www.adesa.com Open in urlscan Pro
35.239.148.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://adesaassurance.com/
Effective URL:
https://www.adesa.com/assurance/
Submission: On February 23 via automatic, source certstream-suspicious (February 23rd 2023, 5:03:13 am UTC) — Scanned from DE

Summary HTTP 186 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 70 IPs in 12 countries across 76 domains to perform 186 HTTP transactions. The main IP is 35.239.148.240, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.adesa.com. The Cisco Umbrella rank of the primary domain is 498082.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on May 12th 2022. Valid for: a year.

This is the only time www.adesa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:bd68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.239.148.240 35.239.148.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 1	18.205.222.128 18.205.222.128	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:215... 2600:9000:2156:1800:9:2c88:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.75 18.66.97.75	16509 (AMAZON-02) (AMAZON-02)
1 2	198.105.202.32 198.105.202.32	36776 (FIVE9) (FIVE9)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
19	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	23.62.220.254 23.62.220.254	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:220... 2600:9000:2204:5e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2 4	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 15	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1 2	34.250.208.145 34.250.208.145	16509 (AMAZON-02) (AMAZON-02)
1	104.96.129.75 104.96.129.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.196.192.213 18.196.192.213	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.79.139 2.18.79.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	3.65.209.188 3.65.209.188	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 8	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
3 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	54.229.20.73 54.229.20.73	16509 (AMAZON-02) (AMAZON-02)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.213.180.231 52.213.180.231	16509 (AMAZON-02) (AMAZON-02)
1	52.218.92.163 52.218.92.163	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 5	89.163.240.122 89.163.240.122	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.141.41 139.162.141.41	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	91.210.226.74 91.210.226.74	48314 (IP-PROJECTS) (IP-PROJECTS)
1	52.212.203.64 52.212.203.64	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.32.110.41 13.32.110.41	16509 (AMAZON-02) (AMAZON-02)
2 3	52.0.191.77 52.0.191.77	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.33.80.180 63.33.80.180	16509 (AMAZON-02) (AMAZON-02)
1 1	18.185.232.77 18.185.232.77	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.175.221 3.124.175.221	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2600:9000:223... 2600:9000:223f:d600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
186	70

1 2606:4700:3037::ac43:bd68 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

adesaassurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.239.148.240 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.148.239.35.bc.googleusercontent.com

www.adesa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
karadesa.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a48 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.222.128 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-222-128.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:1800:9:2c88:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

sidebar.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

karadesa.wpenginepowered.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-75.fra56.r.cloudfront.net

openauction.prod.nw.adesa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.105.202.32 (United States) 1 redirects

ASN36776 (FIVE9, US)
PTR: app.atl.five9.com

app.five9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.62.220.254 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-254.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2204:5e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.208.145 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-208-145.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.129.75 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-129-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.192.213 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-192-213.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.209.188 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-209-188.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 77.243.60.138 (Denmark) 7 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.37.164 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.20.73 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-20-73.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.180.231 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-180-231.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.92.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.215 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.163.240.122 (Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm45.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.74 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.203.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-203-64.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-41.vie50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.0.191.77 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-191-77.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.80.180 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-80-180.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.232.77 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-232-77.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.175.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-175-221.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:d600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	adform.net 4 redirects s2.adform.net — Cisco Umbrella Rank: 5881 a2.adform.net — Cisco Umbrella Rank: 6186 c1.adform.net — Cisco Umbrella Rank: 590 dmp.adform.net — Cisco Umbrella Rank: 7221	42 KB
19	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	2 MB
18	wpenginepowered.com karadesa.wpenginepowered.com — Cisco Umbrella Rank: 300114	107 KB
12	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	4 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 377	144 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 jnn-pa.googleapis.com — Cisco Umbrella Rank: 187	62 KB
8	semasio.net 7 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1151 se.semasio.net — Cisco Umbrella Rank: 25440	5 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com Failed	140 KB
7	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 854	251 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 22113 tags.adsafety.net — Cisco Umbrella Rank: 118901	10 KB
6	bugherd.com 1 redirects www.bugherd.com — Cisco Umbrella Rank: 15221 sidebar.bugherd.com — Cisco Umbrella Rank: 81617	19 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	29 KB
5	adesa.com www.adesa.com — Cisco Umbrella Rank: 498082 openauction.prod.nw.adesa.com — Cisco Umbrella Rank: 221173	442 KB
4	exelator.com 3 redirects loadm.exelator.com — Cisco Umbrella Rank: 1447 load77.exelator.com — Cisco Umbrella Rank: 3309 loada.exelator.com — Cisco Umbrella Rank: 25431	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 385	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 359 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6448	3 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2444	2 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2200	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6232	670 B
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	127 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	50 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 426	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12008	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 714	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 199	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	529 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 553	665 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 751	484 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1379	928 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 972	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 533	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	863 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 273	490 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3182	691 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 651	829 B
2	seadform.net a1.seadform.net — Cisco Umbrella Rank: 18344	686 B
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3353 cdn.acsbapp.com — Cisco Umbrella Rank: 3537	167 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 86	38 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	233 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 824	736 B
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1011	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	136 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	18 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	60 KB
2	five9.com 1 redirects app.five9.com — Cisco Umbrella Rank: 15891	66 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 768	31 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 577	1 KB
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 337	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23039	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 709	241 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15645	155 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1222	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 396	1 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 482	490 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20504	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 657	447 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 581	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 32813	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 25119	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2117	273 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 340	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 993	344 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1276	99 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 626	684 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578	163 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 542	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4413	525 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 729	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	82 KB
1	wpengine.com karadesa.wpengine.com — Cisco Umbrella Rank: 589637	2 KB
1	adesaassurance.com 1 redirects adesaassurance.com	485 B
0	emxdgt.com Failed e1.emxdgt.com Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
186	76

