunft.c688b075af97f61dac871d794e2ed0b0.woff2
www.auskunft.de/assets/bundles/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/auskunft.c688b075af97f61dac871d794e2ed0b0.woff2
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
d3302542a5cb48952467539fee7065b4811d8d574c6d4c83e1a20f4f440780be

Request headers

:path
/assets/bundles/auskunft.c688b075af97f61dac871d794e2ed0b0.woff2
pragma
no-cache
origin
https://www.auskunft.de
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.auskunft.de
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:02:33 GMT
last-modified
Tue, 25 May 2021 08:36:35 GMT
etag
"60acb713-39dc"
content-type
application/octet-stream
cache-control
public
accept-ranges
bytes
content-length
14812
expires
Fri, 25 Jun 2021 21:04:20 GMT
main-index.3943f6f1ff00f8207b49.css
www.auskunft.de/assets/bundles/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main-index.3943f6f1ff00f8207b49.css
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
abb8e9009f08010640f4fa14a29939ec45229766644ce74df3b11af44824ea0b

Request headers

:path
/assets/bundles/main-index.3943f6f1ff00f8207b49.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:02:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
etag
"60acb713-d9fe"
vary
Accept-Encoding
content-type
text/css
cache-control
public
accept-ranges
bytes
content-length
13382
expires
Fri, 25 Jun 2021 21:04:20 GMT
yieldlove-bidder.js
cdn-a.yieldlove.com/ 		403 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-86.cdg52.r.cloudfront.net
Software
/ Express
Resource Hash
22df8e4abc7410810527a2a0fb82df56002546ae1b14cb28582b05570a0d22c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 20:34:13 GMT
content-encoding
gzip
etag
"64a05-d2dMzRx5g/fHuhhGz/bU6OwPZZ0"
age
1848
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
g0CXtkonWtRXe-_h_KrlD2eYHYQ-39sWstY1un1lvTTmD5lb6HWjcQ==
via
1.1 1713affce12abff65dc8b74f1260c723.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e52d06ff5d17453294dc5059cf0fbb66308b11fbfaccbd16a2116ef1a5d956ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"884 / 730 of 1000 / last-modified: 1622027602"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21405
x-xss-protection
0
expires
Wed, 26 May 2021 21:04:20 GMT
auskunft_de_logo.webp
www.auskunft.de/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5

Request headers

:path
/img/auskunft_de_logo.webp?v=20170717
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:03:03 GMT
last-modified
Fri, 21 Jul 2017 08:52:49 GMT
age
0
etag
"5971c0e1-4ee"
content-type
image/webp
cache-control
public
accept-ranges
bytes
content-length
1262
expires
Fri, 25 Jun 2021 21:04:20 GMT
auskunft_de_logo_bubble_white.png
www.auskunft.de/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/auskunft_de_logo_bubble_white.png
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
7308dc6dd335964ca45b89f31b5570bb22337e0286e80eec2ee71e9800ab1e34

Request headers

:path
/img/auskunft_de_logo_bubble_white.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:04:03 GMT
last-modified
Mon, 04 Jan 2021 13:50:23 GMT
etag
"5ff31d1f-1393"
content-type
image/png
cache-control
public
accept-ranges
bytes
content-length
5011
expires
Fri, 25 Jun 2021 21:04:20 GMT
geo-location-icon_index.svg
www.auskunft.de/img/ 		812 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/geo-location-icon_index.svg
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
c285249174df5820775029de102f702bfddba0c0a7fa21f2f52350b0ac87274c

Request headers

:path
/img/geo-location-icon_index.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:04:13 GMT
last-modified
Wed, 16 Sep 2020 08:42:09 GMT
etag
"5f61cfe1-32c"
content-type
image/svg+xml
cache-control
public
accept-ranges
bytes
content-length
812
expires
Fri, 25 Jun 2021 21:04:20 GMT
main.00212ba2dac573ad093f.js
www.auskunft.de/assets/bundles/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
39845d75d27beed6570597f505613d63e4da16a0bb18f24bc8184a9f1841fe6f

Request headers

:path
/assets/bundles/main.00212ba2dac573ad093f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:02:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-189f3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
38419
expires
Fri, 25 Jun 2021 21:04:20 GMT
iam.js
script.ioam.de/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js?m=1
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script4.ioam.de
Software
nginx / BLACKBIRD-SRC v0.13 0019
Resource Hash
96a72dda7f410b0bff881d8d51cbc57037c48a4693e27dd994b6b9fe1c6f846c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 21:04:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 May 2021 21:04:20 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.13 0019
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Wed, 26 May 2021 23:04:20 GMT
container_XeGgyOy3.js
tracker.auskunft.de/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.auskunft.de/js/container_XeGgyOy3.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.224.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.alpha9.de
Software
Apache /
Resource Hash
080151775ec00e445940ccdaee1eeeaec7b94ff71b73bd57650b4131251b1f7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
br
last-modified
Mon, 22 Feb 2021 13:50:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7710
matomo.js
tracker.auskunft.de/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.auskunft.de/matomo.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.224.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.alpha9.de
Software
Apache /
Resource Hash
c55802f234ad7b9b16b8d6f0950f46b1214db417d3f687ec27646ed754cd1168

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
br
last-modified
Tue, 18 May 2021 10:15:11 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
19577
vendors~app.eb54f2d6d9eab12a74bd.js
www.auskunft.de/assets/bundles/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/vendors~app.eb54f2d6d9eab12a74bd.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
44def21c886f7173834d5d539d235ad4864c89ebd7b6a560dd19d4bcfec7ab66

Request headers

:path
/assets/bundles/vendors~app.eb54f2d6d9eab12a74bd.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:03:13 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-d1fb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
21702
expires
Fri, 25 Jun 2021 21:04:20 GMT
app.1306c8a00ace0ca951dd.js
www.auskunft.de/assets/bundles/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/app.1306c8a00ace0ca951dd.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
5778d71061efc14231ba194b75611abc19182f97e30aae8ce1e1236de2901a0f