	Domain	Requested by
19	www.youtube.com	www.adesa.com www.youtube.com www.googletagmanager.com
18	karadesa.wpenginepowered.com	www.adesa.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
11	cdn.cookielaw.org	www.adesa.com cdn.cookielaw.org
8	jnn-pa.googleapis.com	www.youtube.com
7	use.fontawesome.com	www.adesa.com use.fontawesome.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	cm.adsafety.net	4 redirects c1.adform.net
5	se.semasio.net	4 redirects c1.adform.net
5	www.google.com	1 redirects www.adesa.com www.youtube.com
5	googleads.g.doubleclick.net	2 redirects www.googleadservices.com www.youtube.com
5	sidebar.bugherd.com	www.adesa.com www.bugherd.com sidebar.bugherd.com
4	cm.g.doubleclick.net	4 redirects
4	a2.adform.net	2 redirects www.adesa.com
4	www.adesa.com	www.adesa.com cdnjs.cloudflare.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	pixel.onaudience.com	3 redirects
3	uipglob.semasio.net	3 redirects
3	www.google.de	www.adesa.com
3	code.jquery.com	www.adesa.com
3	cdn.jsdelivr.net	www.adesa.com
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	a1.seadform.net	www.adesa.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.facebook.com	www.adesa.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	tags.tiqcdn.com	www.adesa.com tags.tiqcdn.com
2	connect.facebook.net	www.adesa.com connect.facebook.net
2	www.googleadservices.com	www.adesa.com www.googletagmanager.com
2	cdnjs.cloudflare.com	www.adesa.com
2	app.five9.com	1 redirects www.adesa.com
2	maxcdn.bootstrapcdn.com	www.adesa.com
2	fonts.googleapis.com	www.adesa.com
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.1dmp.io	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	sync-t1.taboola.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	cdn.acsbapp.com	acsbapp.com
1	acsbapp.com	www.adesa.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.adesa.com
1	www.linkedin.com	1 redirects
1	s2.adform.net	www.adesa.com
1	snap.licdn.com	www.adesa.com
1	www.googletagmanager.com	www.adesa.com
1	p.typekit.net	use.typekit.net
1	karadesa.wpengine.com	www.adesa.com
1	openauction.prod.nw.adesa.com	www.adesa.com
1	www.bugherd.com	1 redirects
1	use.typekit.net	www.adesa.com
1	adesaassurance.com	1 redirects
0	e1.emxdgt.com Failed	c1.adform.net
0	global.ib-ibi.com Failed	c1.adform.net
186	95

This site contains links to these domains. Also see Links.

Domain
karadesa.wpenginepowered.com
kar.wd1.myworkdayjobs.com
buy.adesa.com
adesa.com
help.adesa.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
kar-privacy.my.onetrust.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.adesa.com Trusted Secure Certificate Authority 5	`2022-05-12` - `2023-05-12`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.prod.nw.adesa.com Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-12-02` - `2023-03-02`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-12` - `2024-01-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.acsbapp.com GTS CA 1P5	`2023-01-06` - `2023-04-06`	3 months	crt.sh
sidebar.bugherd.com Amazon	`2022-06-30` - `2023-07-30`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon	`2022-12-20` - `2024-01-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.adesa.com/assurance/
Frame ID: 04BDBE93B8514D6B3BE22DFBAD215D14
Requests: 92 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
Frame ID: F420951CFEDAA30F30C79760F165A768
Requests: 43 HTTP requests in this frame

Frame: https://sidebar.bugherd.com/sidebar/embed_html?apikey=bjqnbbhsrfbzhorsn2iixa
Frame ID: 70A0848122FAB2529C887024D790FA14
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1DB204D0E71A452D15E320CF3982CB34
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Frame ID: 4972380DC7B76DD0F4C34C76BEE31C61
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADESA - AssuranceBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://adesaassurance.com/ HTTP 301
https://www.adesa.com/assurance/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

186
Requests

82 %
HTTPS

38 %
IPv6

76
Domains

95
Subdomains

70
IPs

12
Countries

3801 kB
Transfer

11501 kB
Size

90
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://karadesa.wpenginepowered.com/wp-content/uploads/2022/02/0220-ALL-ASSURAN-TandC-1.pdf
Title: CLICK HERE

Search URL Search Domain Scan URL

URL: https://kar.wd1.myworkdayjobs.com/ADESA_US_Careers
Title: Apply

Search URL Search Domain Scan URL

URL: https://buy.adesa.com/openauction/assuranceRegistration.html
Title: Enroll now

Search URL Search Domain Scan URL

URL: https://buy.adesa.com/openauction/searchResults31.html?merchandiseId=13384&searchSubmit=true&clickFrom=PROMOTION
Title: Log in

Search URL Search Domain Scan URL

URL: http://adesa.com/
Title: ADESA.com

Search URL Search Domain Scan URL

URL: https://karadesa.wpenginepowered.com/wp-content/uploads/2022/09/ADESA_MKtG_0922_Assurance_ECO-Claim-Submission_OnePager.pdf
Title: CLICK HERE

Search URL Search Domain Scan URL

URL: https://buy.adesa.com/openauction/registration.htmsmh#/step1?utm_campaign=registration&utm_source=adesa.com&utm_medium=footer&utm_content=footer_link
Title: Register

Search URL Search Domain Scan URL

URL: https://buy.adesa.com/openauction/home.html?utm_campaign=login&utm_source=adesa.com&utm_medium=footer&utm_content=footer_link
Title: Login

Search URL Search Domain Scan URL

URL: https://buy.adesa.com/openauction/forgetPassword.htmsmh?utm_campaign=forgot_password&utm_source=adesa.com&utm_medium=footer&utm_content=footer_link
Title: Forgot Username/Password

Search URL Search Domain Scan URL

URL: http://help.adesa.com/?utm_campaign=help&utm_source=adesa.com&utm_medium=footer&utm_content=footer_link
Title: Help Resources

Search URL Search Domain Scan URL

URL: https://www.facebook.com/adesausauctions

Search URL Search Domain Scan URL

URL: https://twitter.com/ADESA_US

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ADESAauction

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/82288996/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/adesa_u.s/

Search URL Search Domain Scan URL

URL: https://kar-privacy.my.onetrust.com/webform/220aba37-6609-45b9-bb38-d90c71628891/3df2e30f-9df5-4c5e-8fef-020f6f1dbe6e
Title: Privacy Rights Portal

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://adesaassurance.com/ HTTP 301
https://www.adesa.com/assurance/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.bugherd.com/sidebarv2.js?apikey=bjqnbbhsrfbzhorsn2iixa HTTP 302
https://sidebar.bugherd.com/embed.js?apikey=bjqnbbhsrfbzhorsn2iixa

Request Chain 23

https://app.five9.com/consoles/SocialWidget/five9-social-widget.min.js HTTP 302
https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.min.js

Request Chain 60

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3006250%26time%3D1677128587097%26url%3Dhttps%253A%252F%252Fwww.adesa.com%252Fassurance%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&liSync=true&e_ipv6=AQItv7iDcLJxbwAAAYZ8p1n4JUvp_omTS1HlDWaRY8QG632ouFZB1JxTpwWC1avX4lJA5nZDxLxn

Request Chain 72

https://a2.adform.net/Serving/TrackPoint/?pm=2317712&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=677290038793&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=677290038793&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 73

https://a2.adform.net/Serving/TrackPoint/?pm=2317712&ADFdivider=%7C&ord=408050763541&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFdivider=%7C&ord=408050763541&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 76

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&value=0&auid=296444191.1677128587&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i_P2Y-rdD4ak1wbQ-b3wDg&sscte=1&crd=&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dHS2GD02eY12uB7Sl63OT-O4264yhjvFaw&pscrd=EkxDaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVVBXzl1dUxyeUMxNXR1TTladkhKRFY0S2N3NzM3alY3MHBRSWFWLUZLU25RbU9admdyGldDaEFJZ0pmWG53WVF2NWV4NEpQM2c1ZC1FaTBBU05rZEV2TDhja05vbG9RX1QwX2pmNDlpVU1VS1FOR1hsODV1TUtWQ1QxSWYteTFoay1ZZU1Pd1lGaFU HTTP 302
https://www.google.com/pagead/1p-conversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&value=0&auid=296444191.1677128587&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVVBXzl1dUxyeUMxNXR1TTladkhKRFY0S2N3NzM3alY3MHBRSWFWLUZLU25RbU9admdyGldDaEFJZ0pmWG53WVF2NWV4NEpQM2c1ZC1FaTBBU05rZEV2TDhja05vbG9RX1QwX2pmNDlpVU1VS1FOR1hsODV1TUtWQ1QxSWYteTFoay1ZZU1Pd1lGaFU&is_vtc=1&ocp_id=i_P2Y-rdD4ak1wbQ-b3wDg&cid=CAQSKQDUE5ymyUR7SpR3ClQ1hQjnLLPw37syj9CvJfWIGpFFZEu0t1l_VCHA&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dDrN--MN2i0C6_BfC0pQ_uHM9p4QLsnSrQ&random=427705105 HTTP 302
https://www.google.de/pagead/1p-conversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&value=0&auid=296444191.1677128587&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVVBXzl1dUxyeUMxNXR1TTladkhKRFY0S2N3NzM3alY3MHBRSWFWLUZLU25RbU9admdyGldDaEFJZ0pmWG53WVF2NWV4NEpQM2c1ZC1FaTBBU05rZEV2TDhja05vbG9RX1QwX2pmNDlpVU1VS1FOR1hsODV1TUtWQ1QxSWYteTFoay1ZZU1Pd1lGaFU&is_vtc=1&ocp_id=i_P2Y-rdD4ak1wbQ-b3wDg&cid=CAQSKQDUE5ymyUR7SpR3ClQ1hQjnLLPw37syj9CvJfWIGpFFZEu0t1l_VCHA&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dDrN--MN2i0C6_BfC0pQ_uHM9p4QLsnSrQ&random=427705105&ipr=y&prhg=0

Request Chain 137

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=9171928932307377304&Expiration=1678338188 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9171928932307377304&Expiration=1678338188

Request Chain 140

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9171928932307377304&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9171928932307377304&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=f5167809aaa64e32b27cc45b194441c6 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=ac0b0703ec7ecd36780cb8ee479f413e55c5effdde107418a7eaedf283ea2d70

Request Chain 142

https://ups.analytics.yahoo.com/ups/55944/sync?uid=9171928932307377304&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=9171928932307377304&_origin=1&verify=true

Request Chain 144

https://x.bidswitch.net/sync?dsp_id=70&user_id=9171928932307377304 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=9171928932307377304 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9ec3d49-26c8-4b10-8b63-7ae46e1eeac9

Request Chain 145

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9171928932307377304&expiration=1678338188 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9171928932307377304&expiration=1678338188&C=1

Request Chain 146

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9171928932307377304&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9171928932307377304&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=9171928932307377304&gdpr=&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=c79c63f6-f38d-4900-8b52-bdf3e81fd97b&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=9214681321497529657&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QTdGRDdCQTJDMDQ5NThCNg&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKzY7n_QHkyxcXoyvwPcxmQ&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKzY7n_QHkyxcXoyvwPcxmQ&sInitiator=internal&google_cver=1&gdpr= HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7203212436661008539&sInitiator=internal&gdpr=

Request Chain 148

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9171928932307377304 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9171928932307377304&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 153

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 154

https://pixel.onaudience.com/?mapped=9171928932307377304&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=72b05945977c5c66/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2fbbda35f671c3fa69baf86c7effc959&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 155