Request headers

:path
/assets/bundles/app.1306c8a00ace0ca951dd.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:03:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-97a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
11788
expires
Fri, 25 Jun 2021 21:04:20 GMT
pubads_impl_2021052001.js
securepubads.g.doubleclick.net/gpt/ 		309 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
d99bf1ea70a90213bc28437d4413da189cf244d2b80fba2ccb42de0b3d639727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 08:43:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110970
x-xss-protection
0
expires
Wed, 26 May 2021 21:04:20 GMT
tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=steinn-nik.com&r2=http%3A%2F%2Fsteinn-nik.com%2F&ur=www.auskunft.de&xy=160...
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=steinn-nik.com&r2=http%3A%2F%2Fsteinn-nik.com%2F&ur=www.auskunft.de&xy=160...
0
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=steinn-nik.com&r2=http%3A%2F%2Fsteinn-nik.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0019&i2=0019cededcf2d8ce660aeb7d4&ep=1645893317&vr=424&id=qn28vx&i3=0019cededcf2d8ce660aeb7d4%3A1648933460233%3A1622063060233%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1622063060233&n1=1&dntt=0&lt=1622063060234&ev=&cs=vj4xho&mo=1&sr=71
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
Software
nginx / BLACKBIRD-RCV v1.06.2 0038
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 21:04:20 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.06.2 0038
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Wed, 26 May 2021 21:04:20 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.06.2 0038
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Wed, 26 May 2021 21:04:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=steinn-nik.com&r2=http%3A%2F%2Fsteinn-nik.com%2F&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=0019&i2=0019cededcf2d8ce660aeb7d4&ep=1645893317&vr=424&id=qn28vx&i3=0019cededcf2d8ce660aeb7d4%3A1648933460233%3A1622063060233%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1622063060233&n1=1&dntt=0&lt=1622063060234&ev=&cs=vj4xho&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Tue, 26 May 2020 21:04:20 GMT
cygnus
htlb.casalemedia.com/ 		24 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392699&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22157cf79db62ed3%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fsteinn-nik.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22217ff6197873e8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223bd3669fa0ca35%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241f60176b52949%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2254b0e19d2b06cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f07d6a65616bed5477a46267da2d05d2742ad9b5b1814a01b578086f77e1cf8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Wed, 26 May 2021 21:04:20 GMT
cygnus
htlb.casalemedia.com/ 		24 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392699&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22157cf79db62ed3%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fsteinn-nik.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22217ff6197873e8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22video%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A4%7D%7D%2C%7B%22id%22%3A%2254b0e19d2b06cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22placement%22%3A4%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f07d6a65616bed5477a46267da2d05d2742ad9b5b1814a01b578086f77e1cf8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Wed, 26 May 2021 21:04:20 GMT
prebid
ib.adnxs.com/ut/v3/ 		136 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b693a143b99ae6b32fe7359ae55fb45da139b5f1383f5cf598dd2489eb02470b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:20 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid
60097b74-6ed0-490a-86b7-4f5a063aeb9c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
136
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dsh
hb.adscale.de/ 		11 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.167.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
content-type
text/plain
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
arj
yieldlove-d.openx.net/w/1.0/ 		172 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=39e01940-f32b-4202-94bd-603e3495f141%2Cc4038026-eba2-4852-a31a-1ce439c72dab&nocache=1622063060277&aus=300x250%2C200x200%2C250x250%7C728x90&divIds=%252F53015287%252Fauskunft.de_d_300x250_1%2C%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797124%2C540797111
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
f1a172253f3c8b1ad69c75aecb421b2eac30a568a269d755c1d21474a4721e96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.auskunft.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.auskunft.de
access-control-allow-credentials
true
cf-ray
6559f48f0debedf7-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
0a4c172d650000edf7d3bc5000000001
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPWM0MDM4MDI2LWViYTItNDg1Mi1hMzFhLTFjZTQzOWM3MmRhYg%3D%3D&pt=gross&stid=2c556d95-1868-4490-bfab-332adda83401&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		250 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
41ad027394d67929c53d50d03bbcd8bda0e4ae0199dbc01fdce1669afb7eafc7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:20 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid
661bd20e-bab9-4d39-98f8-318f05f62057
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:19 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
hb
ice.360yield.com/ 		95 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2228d548a3a0f8c31%22%2C%22version%22%3A%227.3.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22246e640c6feb443%22%2C%22pid%22%3A22324396%2C%22tid%22%3A%22c4038026-eba2-4852-a31a-1ce439c72dab%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1ecd03264e8ca2641e8790556f550db5baccc81a0865ad00a44f5226647456c2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.auskunft.de
date
Wed, 26 May 2021 21:04:20 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
fastlane.json
fastlane.rubiconproject.com/a/api/ 		264 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348702&size_id=15&alt_size_ids=13%2C14&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&tk_flint=pbjs_lite_v4.32.0&x_source.tid=39e01940-f32b-4202-94bd-603e3495f141&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.4177328725406739
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0e41b59155f61297f9bfdeaf8f84ba927fa918f1ab9960b7f6cf220b9c0963c6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:20 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348688&size_id=2&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&tk_flint=pbjs_lite_v4.32.0&x_source.tid=c4038026-eba2-4852-a31a-1ce439c72dab&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.9590454631536602
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5d2868c41a4df89a65d8d27f1f4257ccff3c761afc4826c9ae37a6190670a7fd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:20 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
geolocation.e84194f203f9744ac4e1.js
www.auskunft.de/assets/bundles/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/geolocation.e84194f203f9744ac4e1.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
cb6da34ac1bb91df124e5f2a23349e3e8689b917620c6bdbb1a8f0399f1a0e4b

Request headers

:path
/assets/bundles/geolocation.e84194f203f9744ac4e1.js
pragma
no-cache
cookie
iom_consent=0000000000&1622063060232; ioam2018=0019cededcf2d8ce660aeb7d4:1648933460233:1622063060233:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1622063060233:47tnj0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:04:03 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-1f59"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
2884
expires
Fri, 25 Jun 2021 21:04:20 GMT
navigation-dropdown.80de19ccb68153076f76.js
www.auskunft.de/assets/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/navigation-dropdown.80de19ccb68153076f76.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
51cd52a4c6ab80e31935fc8f57aba3463258d202337b6a51f4fc08aa0d4a52c6

Request headers

:path
/assets/bundles/navigation-dropdown.80de19ccb68153076f76.js
pragma
no-cache
cookie
iom_consent=0000000000&1622063060232; ioam2018=0019cededcf2d8ce660aeb7d4:1648933460233:1622063060233:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1622063060233:47tnj0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:03:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-2267"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
3049
expires
Fri, 25 Jun 2021 21:04:20 GMT
searchbar.a3b10604e86253f7a70b.js
www.auskunft.de/assets/bundles/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/searchbar.a3b10604e86253f7a70b.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
c60bc5ba9b0391fa0dffc3ab4e541add9045c2b52d066668c7ff3898bd2c88e5

Request headers

:path
/assets/bundles/searchbar.a3b10604e86253f7a70b.js
pragma
no-cache
cookie
iom_consent=0000000000&1622063060232; ioam2018=0019cededcf2d8ce660aeb7d4:1648933460233:1622063060233:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1622063060233:47tnj0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:03:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-2d8f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
4104
expires
Fri, 25 Jun 2021 21:04:20 GMT
searchbar-handle-sort.2b3803219fb26f2e2a71.js
www.auskunft.de/assets/bundles/ 		954 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/searchbar-handle-sort.2b3803219fb26f2e2a71.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
f9c7ce7a982b18f65e28666f546f07190240d036b2bcbd129ce6599703e37daa

Request headers

:path
/assets/bundles/searchbar-handle-sort.2b3803219fb26f2e2a71.js
pragma
no-cache
cookie
iom_consent=0000000000&1622063060232; ioam2018=0019cededcf2d8ce660aeb7d4:1648933460233:1622063060233:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1622063060233:47tnj0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:03:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-3ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
521
expires
Fri, 25 Jun 2021 21:04:20 GMT
session.77e0e59efe67c2ff8c80.js
www.auskunft.de/assets/bundles/ 		1 KB
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/session.77e0e59efe67c2ff8c80.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.00212ba2dac573ad093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
5a33a4f6d6cc645b4022182e74cf80072d6f0692684051d746e08d97e9982af2