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=9171928932307377304 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120230223051661c25e38131790002&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=807988d6e1bf74aa0aa2a0f4f0d97ac3 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120230223051661c25e38131790002&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=807988d6e1bf74aa0aa2a0f4f0d97ac3&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzAyMjMwNTE2NjFjMjVlMzgxMzE3OTAwMDI&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEGSPZzT0soGF0xu-8jtU3c8&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120230223051661c25e38131790002 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=843242660817194576

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTE3MTkyODkzMjMwNzM3NzMwNA HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECjmRGkFiwzk4AOYKZVKT50&google_cver=1&google_ula=1641347,0

Request Chain 158

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=9214681321497529657&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=843242660817194576

Request Chain 162

https://a.audrte.com/a?adform_uid=9171928932307377304 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEHTPR9YfnJxzZdH8vS9_Z4k&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 163

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9171928932307377304&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9171928932307377304&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=90440740891662290960699931582106828541&noredirect=1

Request Chain 164

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9171928932307377304 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217083104436000209089

Request Chain 165

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7203212436661008539

Request Chain 167

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=c79c63f6-f38d-4900-8b52-bdf3e81fd97b

Request Chain 168

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=4S5jaHJQ1Pv3L65

Request Chain 172

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2180097278 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=OpwxAzAPsUUbxVP3FJYbbe

Request Chain 176

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=9171928932307377304&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=9171928932307377304&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=fda7a462-79b5-4b0d-9018-48d8295c67be

186 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.adesa.com/assurance/
Redirect Chain

https://adesaassurance.com/
https://www.adesa.com/assurance/

58 KB
15 KB

699ms
244ms

Document
text/html

35.239.148.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.239.148.240 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.148.239.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: f07e3b8caf1f17324feec6caaa907f49dbcacae1877c7024cf674a5338a5f382

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 Feb 2023 05:03:05 GMT
link: <https://www.adesa.com/wp-json/>; rel="https://api.w.org/" <https://www.adesa.com/wp-json/wp/v2/pages/7183>; rel="alternate"; type="application/json" <https://www.adesa.com/?p=7183>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine
x-tec-api-origin: https://www.adesa.com
x-tec-api-root: https://www.adesa.com/wp-json/tribe/events/v1/
x-tec-api-version: v1

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 79dd69b9bb549a2d-FRA
date: Thu, 23 Feb 2023 05:03:05 GMT
expires: Thu, 23 Feb 2023 06:03:05 GMT
location: https://www.adesa.com/assurance/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkXI9K311OJmfu%2B%2Bx3ee7jF4IlUWfVw6sW1w7B0i0h%2FmDMnfD%2F%2Bqvmn7NlGkE1cwGMn0LEzbEVW34ONMp7VjtX0fihdmwVTrzPMnU1NYLc0V6ctijxjdjw3a0z1Ydc%2F2rJ6Hz%2Fn5jjnH%2FHvg%2Ff7UvRM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 swv8edr.css
use.typekit.net/ 3 KB
985 B 333ms
162ms Stylesheet
text/css 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/swv8edr.css

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fe59e9a251206ee2659dab00e672a296f44adacd560171762b56c6dcc077c34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 23 Feb 2023 05:03:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 753

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 84ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfafb9f99179d8ed2225e21357e27db0ed8031308326bc0ff5030f9206ea3617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 05:03:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 05:03:06 GMT

GET
H2

200

embed.js Show response
sidebar.bugherd.com/
Redirect Chain

https://www.bugherd.com/sidebarv2.js?apikey=bjqnbbhsrfbzhorsn2iixa
https://sidebar.bugherd.com/embed.js?apikey=bjqnbbhsrfbzhorsn2iixa

15 KB
6 KB

124ms
22ms

Script
text/javascript

2600:9000:2156:1800:9:2c88:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/embed.js?apikey=bjqnbbhsrfbzhorsn2iixa

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Server

2600:9000:2156:1800:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

f654733e1f094337eefe936df934292f14cb84c93324f62bada50de82acfdcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:57:59 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 vegur, 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 308
x-cache: Hit from cloudfront
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection: 1; mode=block
x-request-id: 4861814d-8d4d-4a6d-ad8b-c3dbedeb48c0
x-runtime: 0.003441
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
etag: W/"82cde966d9ead0f63c944f6e8d89bd6f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: http://sidebar.bugherd.com
cache-control: max-age=600, public, min-age=0
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary: Accept-Encoding
x-amz-cf-id: eYRyxAZ7ji8_8JCHQHbXYNuQlyZNMpC2al3DzFFUjN35eg_eMkpo7g==

Redirect headers

Date: Thu, 23 Feb 2023 05:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=0; includeSubDomains
Via: 1.1 vegur
X-Permitted-Cross-Domain-Policies: none
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Connection: close
X-Xss-Protection: 1; mode=block
X-Request-Id: c2145402-2d73-423f-a783-eb7ef0da3341
X-Runtime: 0.006091
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Location: https://sidebar.bugherd.com/embed.js?apikey=bjqnbbhsrfbzhorsn2iixa
Cache-Control: no-cache

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 98ms
33ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css?ver=5.1.3

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 73769
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4534-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClIA5lsGMndV%2FHObSDp71cHjNZjoLBPSIF9cFMF82pOjuQiHb6V5bFNu9H0DHzl%2BSHeC39PoABIoq4zM%2F0wcgdjwUbfqPR3yk9QE2z8ylNicWFyIpTSowigAeW%2B6LMjh7yoe7mZ017As2c%2Bx5%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79dd69bf3f9b9c12-FRA

GET
H2 200 common-skeleton.min.css
karadesa.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 26 KB
5 KB 101ms
36ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.0
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3699e9a8168525eb97795c72bb6315a198b4b18d9c914cc9f3a17fb2c79d1615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Mar 2022 18:05:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3579699
etag: W/"621fb201-677c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrlkYYyS5t8tYYdUWbr4OuqHPw1kxrEpJsLwIX%2BYz7F0e5VI6Xsv7wpMgbGDqSAywZW5JuDPbyG9U7Ai6Krq8sowrkfb3tKSz0M%2BXR%2Fn2O75tccF4pxgu6Yp2HUXWsnjAYPyDgBHFw6wAmoh4PE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3aa692b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tooltip.min.css
karadesa.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
1 KB 100ms
35ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.0
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Mar 2022 18:05:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1622010
etag: W/"621fb201-662"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aoZ01wIU1xSLeGbjEC3AMS%2BIs6uSj7xNhjPK4B4Uv7FTWj1XQR9RPEQ5k9tgZVNVZLSQbvKC%2FyQnys4gLMZyQu6gtf%2BkfWthc61DMcihgXc%2BAPTW23pz6l3m61m33Kb1tPP1mNCBHocFl4%2BIa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3aa792b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 94ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css?ver=3.3.7

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1082
age: 1654374
cdn-cachedat: 01/05/2023 13:19:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2e7346347d2f53808b52f81ada2ede1b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 79dd69bf3f7b5c74-FRA
cdn-requestpullsuccess: True

GET
H2 200 magnific-popup.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/css/ 7 KB
2 KB 529ms
465ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/css/magnific-popup.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 24 Jun 2021 14:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60d491fe-1b27"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzzQhVHH%2FEVw2RrwafA%2Fr%2B%2B0xN2ik9oQPiOlZbS61idoVfSXOm5psz8hu%2BEGwdI7k%2FDFSyXE8xfHmwT8o84XhCjQjKS8d9cYJeo2alke1l7HUjRGPjSxRtoWrxSx55RLBmQ%2BAI8rJNjvxeSCWGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3aa992b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-landing.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 32 KB
7 KB 523ms
459ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/style-landing.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04358a74cab1a97e5d65af3873264951ab36bd6d19fb85c3146fc0e24206db64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 18:06:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63e141c0-819f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRt0g%2BZ6u%2BASaCq6TOyApS%2BsP0jS08aWAY%2FMJPYo3trFJTqb67PDSe6q60f%2BT9RAH%2F1MSSiVbygnl%2BGwKg7GmgZ29NgHcxwkbUB%2BJZJVfnLhzR5XJloBgGtTy%2B%2BG3fQ4rsYeBsogeFgVgwkEGh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3aaa92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles-landing-simulcast.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 18 KB
4 KB 530ms
466ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/styles-landing-simulcast.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85f60a2ebb2b58cd80676a54bca75edc09c78fc9b624b15f69a533b18f4bf160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 29 Oct 2021 13:33:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"617bf80c-4675"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVqCF620cZPGID5eGf3%2BQJL4md1NuWwyms9lrKYLkNv1C5STuMdm75hzIv%2BHJYO25h2s8%2F50L3MWO4opxvRCt61mMok4sf2dHb%2FLZW2qwBeTzww8BFRk33nTbkpX6rA%2F0YxNvYJ4dzhq5HFJzbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3aab92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-specialty.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 38 KB
6 KB 533ms
470ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/style-specialty.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e95129805f4b51a676aef6b86af4a94a572b99e51b4c6a01851c19e81a89f4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 16:39:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62263525-973f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XECXNY6hu12XT2pXBdEztsd9iR0rsHtoMdAyY6%2BmV%2BSmzUFrSjwvD9A3HUuq7nKBWrvEB7fD2K4GJWJdhGFhhALW70%2BEBtsJhdc0IfA8eiYNTb4RQJBCJL0wqCiBqenUnMY3koHinUTHlRpAqpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3aad92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-race-year.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 15 KB
3 KB 549ms
485ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/style-race-year.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691a8cdeedc099d295941fe8f3139f15a3cfbc3e6a1c4ef3499c64ea4fd997ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Oct 2021 10:50:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61729772-3b55"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm1E%2F71Tvh%2F%2Bg0HjWEXeCv%2FIvJ5c11yS1fjLke7QPzhBIxLBun%2FimykgBzGG%2Bw4AIDisZ5k3GhuY%2B24udzzZ%2FNDz0L3fiL0vFyKiCW9ca0ipyUZ0ho0aWGp%2B36wM3ZiJWg%2Bbwndnp7KNBXv8HWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf5acb92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-collision.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 14 KB
3 KB 545ms
481ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/style-collision.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8ef0acc12d8e368a81245f34492c583be385ac959b9cafeab265248e2c3d306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Nov 2021 14:09:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61965e96-367b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy3ow3rXrzNfxJg4A3tqvezYoAX0uwvtpVxHBQ9eHZdl8Abxd7cxaYDUcFaodCsnPKvkhbWClvrbPD1tGe4vxedxNuietOjSVcPKOOmy9A7Xg0la0b7BG%2F1VhVM5%2Fn%2F8zdCOISFkNVje4LIXqy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf5aca92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles-cab2022.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 21 KB
4 KB 542ms
479ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/styles-cab2022.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53597f12b58d2705e2b81df3cfc6e7fcd98f0638d339bc400d0b077569f3586f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Apr 2022 13:30:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62557f02-55f3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWnu2%2BBV0QuJj9TXv5ziiD3Fp9yKF6Gts%2B%2BhOmcyzIgugI5bIIGTip6ty8Ugxbmwvu9iCQ0T3fKddPB6O44CLlK3gphOUpu%2Fb2luI5Hddwaq4ZNrF3zU7Ih33doonatTVdrDxj%2FQuvdYsq%2Fv%2Ffo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf5ac992b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles-daily-simulcast.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 12 KB
3 KB 543ms
480ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/styles-daily-simulcast.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cb249cfb695c8bb5847efbca4c1d5bbb6700c32b2c1505e56961725888a27ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Dec 2022 03:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63900a70-31c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F1CfWZTsI4dHwMktEAPwS6YxbckyWae0UJmtuTJhbAi3zxCwqV3FfzgEW98Gh%2BTHTC9S5vzkGGrq60%2FW5oiBDQKPEqUEedQ4QxiuHHRVm%2F4dvlhaZA3AXnsLHCBJgQ3YjMPvjLJydGlQhP8Fsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf5ac892b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles-kar-id-faq.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 10 KB
2 KB 526ms
463ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/styles-kar-id-faq.css?time=1677128569&ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1253bf6ac23911b4d171baa86a7b89d9ae36db99a47b1bcb58edade80f7cc4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Oct 2022 18:02:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"634852c1-2772"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKfHp2k2VWfmI8QtkY4uVitiJ3Sw2uFU9gL6eD1u%2FzEK2vlXbOk%2FmMoiud5fcrV2QCyrgaDAvt88T%2B8k7IQAGhbTNRKIA5wMsw%2BALHp7HKud7BFs5oflZigBcRO2LqNQcxgwPeCQapTwL6hPt10%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3aaf92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-storage-landing.css
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/ 31 KB
5 KB 101ms
38ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/style-storage-landing.css?ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119943e039d1fa66e79802cefaff7b3d13264438d293688e99d70c29eddc483e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 19:58:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3242988
etag: W/"6351a84f-7dd0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMOO1ZVp%2FBrhFn1e5M%2FCmQ9logrXRFn83XBXgbbm8pUapgjQ6c1s3ygwNrRc6XiXith%2BUhyCp5dCXzZy03TbQRrpYlC9xxZ4fAdwCYE75yJHIix8PU%2FrZbaUne5hwLR2B%2FjoGv%2BaD8J30zeG6Ns%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf3ab192b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 12697f09bf.js Show response
use.fontawesome.com/ 9 KB
4 KB 278ms
232ms Script
text/javascript 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/12697f09bf.js?time=1677128569&ver=4.7.0
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 223267d6035906e9d2528497e2fdffb0086461f9315c21b70b3b07d5b19101c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 30 Jun 2021 16:51:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: W495YCTBPFJ8X68G
etag: W/"9bf7a32c25b9df9e2f2fac0990287266"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOskCtuKHz0x2Nypv9ZmL99hkAwbvQ8xyQG4GlPWDa6p%2F48047uJyeVEtvtkHDVX9WDfqIGATds7sKEKq7i6MVRTavc32bKUWyr5DUoNgWIvOecBqWrbziZZ6W7HfXOb27ntZGq30btQJWSkp1DTkghU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 79dd69bf1d6fbb9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qGUScAyhmCAM/OCDWvOp0I1ssRt005S7yJwyRy3/4ZnKi3CDWRGBnCsefDXMoREp8VaT3NgKmc8=