Request headers

:path
/assets/bundles/session.77e0e59efe67c2ff8c80.js
pragma
no-cache
cookie
iom_consent=0000000000&1622063060232; ioam2018=0019cededcf2d8ce660aeb7d4:1648933460233:1622063060233:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1622063060233:47tnj0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 26 May 2021 21:02:23 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:36:35 GMT
age
0
etag
"60acb713-58b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
accept-ranges
bytes
content-length
577
expires
Fri, 25 Jun 2021 21:04:20 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		461 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880179184147244&correlator=1930448563942762&output=ldjh&impl=fifs&eid=31061311%2C31061149&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1622063060&dt=1622063060326&dlt=1622063060116&idt=191&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=844&adks=3358614790&ucis=1&ifi=1&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&ref=http%3A%2F%2Fsteinn-nik.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=1132427081.1622063060&ga_sid=1622063060&ga_hid=944700347&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0832858d4d125fd2ed916df1b8084a64046138c7da02dfe59d9b28ab812f76d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
50b7c75fa5f66f28d05f9c47a71582ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://50b7c75fa5f66f28d05f9c47a71582ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
user-data
www.auskunft.de/api/ 		62 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/api/user-data?features=geoLocationInformation
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/geolocation.e84194f203f9744ac4e1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.15.201 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.15.233.167.clients.your-server.de
Software
/
Resource Hash
17ec9306cf3776e9a261e143132370ba9657c07843d257d58dc5f3c15ee9f8e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
iom_consent=0000000000&1622063060232; ioam2018=0019cededcf2d8ce660aeb7d4:1648933460233:1622063060233:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1622063060233:47tnj0
:path
/api/user-data?features=geoLocationInformation
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.auskunft.de
referer
https://www.auskunft.de/?rt=y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.auskunft.de/?rt=y
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-frame-options
deny
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
AUSKUNFT_SESSION=094955in9uhmkv7cak5l545tfv; path=/; HttpOnly
accept-ranges
bytes
x-robots-tag
noindex
vary
Accept-Encoding
content-length
84
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 01:00:00 GMT
matomo.php
tracker.auskunft.de/ 		0
75 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.auskunft.de/matomo.php?action_name=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%2C%20Gesch%C3%A4ften%20und%20Jobs&idsite=1&rec=1&r=033563&h=23&m=4&s=20&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&urlref=http%3A%2F%2Fsteinn-nik.com%2F&_id=&_idn=1&_refts=1622063060&_ref=http%3A%2F%2Fsteinn-nik.com%2F&send_image=0&cookie=1&res=1600x1200&pv_id=n94BWi&devicePixelRatio=1&pf_net=34&pf_srv=168&pf_tfr=1&pf_dm1=67
Requested by
Host: tracker.auskunft.de
URL: https://tracker.auskunft.de/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.224.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.alpha9.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.auskunft.de
date
Wed, 26 May 2021 21:04:20 GMT
access-control-allow-credentials
true
server
Apache
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348688&size_id=2&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&tk_flint=pbjs_lite_v4.32.0&x_source.tid=23401998-7e65-4f2c-ad0a-11a5622432de&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5310256495130339
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5e33ecf3410fedea8b01a0f1f129e2575f013b518c627cc268fc4814cc8aa434

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:20 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
75ba4db5bc385eff582ad965562073f64914dc5f89b8a95b7849fc867af04d36
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:20 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.151:80
AN-X-Request-Uuid
27d0568f-14bd-4c24-a103-3deebbf0d8b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:19 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPTIzNDAxOTk4LTdlNjUtNGYyYy1hZDBhLTExYTU2MjI0MzJkZQ%3D%3D&pt=gross&stid=a1feabc5-1743-4046-9960-3cf02b232b3d&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238557db6ab666a4%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fsteinn-nik.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22393afe37cfa5115%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6986b5326fd82c430e4dbc8ada4ced5cc7092da2216f29e8f404e49ad2bba7a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 26 May 2021 21:04:20 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392698&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2238557db6ab666a4%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fsteinn-nik.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22393afe37cfa5115%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22placement%22%3A4%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6986b5326fd82c430e4dbc8ada4ced5cc7092da2216f29e8f404e49ad2bba7a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 26 May 2021 21:04:20 GMT
hb
ice.360yield.com/ 		94 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225084f58bcf620b%22%2C%22version%22%3A%227.3.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22419e9fb2a626094%22%2C%22pid%22%3A22324396%2C%22tid%22%3A%2223401998-7e65-4f2c-ad0a-11a5622432de%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c1f1e838e438d0a781963b28e3fb918d8af239ed2f6e32a7b1e995d1a3585136

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.auskunft.de
date
Wed, 26 May 2021 21:04:20 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
94
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
dmx.districtm.io/b/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.auskunft.de
access-control-allow-credentials
true
cf-ray
6559f4900fabedf7-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
0a4c172e050000edf7daa77000000001
dsh
hb.adscale.de/ 		11 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.167.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
content-type
text/plain
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
arj
yieldlove-d.openx.net/w/1.0/ 		172 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=23401998-7e65-4f2c-ad0a-11a5622432de&nocache=1622063060482&aus=728x90&divIds=%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797111
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
dda23db069e99f03a33bc55c69f0ed43436edb08a37832537fd2578dfccaa09a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.auskunft.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
342a4244c477c421e471d1def9747600c59238c46e372b74c20f58414b94c042
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:20 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid
605d275f-f254-4d35-8ccd-0f24888f682d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37318672f4879df3a9fa1001cb72a574a42658bd4ba07b31883d285023168661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8303
x-xss-protection
0
userconnect.js
js.adscale.de/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.91.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CUPSr8q.QV2oSyR2A.ML6bPH0Do36WHb
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 23:35:53 GMT
Server
AmazonS3
x-amz-request-id
1W1HGH7AAR2M8XBN
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Date
Wed, 26 May 2021 21:04:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
YWKaECb6FVzgzqRsIbyI318vUT1dV9LJjz5zFDUT8TrpFbT7CLGzmpMnGg4iiMaTV5+jGwUWKNc=
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 26 May 2021 21:04:20 GMT
userconnect.js
js.adscale.de/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.91.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CUPSr8q.QV2oSyR2A.ML6bPH0Do36WHb
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 23:35:53 GMT
Server
AmazonS3
x-amz-request-id
1W1HGH7AAR2M8XBN
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Date
Wed, 26 May 2021 21:04:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
YWKaECb6FVzgzqRsIbyI318vUT1dV9LJjz5zFDUT8TrpFbT7CLGzmpMnGg4iiMaTV5+jGwUWKNc=
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5631 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 26 May 2021 19:11:40 GMT
expires
Thu, 26 May 2022 19:11:40 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6760
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B02C 		783 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8dff041f31a4501274e49ecb2a311bc327370bf9c4e1725b59b8c7b92147689c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ebdP+UK7tJ7Dbn7L6SRAIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 26 May 2021 21:04:20 GMT
date
Wed, 26 May 2021 21:04:20 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ebdP+UK7tJ7Dbn7L6SRAIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js
pagead2.googlesyndication.com/bg/ Frame 5631 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 15:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
21223
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
expires
Thu, 26 May 2022 15:10:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052001&jk=1880179184147244&bg=!CAulC0_NAAZ7hX_Ue4U7ACkAdvg8WiDwsDIwjabIdGPrAxWIiCGBjOxmA6VZgdCI3o5c73xfV0IIcgIAAABnUgAAAAxoAQcKADfgD7FzdLB8QxGpiDUPRZf2lUtXXr35b7LbJHVeV_oNqDyeNx7Ir4UOJg-Mr9m1YE9HnNsjgrdLmQJV_MQZI-YhBF4pVrkncbH607mtFk8JPLvv2aDL5_bx7nzt-lh6Moez1bPlNGWUwfhDRNO8TWbdgcWT0e64J3CAP94FpsqeuilVxCUdaIztVmQkfRn1OorY8n_UGn65V6GTBjtqcbgSA4wBor0d5zzwuaPhDDQzdYJ1-x6lhO-k7Pgj8a9Ck33fKSdxs6LVyvMn82fyMUAmdlft450isGGg_PHRvPUWDJgB64h9X1QLSpq1FtQ-zEoI6IJmhBg0MOsx2TtqlxpeumlAjNrqd5J3CRsW59ci2ge_7FtlPz_XlIRR79uzOTeIiJkLOjqAPGBqOYHXfHRyKO1THFvFoqd4rXfI7tvF7eHKUWnAi-DaLBr21HXSdE4bqWg9O7iBrLSLSy93QlfZDv0Cm-A-AE11pI7THcFzOYK4-EaDtpgwsGHr3pkSfBFIcNuYVJHgmNY-USL2Gox_K3Hpd_lCvV9Nt82UFWyWbvKyiwICLPkltiHRuzjZsWpajMZUtfkUVGQVKPmPTZ4khm3F-GpCMtddSucCW_adO0Eu-nP7JZ8aGpiurk99-Vd6qLeMsdK0PvraLWnl22_hIc421dZ0DUnPW2aWoKeVW1JkGXakdH0r5vcWudQFEoTpX9RxIuyHtzwekTWo_Qo4gMasnEGxCDRNaxNp5zDEEWrF4IE4pHs0-v4rgb-uLNyaMYsaQKkdPVPbQu84lB9uT61rwvH8lX3Q8x-yQo7irGNCIzpUvAb5TJRB-Y02AuxSfadCGzDfGS2m1aWpE7hHTbNY930zXjALOfK3-PoJ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		455 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880179184147244&correlator=131183612902457&output=ldjh&impl=fifs&eid=31061311%2C31061149%2C44714449&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=1&rcs=1&prev_scp=yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A19965.po%253Adefault%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1%26yieldlove_empty_fb%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1622063061&dt=1622063061616&dlt=1622063060116&idt=191&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=844&adks=3358614790&ucis=2&ifi=2&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&ref=http%3A%2F%2Fsteinn-nik.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=1132427081.1622063060&ga_sid=1622063060&ga_hid=944700347&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
462f672c31ca89d8c85e15f7a235e9dec76f1a2798dcbaaa1de808214444846c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
arj
yieldlove-d.openx.net/w/1.0/ 		172 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=44b8a52e-700f-4553-adc9-9d10f7b44218&nocache=1622063061834&aus=728x90&divIds=%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797111
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
38272eeb510da85ac3bb8ac846bb40931e46cd8a6ed6a600d9bed387a707c064