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
2 KB 91ms
28ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js?time=1677128569&ver=1.2.3

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30567
x-jsd-version: 2.2.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA, cache-yyz4550-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FXrZBeVqrN2ny9991lz23V4W6QSBPE9YqGs7f3Ez%2B5si1opBSEGD1vQqI0gp1S4nIikF5kdJgzzqTvfr81K0C5mBpdOPwPJlBxqmGKLRDVnD0kYifeiutatosgh%2BbmgW3s6TM%2BnoDdqD1LsXO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 79dd69bf3f9d9c12-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
12 KB 77ms
29ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Referer: https://www.adesa.com/
Origin: https://www.adesa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CMAKRMHGK3V5WCRT
age: 899165
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 60sUrBJ2xc7Nsm0itqiJPLI1hrBinqUfAACzEGkSgJqYT92A/OTsHisaZcIXrYiF4l4sfcgq8gM=
last-modified: Wed, 30 Jun 2021 15:44:12 GMT
server: cloudflare
etag: W/"b8085bf2c839791244bd95f56fb93c01"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcLfblXeM3aHR7URNNecOUMQ7JGuGEFEqFYfSs%2BZ2K7JlfPz%2Fz9zxic6k3C3gyz8cnz%2B%2Fbi79ZNNuGNO74P3xvWyUHLKZ6zzFkeHmq%2BXbqQ9FyxM2umuyOUwsiI%2B9WOe%2Frd4JqjiqcEuGwLsAgRfadTv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79dd69bf19e2bb4a-FRA

GET
H2 200 style.css
karadesa.wpenginepowered.com/_tmp/css/ 70 KB
13 KB 110ms
48ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/_tmp/css/style.css?v=88.0.80
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9169767f79e6a45da832e69d7f562e654f427d17e59d40f38255ce0169029a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Feb 2023 18:04:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 120239
etag: W/"63e14147-116d8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBXlr3a92G1%2B0LLboHrw1bde0MjqvHj7TM7KiaiqgDK4yBD5DYSV0Tizg97dg71nalQ0dYss%2Bv%2FKe0r8Yeh5vjYL%2BUwxAToGtwM9%2BtSKLAuCjOO%2FCzS887aMnIi%2B%2FmNAlVbcFCawHielSxFKhqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69bf5ac792b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
851 B 87ms
37ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 04:29:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 05:03:06 GMT

GET
H2 404 ol-nw-ui-wc-common-widgets.js
openauction.prod.nw.adesa.com/static-components/ol-nw-ui-wc-common-widgets/latest/ol-nw-ui-wc-common-widgets/ 0
0 536ms
367ms Script
application/json 18.66.97.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://openauction.prod.nw.adesa.com/static-components/ol-nw-ui-wc-common-widgets/latest/ol-nw-ui-wc-common-widgets/ol-nw-ui-wc-common-widgets.js
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-75.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-trace-id: Root=1-63f6f38a-3c82e6d93f572c770e02ba10
x-amzn-requestid: 66f8729f-87db-4123-8a86-2705a80ce48a
x-cache: Error from cloudfront
content-type: application/json
x-amz-apigw-id: Axr9rEttiYcFl6A=
content-length: 0
x-nw-mdc-id: E15A4CE7-ECFB-440A-94C7-E24EAE989BBB
x-amz-cf-id: eJQ4IUAEbeLIIz1ogsRM6XZi5dGttFBXaEe8oZI4Tqsc2rwRCApLTA==