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.auskunft.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPTQ0YjhhNTJlLTcwMGYtNDU1My1hZGM5LTlkMTBmN2I0NDIxOA%3D%3D&pt=gross&stid=cec89bb9-58cb-42cb-acf3-23492a3791b1&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:21 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
hb
ice.360yield.com/ 		95 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%227205ffc666bd7d9%22%2C%22version%22%3A%227.3.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2257f6c185bfea1a8%22%2C%22pid%22%3A22324396%2C%22tid%22%3A%2244b8a52e-700f-4553-adc9-9d10f7b44218%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
946375427ae3367cab770881c8ef8d0b7f705b16be53fdc6198222651060c899

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.auskunft.de
date
Wed, 26 May 2021 21:04:21 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348688&size_id=2&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&tk_flint=pbjs_lite_v4.32.0&x_source.tid=44b8a52e-700f-4553-adc9-9d10f7b44218&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7984885909250345
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
79b0485bbe46c9f785a29a806bfb9eb939e6e8362679294e81ff85953d46a73f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:21 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22603b77e46d3345b%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fsteinn-nik.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22610c6b0c98e87a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8552eca5b60a8d901f68d90805aafcf590d2c0fbcb6c911308cc3eeea63cc4d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 26 May 2021 21:04:21 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=392698&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22603b77e46d3345b%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fsteinn-nik.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22610c6b0c98e87a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22placement%22%3A4%7D%7D%5D%7D
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8552eca5b60a8d901f68d90805aafcf590d2c0fbcb6c911308cc3eeea63cc4d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.auskunft.de
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 26 May 2021 21:04:21 GMT
v1
dmx.districtm.io/b/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 May 2021 21:04:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.auskunft.de
access-control-allow-credentials
true
cf-ray
6559f4988908edf7-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
0a4c17335a0000edf74485c000000001
v1
prg.smartadserver.com/prebid/ 		276 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
29b8060940090bca61fdf2ae58e32e44b3a02fca7f929b34616bc0535db63f80

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b14%3b96
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		139 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
25d1163f949a679637000226aa6b57fe2ac912c4e0a7df79ae87d0f55223d214
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:21 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid
b822417e-6082-4f95-a445-9fa492001953
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dsh
hb.adscale.de/ 		11 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.167.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
content-type
text/plain
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
prebid
ib.adnxs.com/ut/v3/ 		139 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5c3d0db08c19970983665ca1e896420ba3ff1feabf49e41797edfd322155c99a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:21 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid
de3d32cc-8e19-4c38-8fb4-3d0d7dc2c4ed
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
userconnect.js
js.adscale.de/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.91.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CUPSr8q.QV2oSyR2A.ML6bPH0Do36WHb
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 23:35:53 GMT
Server
AmazonS3
x-amz-request-id
1W1HGH7AAR2M8XBN
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Date
Wed, 26 May 2021 21:04:21 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
YWKaECb6FVzgzqRsIbyI318vUT1dV9LJjz5zFDUT8TrpFbT7CLGzmpMnGg4iiMaTV5+jGwUWKNc=
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 May 2021 21:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		438 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880179184147244&correlator=1067946271926693&output=ldjh&impl=fifs&eid=31061311%2C31061149%2C44714449&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=2&prev_scp=yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A19965.po%253Adefault%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1%26yieldlove_empty_fb%3D2&eri=1&cookie=ID%3Df535a9bdf435da6d-22e382f41ec80049%3AT%3D1622063061%3AS%3DALNI_MZsn9UOk51H5UtvR-XjE6ZNpw0bXw&bc=31&abxe=1&lmt=1622063061&dt=1622063061957&dlt=1622063060116&idt=191&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=844&adks=3358614790&ucis=3&ifi=3&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy&ref=http%3A%2F%2Fsteinn-nik.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=1132427081.1622063060&ga_sid=1622063060&ga_hid=944700347&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e91fe303a430f6c4c2758bf82306235a1335fb6f218cf871abc39fe28695d4f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
userconnect
ih.adscale.de/ 		216 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=6de03fad-4fc8-45cf-bbc0-26a66c69ae06&cbfn=stroeerCoreConnect&ts=1622063062540&umd=false&gdpr_err=CMP_TIME_OUT&ref=http%3A%2F%2Fsteinn-nik.com%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d04915e653c2c8c51b49332a2658a403d1ee593cfdabb09f03f43b988731e98c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
content-length
216
content-type
application/javascript
map
ih.adscale.de/ Frame E600 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
84eaa14ccd25e2e52459d9f5eafa70011b2959897b70893a1369e8c94802c613

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=88e27fd3cdbb41ea8c9480ba23a62946; cct=1622063061895; ng=2#447007603#27034384#85882
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2736
set-cookie
tu=4#3510076991#48~~450573~450573~1#101~~450573~450573~1#38~~450573~450573~1#39~~450573~450573~1#40~~450573~450573~1#42~~450573~450573~1#108~~450573~450573~1#63~~450573~450573~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None
nuggad
nugmw.userreport.com/rc-ap/e3955416-a634-4498-a9cc-9fbf9b150ed2/si.nuggad.net/
Redirect Chain
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
  • https://nugmw.userreport.com/rc-ap/e3955416-a634-4498-a9cc-9fbf9b150ed2/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nugmw.userreport.com/rc-ap/e3955416-a634-4498-a9cc-9fbf9b150ed2/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3200:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
09c049c784321b342231a724daf115a1da17281eef845d2f9a052bbada1f53d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
get, post, options
content-type
text/javascript
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
1902
x-amz-cf-id
MZMVqB0IETrD5mPIrjOT6yHU-XA1eeGQSizYBY7fU49OSaBnktFHlA==

Redirect headers

date
Wed, 26 May 2021 21:04:22 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA2-C1
access-control-allow-methods
get, post, options
location
https://nugmw.userreport.com/rc-ap/e3955416-a634-4498-a9cc-9fbf9b150ed2/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
0
x-amz-cf-id
xhkLBCoHIQAFENzfkeHYs9s76bPLFuLjytlJKdzYcOWR-A9djOOFZA==
match.js
js.adscale.de/ Frame E600 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.91.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U1s527RNMB4aUS3jiP7nWE6tDG0Hs7Xk
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 23:35:53 GMT
Server
AmazonS3
x-amz-request-id
D5A82DDWH3Q5XM11
ETag
"b75124846aec28a28b7a3441813682d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Date
Wed, 26 May 2021 21:04:22 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1700
x-amz-id-2
YgUN3G9pM2OUdx1IbbxUU3BNbt+xCwOliYNetGhpcqmD/GFX/uxwL0LFlvBJYKU/YhlObFJHVVQ=
img
ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/ Frame E600
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=88e27fd3cdbb41ea8c9480ba23a62946&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225a473094890%2F1622063062578%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=101&tpuid=BBID-01-02967770626641136-16297560
49 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=101&tpuid=BBID-01-02967770626641136-16297560
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Location
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=101&tpuid=BBID-01-02967770626641136-16297560
Date
Wed, 26 May 2021 21:04:22 GMT
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Transfer-Encoding
chunked
nuggad
ih.adscale.de/ 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/nuggad?/nvars/d7=1&d10=4&d2=3&d4=0&d11=0&d8=1&d9=3&d12=2&d1=2&d3=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E600
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=c243d4615a0ffbdedd7dee74d...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsi...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YK631iRw3IxKU1DQFNFSWgAA%261145
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YK631iRw3IxKU1DQFNFSWgAA%261145
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YK631iRw3IxKU1DQFNFSWgAA%261145
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
299
Expires
Wed, 26 May 2021 21:04:22 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E600
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=38a845723f50422dfa44d4e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
49 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 26 May 2021 21:04:21 GMT
Server
MT3 3736 915c305 master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 May 2021 21:04:20 GMT
launcher.js
sak.userreport.com/sdm/ 		104 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sak.userreport.com/sdm/launcher.js
Requested by
Host: si.nuggad.net
URL: https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2600:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d614a38ece16ed47c3af4d61f5b99f6a1b668526d47fd5fe93b19459273a1961

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sWrYSLqsQlcXCNntUF8JvkdB.T4gE7_S
Content-Encoding
gzip
ETag
W/"bda6d36d4c7e0a8c7cdcadbef248c9f4"
Age
27
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 19 Apr 2021 08:08:31 GMT
Server
AmazonS3
Date
Wed, 26 May 2021 21:03:56 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
Cache-Control
max-age=7200, s-maxage=60
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
Fuf3a16Ggit7VXnxUY1krXwtjFI5_L559TO42FAbd7noqHhlEJPfFQ==
img
ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/ Frame E600
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c4d6aaedec3186fea3568af258cd5697a09f030ac2d57f5286ffe9d8ab98acb8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa435580f225...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c4d6aaedec3186fea3568af258cd5697a09f030ac2d57f5286ffe9d8ab98acb8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa43558...
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=42&tpuid=6516209349515242746
49 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=42&tpuid=6516209349515242746
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:22 GMT
server
nginx
location
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?tpid=42&tpuid=6516209349515242746
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E600
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=17840b70-f50c-4720-8770-b64ef648411a
49 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=17840b70-f50c-4720-8770-b64ef648411a
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Wed, 26 May 2021 21:04:22 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=17840b70-f50c-4720-8770-b64ef648411a
cache-control
no-cache
server-processing-duration-in-ticks
3616
content-type
text/html; charset=utf-8
content-length
237
expires
Wed, 26 May 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E600
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=60db41892608d861be882c98...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
49 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 26 May 2021 21:04:21 GMT
Server
MT3 3736 915c305 master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=552c60ae-b7d6-4300-b9b4-7865141525c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 May 2021 21:04:20 GMT
img
ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/ Frame E600
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f3da5accd392faba18aa13ffc3a1bae7c757eee0a5b25b95968d83c6c074a60e&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F588...
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?uid=f3da5accd392faba18aa13ffc3a1bae7c757eee0a5b25b95968d83c6c074a60e&tpid=38&tpuid=CAESEGgg_iwCOV49vPc0NccqJl0&google...
49 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?uid=f3da5accd392faba18aa13ffc3a1bae7c757eee0a5b25b95968d83c6c074a60e&tpid=38&tpuid=CAESEGgg_iwCOV49vPc0NccqJl0&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/img?uid=f3da5accd392faba18aa13ffc3a1bae7c757eee0a5b25b95968d83c6c074a60e&tpid=38&tpuid=CAESEGgg_iwCOV49vPc0NccqJl0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/ Frame E600
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d5e985ef65b9ba6e36cd57622d9e5cd32883d8067eb47a0bacd37ca266028a3b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa43...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d5e985ef65b9ba6e36cd57622d9e5cd32883d8067eb47a0bacd37ca266028a3b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5888ffc88afa43...
  • https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/js?tpid=48&tpuid=c14804932f24ae1aa00b3928b3a99ece
44 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/js?tpid=48&tpuid=c14804932f24ae1aa00b3928b3a99ece
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcd14e93b6248bd2bc88e4f48607ef3f0ba15b3b6021ae3441976ba1730d130f

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Location
https://ih.adscale.de/sium/5888ffc88afa435580f225a473094890/1622063062578/0/js?tpid=48&tpuid=c14804932f24ae1aa00b3928b3a99ece
Date
Wed, 26 May 2021 21:04:23 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
147
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sium
ih.adscale.de/ Frame E600 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=http%3A%2F%2Fsteinn-nik.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 26 May 2021 21:04:23 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
index.html
cdn.districtm.io/ids/ Frame 75C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
0a4c1739df0000edf7e52a4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6559f4a2fecaedf7-CDG
ixmatch.html
js-sec.indexww.com/um/ Frame 4526 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame C71F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 27 May 2021 21:04:25 GMT
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 1A92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
0a4c1739e00000edf7dc25e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6559f4a30eceedf7-CDG
ixmatch.html
js-sec.indexww.com/um/ Frame 456B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame F67C 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1621255706.244487"
Last-Modified
Mon, 17 May 2021 12:47:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Wed, 26 May 2021 21:04:23 GMT
Content-Length
445
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 4939 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KP5YGSPK-23-KCB7; rsid=1|HtC7NkcHr+vRXCfuzNEvJhnvpsxMOKmt0RpqCfqlbmA28eqVO2zhQczybLuCi+SkRx+rsD/GAAuzFUbJMy/+K1uqnlcKuQw1qy8pecDeQU51/D/GC6BBPa+TS6XHMl3/BdTLwVQPPUDx; ses2=; vis2=270832^1; audit=1|hLZGFuTafB3y5en+w3jPRp8Kcx/hEla9J+nRIvendRljEN4XgNGgVk6QiWzXBD3U81kciTGLZlGp09IPATRueh5g2K/oHuJN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E987 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 27 May 2021 21:04:25 GMT
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C8F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 27 May 2021 21:04:25 GMT
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 286A 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
1be152a2fb1ad8e7b816951c84b31c26aa40569027ab1dabf6fefcce472d0ce7

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a58187e5-01a0-071c-372a-b8d38c88af22|1622063061
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=a58187e5-01a0-071c-372a-b8d38c88af22|1622063061; Version=1; Expires=Thu, 26-May-2022 21:04:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622063063|gekin0vNiygu; Version=1; Expires=Thu, 10-Jun-2021 21:04:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 26 May 2021 21:04:23 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 88D5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame D2FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
0a4c1739e90000edf7061a4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6559f4a30ee7edf7-CDG
pd
eu-u.openx.net/w/1.0/ Frame E6EA 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
1be152a2fb1ad8e7b816951c84b31c26aa40569027ab1dabf6fefcce472d0ce7