GET
H/1.1

200

five9-social-widget.min.js Show response
app.five9.com/five9_clients/consoles_latest/SocialWidget/
Redirect Chain

https://app.five9.com/consoles/SocialWidget/five9-social-widget.min.js
https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.min.js

65 KB
65 KB

126ms
126ms

Script
application/javascript

198.105.202.32
FIVE9

General

Check archive.org

Show headers Download Go to

Full URL

https://app.five9.com/five9_clients/consoles_latest/SocialWidget/five9-social-widget.min.js

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

HTTP/1.1

Server

198.105.202.32 , United States, ASN36776 (FIVE9, US),

Reverse DNS

app.atl.five9.com

Software

Resource Hash

670404f84e671d78774bc80586a00e58f0d3b925500838acba608273efa85e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 05:03:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Oct 2022 16:08:15 GMT
ETag: W/"66205-1666800495000"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 66205
X-XSS-Protection: 1

Redirect headers

Location: /five9_clients/consoles_latest/SocialWidget/five9-social-widget.min.js
Date: Thu, 23 Feb 2023 05:03:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1
Content-Type: text/html

GET
H2 200 ADESA_AssuranceUpdatedLogo_0222.png
karadesa.wpenginepowered.com/wp-content/uploads/2022/02/ 5 KB
5 KB 464ms
458ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://karadesa.wpenginepowered.com/wp-content/uploads/2022/02/ADESA_AssuranceUpdatedLogo_0222.png
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fa2979a20f7c35a86b198fdf7ad5ebec76995fe4328f81cb9d9e1cc8d92e550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Feb 2022 21:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62018c7f-1329"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPVgml%2BRuCCxUYJ4HKwc%2Bb1XiTmMvv7YkgkqBlOwqQUgZlvNgUC6n9uooofLpec%2BOWABiM3QvL7Sy6QzmJ6VIx0%2BDtu27vV9Or4PCv5GPYwRDUpLYq69qH30ghTTznk%2BAXCwbGKb%2FfamwjjveCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79dd69c48fcc92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4905

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 76ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.adesa.com/
Origin: https://www.adesa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1677128586.dop216.fr8.t,1677128586.cds291.fr8.hn,1677128586.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 lottie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lottie-web/5.8.1/ 265 KB
56 KB 87ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.8.1/lottie.min.js

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c2c26190e5e8fa09172b34612ad0bece7c93e0727b18f3d3b3f283f598e963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1903878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56900
last-modified: Tue, 09 Nov 2021 12:32:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "618a6a76-de44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKIavvscrJSDxmwPaN%2B%2BwW7UnXmfvuuJfv2RVBcIyoFfkZ8wu9%2F4dfuIES2CIT4cAS3oG8IMOm5U2qcDfkYSdV0bjf9%2BS5Pfyz%2BjjB4AibpQW4Kki6WWYxU0NTQm3pUiVWtUToK4x6%2ByqwSSkETYQgN%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79dd69c38b613a6d-FRA
expires: Tue, 13 Feb 2024 05:03:06 GMT

GET
H2 200 ADESA_Horz_White.svg
karadesa.wpengine.com/wp-content/uploads/sites/3/2019/01/ 4 KB
2 KB 633ms
247ms Image
image/svg+xml 35.239.148.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://karadesa.wpengine.com/wp-content/uploads/sites/3/2019/01/ADESA_Horz_White.svg
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.239.148.240 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.148.239.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a33826a01f36276404801e090ce16ef6e55dca72f83b9951db5bc54548ae7bea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
last-modified: Thu, 24 Jun 2021 14:08:58 GMT
server: nginx
etag: W/"60d491fa-114e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 97ms
34ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ewgd1d1Vp0nFNYpIMiFTtA==
age: 25718
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8460
x-ms-lease-status: unlocked
last-modified: Tue, 21 Feb 2023 03:49:36 GMT
server: cloudflare
etag: 0x8DB13BEA6D1E9D8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 13c93836-b01e-000b-616a-46c092000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79dd69c44f199142-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 101ms
33ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ab60df6b60e2d9c6eb41d43c3c97b97419384c2fde934bf655e73e59ca237b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16998
x-xss-protection: 0
server: cafe
etag: 6765087244414729774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 05:03:07 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 38ms
28ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js?ver=5.1.3

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 73769
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230075-FRA, cache-yyz4546-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt60UdUyN38wM6coMusOxUtrx23xlX9MCOkZUPTZ1cB4vHPh8oeDzlbIPYCkxAn%2FUzHEHYp%2FGLhVIN4dezBmTDpwdNBLDcQF8GJ9X9%2FJR%2BuChxby4AuMGPo5AdftWDr8MPylIuAm0TiEXoNEAY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79dd69c48d359c12-FRA

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 109ms
46ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js?time=1677128569&ver=3.4.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15851"
vary: Accept-Encoding
x-hw: 1677128587.dop129.fr8.t,1677128587.cds250.fr8.hn,1677128587.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 127ms
65ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js?time=1677128569&ver=1.12.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-3dee4"
vary: Accept-Encoding
x-hw: 1677128587.dop129.fr8.t,1677128587.cds250.fr8.hn,1677128587.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 jquery.touchSwipe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.4/ 10 KB
3 KB 36ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.4/jquery.touchSwipe.min.js?time=1677128569&ver=1.6.4