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a58187e5-01a0-071c-372a-b8d38c88af22|1622063061
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=a58187e5-01a0-071c-372a-b8d38c88af22|1622063061; Version=1; Expires=Thu, 26-May-2022 21:04:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622063063|gekin0vNiygu; Version=1; Expires=Thu, 10-Jun-2021 21:04:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 26 May 2021 21:04:23 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 7D94 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
1be152a2fb1ad8e7b816951c84b31c26aa40569027ab1dabf6fefcce472d0ce7

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a58187e5-01a0-071c-372a-b8d38c88af22|1622063061
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=a58187e5-01a0-071c-372a-b8d38c88af22|1622063061; Version=1; Expires=Thu, 26-May-2022 21:04:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622063063|gekin0vNiygu; Version=1; Expires=Thu, 10-Jun-2021 21:04:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 26 May 2021 21:04:23 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
sd
eu-u.openx.net/w/1.0/ Frame 286A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 26 May 2021 21:04:22 GMT
Server
MT3 3736 915c305 master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 May 2021 21:04:21 GMT
sd
us-u.openx.net/w/1.0/ Frame 286A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=yEVKDpxCT1zTTBhdykEGXc9NE1PTRU5dyRPbBBP_
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=yEVKDpxCT1zTTBhdykEGXc9NE1PTRU5dyRPbBBP_
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=yEVKDpxCT1zTTBhdykEGXc9NE1PTRU5dyRPbBBP_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 286A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 286A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=762db8bc-a827-38eb-6dfc-703be8af9cdf&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 286A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWE0MjZiNzYtNjE1MC02NjRmLTc4MWMtMmE4MjIyNGQ1MmJm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 286A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame F67C 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 12:47:17 GMT
server
ECS (frb/67AA)
age
44807
etag
"f720a7f2a8432d0f18de76239266413f:1621255704.633184"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame F67C 		79 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
1804e93c7d77871d5984f3bc595a41ae25366060999363e268a4126cf2b469d7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 08:36:36 GMT
server
ECS (frb/67C2)
age
44807
etag
"a072c6dc16e8a194aa1a6765717d1beb:1622018214.129281"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3599
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame F67C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 08:36:38 GMT
server
ECS (frb/674C)
age
44807
etag
"5c225f0da4164867a9eba01d527131e3:1622018212.607389"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame F67C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=2416&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:23 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 08:36:39 GMT
server
ECS (frb/6776)
age
44807
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1622018213.416653"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
sd
eu-u.openx.net/w/1.0/ Frame E6EA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 26 May 2021 21:04:22 GMT
Server
MT3 3736 915c305 master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 May 2021 21:04:21 GMT
sd
us-u.openx.net/w/1.0/ Frame E6EA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=icp80N3NeYKSwy6G2pswjIjKfNeSwiyNicsSanui
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=icp80N3NeYKSwy6G2pswjIjKfNeSwiyNicsSanui
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=icp80N3NeYKSwy6G2pswjIjKfNeSwiyNicsSanui
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E6EA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame E6EA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=762db8bc-a827-38eb-6dfc-703be8af9cdf&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E6EA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWE0MjZiNzYtNjE1MC02NjRmLTc4MWMtMmE4MjIyNGQ1MmJm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E6EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7D94
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 26 May 2021 21:04:22 GMT
Server
MT3 3736 915c305 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=552c60ae-b7d6-4300-b9b4-7865141525c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 May 2021 21:04:21 GMT
sd
us-u.openx.net/w/1.0/ Frame 7D94
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cZ0T4CWaFrJqlEGzcMlfs3WdQbVqmRTgdJS9WxdO
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cZ0T4CWaFrJqlEGzcMlfs3WdQbVqmRTgdJS9WxdO
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cZ0T4CWaFrJqlEGzcMlfs3WdQbVqmRTgdJS9WxdO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7D94
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6516209349515242746
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7D94 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=762db8bc-a827-38eb-6dfc-703be8af9cdf&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7D94 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWE0MjZiNzYtNjE1MC02NjRmLTc4MWMtMmE4MjIyNGQ1MmJm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7D94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIhoEYw8rTnKDsiUmhsMVmo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4939 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ed1ebf0d6f605635332d2dc7d98bd3cb3fff298bffb5765c1969ab93b3fbeb6

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 21:04:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18988
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9266
Expires
Thu, 27 May 2021 02:20:51 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C8FA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
12b62ff7f3fb2be6bc6852953d61ca0143f98ec4a90670365c79b406b56a5eaf

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YK631iRw3IxKU1DQFNFSWgAA; CMPS=5186; CMPRO=1145; CMST=YK631mCut9YA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|221|88|195|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
2005
Expires
Wed, 26 May 2021 21:04:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
Set-Cookie
CMID=YK631iRw3IxKU1DQFNFSWgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 May 2022 21:04:23 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 21:04:23 GMT CMPRO=1145;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 21:04:23 GMT CMST=YK631mCut9cA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 21:04:23 GMT CMRUM3=5860aeb7d705a0&dd60aeb7d72760&e660aeb7d72760&f160aeb7d705a0&ce60aeb7d705a0&c360aeb7d705a00&2d60aeb7d705a0&2760aeb7d70b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 May 2022 21:04:23 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BBCB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6ce141dfe9fd00a249762dbc75b2770f961ffedfe1b69134a637bfcd14e9454

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YK631iRw3IxKU1DQFNFSWgAA; CMPS=5186; CMPRO=1145; CMST=YK631mCut9YA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|39|230|196|111|46|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1816
Expires
Wed, 26 May 2021 21:04:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
Set-Cookie
CMID=YK631iRw3IxKU1DQFNFSWgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 May 2022 21:04:23 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 21:04:23 GMT CMPRO=1145;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 21:04:23 GMT CMST=YK631mCut9cA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 21:04:23 GMT CMRUM3=2e60aeb7d705a0&6f60aeb7d705a0&e660aeb7d72760&f160aeb7d705a0&c460aeb7d705a0&c360aeb7d705a00&2d60aeb7d705a0&2760aeb7d70b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 May 2022 21:04:23 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B142 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2f9b5e85f9f1171f71bf14c8405977bf2bc442a3ad0890b9cc17e61e634de052

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YK631iRw3IxKU1DQFNFSWgAA; CMPS=5186; CMPRO=1145; CMST=YK631mCut9YA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|105|156|90|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1790
Expires
Wed, 26 May 2021 21:04:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Connection
keep-alive
Set-Cookie
CMID=YK631iRw3IxKU1DQFNFSWgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 May 2022 21:04:23 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 21:04:23 GMT CMPRO=1145;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 21:04:23 GMT CMST=YK631mCut9cA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 21:04:23 GMT CMRUM3=2d60aeb7d705a0&2760aeb7d70b40&9c60aeb7d705a00&5a60aeb7d705a0&e660aeb7d72760&2f60aeb7d705a0&f160aeb7d705a0&6960aeb7d705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 May 2022 21:04:23 GMT
bounce
ib.adnxs.com/ Frame C71F
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid
3a9b216f-5c35-44be-b67f-74ec9f05a887
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid
21ade1b4-2d88-4702-9dcd-9cad3b651323
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame E987
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.36:80
AN-X-Request-Uuid
9b65bd9a-4ed4-49ce-b840-d4d6dcc49504
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid
860160c3-e8e0-4c21-808e-15cd26c888b9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 6C8F
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid
8936e1cc-d50f-49e3-9bf0-5b963806ea89
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.179:80
AN-X-Request-Uuid
1b28be04-3024-4776-973d-03deb79b8f15
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BBCB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YK631iRw3IxKU1DQFNFSWgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BBCB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BBCB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YK631iRw3IxKU1DQFNFSWgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame BBCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BBCB
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

date
Wed, 26 May 2021 21:04:23 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
match
c1.adform.net/serving/cookie/ Frame BBCB 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
getuid
secure.adnxs.com/ Frame BBCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame BBCB
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6cd6ab-f057-49e9-aff3-85ab24e3bee4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6cd6ab-f057-49e9-aff3-85ab24e3bee4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6cd6ab-f057-49e9-aff3-85ab24e3bee4
date
Wed, 26 May 2021 21:04:23 GMT
server
Apache-Coyote/1.1
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BBCB 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YK631iRw3IxKU1DQFNFSWgAA%261145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 21:04:23 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2218
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:41:21 GMT
casale
match.adsrvr.org/track/cmf/ Frame B142 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YK631iRw3IxKU1DQFNFSWgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame B142
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B142
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YK631iRw3IxKU1DQFNFSWgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B142
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B142
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 26 May 2021 21:04:25 GMT
server
nginx/1.18.0
content-length
76
cookiesync
bttrack.com/pixel/ Frame B142 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Wed, 26 May 2021 21:04:12 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame B142
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7278E5D0422441FFB1EE7C20736EE6C4&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7278E5D0422441FFB1EE7C20736EE6C4&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:25 GMT

Redirect headers

date
Wed, 26 May 2021 21:04:25 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7278E5D0422441FFB1EE7C20736EE6C4&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 25 May 2021 21:04:25 GMT
crum
dsum-sec.casalemedia.com/ Frame B142
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=72LSqLoc1LM0Hv5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=72LSqLoc1LM0Hv5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:25 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=72LSqLoc1LM0Hv5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B142 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YK631iRw3IxKU1DQFNFSWgAA%261145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 21:04:23 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2218
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:41:21 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C8FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELKGHgABEYk8pUsgFth-czU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C8FA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YK631iRw3IxKU1DQFNFSWgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame C8FA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C8FA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YK631iRw3IxKU1DQFNFSWgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELQQjOt-HGXcA07-BHYLqAY&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YK631iRw3IxKU1DQFNFSWgAA%261145
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame C8FA
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YK631iRw3IxKU1DQFNFSWgAA%261145?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YK631iRw3IxKU1DQFNFSWgAA%261145?gdpr_consent=&us_privacy=&gdpr=1
49 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YK631iRw3IxKU1DQFNFSWgAA%261145?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:25 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.170
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:25 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YK631iRw3IxKU1DQFNFSWgAA%261145?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.12.249
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame C8FA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YK631wABWSB1PQA4
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YK631wABWSB1PQA4&gdpr=1&_test=YK631wABWSB1PQA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YK631wABWSB1PQA4&gdpr=1&_test=YK631wABWSB1PQA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622063064.843019,VS0,VE0
x-served-by
cache-hhn4028-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YK631wABWSB1PQA4&gdpr=1&_test=YK631wABWSB1PQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame C8FA
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7a006746-f34b-4e7b-99de-50c8b351bf5c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7a006746-f34b-4e7b-99de-50c8b351bf5c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:04:24 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7a006746-f34b-4e7b-99de-50c8b351bf5c
date
Wed, 26 May 2021 21:04:23 GMT
server
Apache-Coyote/1.1
content-length
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame C8FA 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YK631iRw3IxKU1DQFNFSWgAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 21:04:25 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C8FA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YK631iRw3IxKU1DQFNFSWgAA%261145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 21:04:23 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2218
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 21:41:21 GMT
pixel
cm.g.doubleclick.net/ Frame 4939
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1A1WUdTUEstMjMtS0NCNw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1A1WUdTUEstMjMtS0NCNw==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1A1WUdTUEstMjMtS0NCNw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 4939 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 4939
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YK631wABIJP56wBg
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YK631wABIJP56wBg&_test=YK631wABIJP56wBg
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YK631wABIJP56wBg&_test=YK631wABIJP56wBg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622063064.839607,VS0,VE0
x-served-by
cache-hhn4028-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YK631wABIJP56wBg&_test=YK631wABIJP56wBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 4939 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4939
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgyODJiNDA0YmJlMTllZmIwNDI0ODQ4NWI2MGEwZTk3NmQ4N2I5Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgyODJiNDA0YmJlMTllZmIwNDI0ODQ4NWI2MGEwZTk3NmQ4N2I5Yg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgyODJiNDA0YmJlMTllZmIwNDI0ODQ4NWI2MGEwZTk3NmQ4N2I5Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4939
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaO9hI-DRpJOopvWuISN8g&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaO9hI-DRpJOopvWuISN8g&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 21:04:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaO9hI-DRpJOopvWuISN8g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 4939
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KP5YGSPK-23-KCB7&sigv=1&esig=2~1a37231dd43d53ab21a0ae7476a956b4c4373020
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KP5YGSPK-23-KCB7&sigv=1&esig=2~1a37231dd43d53ab21a0ae7476a956b4c4373020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:04:26 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KP5YGSPK-23-KCB7&sigv=1&esig=2~1a37231dd43d53ab21a0ae7476a956b4c4373020
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4939
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S2thDSvuSeryTpH0QmPp5Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=891006646496722987
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=891006646496722987
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Wed, 26 May 2021 21:04:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=891006646496722987
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C71F 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.120:80
AN-X-Request-Uuid
b53d32d3-8043-4674-b4be-9423369b0425
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E987 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid
0a809848-a7a0-4983-b83a-67f4b2d36d07
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6C8F 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 21:04:24 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid
a15ab6cb-068f-493a-b3ad-547942ebf9fc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| yieldlove_site_id object| googletag function| isLocalStorageEnabled undefined| gaProperty undefined| GA_LOCAL_STORAGE_KEY object| iam_data object| _mtm object| d object| g object| s object| _paq object| webpackJsonp object| regeneratorRuntime object| ggeac object| google_js_reporting_queue string| szmvars object| iom object| YLHH object| yieldlove_site_settings object| yieldlove_cmd object| pbjsYLHH function| pbjsYLHHChunk object| _pbjsGlobals object| stroeerCore function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| MatomoTagManager object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| yieldlove_ab object| GoogleGcLKhOms function| stroeerCoreConnect number| retryHandle object| google_image_requests object| NUGGjson function| aplauncherExec function| aplauncher string| apsrc

3 Cookies

Domain/Path Name / Value
www.auskunft.de/ Name: AUSKUNFT_SESSION
Value: 094955in9uhmkv7cak5l545tfv
.auskunft.de/ Name: ioam2018
Value: 0019cededcf2d8ce660aeb7d4:1648933460233:1622063060233:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1622063060233:47tnj0
.auskunft.de/ Name: iom_consent
Value: 0000000000&1622063060232

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

50b7c75fa5f66f28d05f9c47a71582ea.safeframe.googlesyndication.com
acdn.adnxs.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
avalonacess.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
btpnav.com
bttrack.com
c1.adform.net
cdn-a.yieldlove.com
cdn.districtm.io
cm.g.doubleclick.net
csync.smartadserver.com
d.adroll.com
de.ioam.de
dis.criteo.com
dmx.districtm.io
dsum-sec.casalemedia.com
ec-ns.sascdn.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
gu.dyntrk.com
hb.adscale.de
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
ih.adscale.de
js-sec.indexww.com
js.adscale.de
match.adsrvr.org
nep.advangelists.com
nugmw.userreport.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
s.amazon-adsystem.com
sak.userreport.com
script.ioam.de
secure.adnxs.com
securepubads.g.doubleclick.net
si.nuggad.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
steinn-nik.com
sync-tm.everesttech.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracker.auskunft.de
tracking.m6r.eu
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.auskunft.de
www.google.com
yieldlove-d.openx.net
104.108.144.200
104.108.145.8
104.109.91.53
104.111.230.142
104.111.237.88
104.16.190.66
13.248.242.197
135.125.8.70
142.250.186.130
142.250.186.34
151.101.114.49
159.253.128.183
167.233.15.201
178.250.0.163
18.193.131.224
18.197.81.144
185.29.135.190
185.33.221.52
185.33.221.90
185.86.139.59
192.132.33.46
209.15.13.134
209.15.13.136
23.37.38.181
2600:9000:206f:3200:1f:a1b:34c0:93a1
2600:9000:20eb:4c00:12:6213:9cc0:93a1
2600:9000:21f3:2600:8:5c85:cdc0:93a1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a02:26f0:6c00::210:ba1a
3.126.56.137
34.98.64.218
35.244.174.68
37.157.4.23
37.157.4.39
52.222.158.86
52.28.38.50
52.46.130.13
52.48.137.92
52.58.167.152
54.174.112.67
54.78.251.22
54.82.140.85
62.209.227.211
68.232.35.16
69.173.144.141
69.173.144.165
91.215.100.39
91.215.100.40
95.216.224.232
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
080151775ec00e445940ccdaee1eeeaec7b94ff71b73bd57650b4131251b1f7b
0832858d4d125fd2ed916df1b8084a64046138c7da02dfe59d9b28ab812f76d9
09c049c784321b342231a724daf115a1da17281eef845d2f9a052bbada1f53d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce9d9fb6cf3ce5421bc9018629f81b0468e9cd076e74c519c11375ec0ff8138
0e41b59155f61297f9bfdeaf8f84ba927fa918f1ab9960b7f6cf220b9c0963c6
12b62ff7f3fb2be6bc6852953d61ca0143f98ec4a90670365c79b406b56a5eaf
17ec9306cf3776e9a261e143132370ba9657c07843d257d58dc5f3c15ee9f8e3
1804e93c7d77871d5984f3bc595a41ae25366060999363e268a4126cf2b469d7
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1be152a2fb1ad8e7b816951c84b31c26aa40569027ab1dabf6fefcce472d0ce7
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
1ecd03264e8ca2641e8790556f550db5baccc81a0865ad00a44f5226647456c2
22df8e4abc7410810527a2a0fb82df56002546ae1b14cb28582b05570a0d22c1
25d1163f949a679637000226aa6b57fe2ac912c4e0a7df79ae87d0f55223d214
29b8060940090bca61fdf2ae58e32e44b3a02fca7f929b34616bc0535db63f80
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9b5e85f9f1171f71bf14c8405977bf2bc442a3ad0890b9cc17e61e634de052
342a4244c477c421e471d1def9747600c59238c46e372b74c20f58414b94c042
37318672f4879df3a9fa1001cb72a574a42658bd4ba07b31883d285023168661
38272eeb510da85ac3bb8ac846bb40931e46cd8a6ed6a600d9bed387a707c064
39845d75d27beed6570597f505613d63e4da16a0bb18f24bc8184a9f1841fe6f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ed1ebf0d6f605635332d2dc7d98bd3cb3fff298bffb5765c1969ab93b3fbeb6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41ad027394d67929c53d50d03bbcd8bda0e4ae0199dbc01fdce1669afb7eafc7
44def21c886f7173834d5d539d235ad4864c89ebd7b6a560dd19d4bcfec7ab66
462f672c31ca89d8c85e15f7a235e9dec76f1a2798dcbaaa1de808214444846c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51cd52a4c6ab80e31935fc8f57aba3463258d202337b6a51f4fc08aa0d4a52c6
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5778d71061efc14231ba194b75611abc19182f97e30aae8ce1e1236de2901a0f
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5a33a4f6d6cc645b4022182e74cf80072d6f0692684051d746e08d97e9982af2
5c3d0db08c19970983665ca1e896420ba3ff1feabf49e41797edfd322155c99a
5d2868c41a4df89a65d8d27f1f4257ccff3c761afc4826c9ae37a6190670a7fd
5e33ecf3410fedea8b01a0f1f129e2575f013b518c627cc268fc4814cc8aa434
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6986b5326fd82c430e4dbc8ada4ced5cc7092da2216f29e8f404e49ad2bba7a7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f07d6a65616bed5477a46267da2d05d2742ad9b5b1814a01b578086f77e1cf8
7308dc6dd335964ca45b89f31b5570bb22337e0286e80eec2ee71e9800ab1e34
75ba4db5bc385eff582ad965562073f64914dc5f89b8a95b7849fc867af04d36
79b0485bbe46c9f785a29a806bfb9eb939e6e8362679294e81ff85953d46a73f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8233428f4a24209f98d55daf9ae15e0718579000903337f78a20065d2681a9b3
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84eaa14ccd25e2e52459d9f5eafa70011b2959897b70893a1369e8c94802c613
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dff041f31a4501274e49ecb2a311bc327370bf9c4e1725b59b8c7b92147689c
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
946375427ae3367cab770881c8ef8d0b7f705b16be53fdc6198222651060c899
96a72dda7f410b0bff881d8d51cbc57037c48a4693e27dd994b6b9fe1c6f846c
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
9f1448b95a6a11130d4ff4839d1f1702c4861e3c7811cc6724743f37e4b76f82
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ce141dfe9fd00a249762dbc75b2770f961ffedfe1b69134a637bfcd14e9454
abb8e9009f08010640f4fa14a29939ec45229766644ce74df3b11af44824ea0b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b693a143b99ae6b32fe7359ae55fb45da139b5f1383f5cf598dd2489eb02470b
c1f1e838e438d0a781963b28e3fb918d8af239ed2f6e32a7b1e995d1a3585136
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c285249174df5820775029de102f702bfddba0c0a7fa21f2f52350b0ac87274c
c55802f234ad7b9b16b8d6f0950f46b1214db417d3f687ec27646ed754cd1168
c60bc5ba9b0391fa0dffc3ab4e541add9045c2b52d066668c7ff3898bd2c88e5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8552eca5b60a8d901f68d90805aafcf590d2c0fbcb6c911308cc3eeea63cc4d
cb6da34ac1bb91df124e5f2a23349e3e8689b917620c6bdbb1a8f0399f1a0e4b
d04915e653c2c8c51b49332a2658a403d1ee593cfdabb09f03f43b988731e98c
d3302542a5cb48952467539fee7065b4811d8d574c6d4c83e1a20f4f440780be
d614a38ece16ed47c3af4d61f5b99f6a1b668526d47fd5fe93b19459273a1961
d99bf1ea70a90213bc28437d4413da189cf244d2b80fba2ccb42de0b3d639727
dcd14e93b6248bd2bc88e4f48607ef3f0ba15b3b6021ae3441976ba1730d130f
dda23db069e99f03a33bc55c69f0ed43436edb08a37832537fd2578dfccaa09a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52d06ff5d17453294dc5059cf0fbb66308b11fbfaccbd16a2116ef1a5d956ab
e7f751aef62d8a25294805685e96d4dd5d2d20bf5e5cea409df0faa81dbd4fad
e91fe303a430f6c4c2758bf82306235a1335fb6f218cf871abc39fe28695d4f9
f1a172253f3c8b1ad69c75aecb421b2eac30a568a269d755c1d21474a4721e96
f9c7ce7a982b18f65e28666f546f07190240d036b2bcbd129ce6599703e37daa