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f1fd15468d0c38328697d2c9972b88377ba881d458e32bb58d71b5f8a9ea183

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1906722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3187
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-2985"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJGmx3%2BGpKOSGZYmWLCxapiCBlFfngcOW7V%2BjuvGkwJRTk%2F0hl1Q3%2Fb9dOQh%2BZ4LU4MRKJz2HVbOPEGz7pr16RqEKJ91Z2HMeZ1C%2FyUpQlj4V%2BYe5Lz%2FQ04Hui5IpwF0tmGmOhl0%2FYUEYZZVVhS%2F073%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79dd69c48c383a6d-FRA
expires: Tue, 13 Feb 2024 05:03:06 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 54ms
46ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js?time=1677128569&ver=3.3.7

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1053
cdn-cachedat: 11/15/2022 10:30:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c47ba4de45206b524d7dd5be14653a0f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 79dd69c48c195c74-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.magnific-popup.min.js Show response
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/js/ 20 KB
8 KB 40ms
32ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/js/jquery.magnific-popup.min.js?ver=1.2.3
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Jun 2021 14:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2642045
etag: W/"60d491fe-4ef8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7m1Sz3Gwzc11M0vb9SMl1NzIe2hsG7FgZJz0kKzD8vYc7mETe98mhJV8gzpDBwAkT2bfQ%2FSfEJ1MasAsWfFOjodI0Y5UT%2FmSPOmlFw6DKNEYaIIpSQfXxAv1tLbKhKAi0MDspCkBkMYaJ6VoSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69c48fc192b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sorttable.js Show response
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/js/ 16 KB
5 KB 36ms
28ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/js/sorttable.js?ver=1.2.3
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: adbe57d1ec007b4d30ec076309b537931c9411b26f60aab81f9210c4a2fe67b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Oct 2021 13:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3237976
etag: W/"617bf06d-41ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVC3%2B7%2BNQG%2Ff9p45yTORrNRxZomY%2FRPRhzdVJuwS3kVWebkMWrzkIYsEVmWIpKN1XDm%2FMmueSkHECCc0Igk5qMUTta%2BN%2FR5l%2FpIPP8RO7RmhkM2BNQM%2BO7hC2vFjg11iJLn%2Bok396pfYrmTatB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69c48fc492b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 general.js Show response
karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/js/ 16 KB
4 KB 470ms
463ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/wp-content/themes/adesatheme/assets/js/general.js?time=1677128569&ver=1.2.3
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e9fd081ba6292897f9ec2dd97fe9a260854dcc69cfa46fc242db5f27338d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Oct 2022 19:14:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6356e3fe-4158"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuYlISZKOufOMXYxz8%2By%2FyAHiRoz25paEgrYbVD27moVtrpRkxuwTE5T54%2BS52xwgXC34BWKmRmnNPaD%2BcfeU7kt4qIfmmM8tB1MdOrVdn5mFvRC5vFY9Iy9F1iiETuDwuc4GhY5xD784dvEYO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69c48fc792b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.js Show response
karadesa.wpenginepowered.com/_tmp/js/ 90 KB
26 KB 41ms
34ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://karadesa.wpenginepowered.com/_tmp/js/app.js
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: db61b459336cdb08df868984d7fc33a0caf60a7061e8e688b28ed4974154e531

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Jun 2021 14:09:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2642045
etag: W/"60d49202-16980"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt7jccnGXVHX5XjGEnwgBeTIenrd7EJmxj%2FL4M%2Frf%2Fq6pRVvwmDyWhlTiNRKPQrKSLwflvMyrf7oBbDfsZbWdJJA3U96lp1EJHOn1U9J1KuLI5EWFZexh8AojS74hiG0dAKmbFKxSFJFsR61QUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79dd69c48fca92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 130ms
20ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=swv8edr&ht=tk&f=10879.10884.15586.32874&a=86774085&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/swv8edr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 23 Feb 2023 05:03:06 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 wp-emoji-release.min.js Show response
www.adesa.com/wp-includes/js/ 18 KB
5 KB 132ms
126ms Script
application/javascript 35.239.148.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adesa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.239.148.240 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.148.239.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/assurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: nginx
etag: W/"62551487-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 12697f09bf.css
use.fontawesome.com/ 1 KB
780 B 25ms
24ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/12697f09bf.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/12697f09bf.js?time=1677128569&ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5a877227c8ded0ce60e254114b549245adb42c7965b0084d2b1fce5d2a34b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5CS5SX68F3QSSDHY
age: 3370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DK/KY/8ayE0+VrvY14/UjXifKmWNMLTDfnS6fUgODaCfGaCc4flSI5OEUbpdKIL+gTg4gjMeBZg=
last-modified: Wed, 30 Jun 2021 16:51:22 GMT
server: cloudflare
etag: W/"1faae71aeea41f0516aff95986316bb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZAmZoDPhbNatbW%2BPLjUEk%2BL9nOHll2CQm8rMHY1v5RQfMW1caGLltwsAklzw9KyUsBkq%2Fm88Mjh%2FIi%2Byh%2FuQ8Cb3c827rfw0zJLbR1C1pGfuTMwQYG1P%2FFMCJpWcITJSOv4%2F%2FbJTWavoGbcTeweJtKO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 79dd69c2487fbb9d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
82 KB 162ms
69ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJSQCFZ

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff6bec21fa2e300c6b4fb65f089eef17b0267333303ad5c4711a9a447d7a4b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83763
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Feb 2023 05:03:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 87ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Feb 2023 05:03:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gayf/anvuJXQLFmDX9P1miknCaPseAl26QunvlhVTYjH+MdQkTIAVvfmEfMfZQMjFOMiT68BgXtYBRSld7KT6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 137ms
20ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=29201
accept-ranges: bytes
content-length: 4777

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 78 KB
30 KB 205ms
33ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
server: nginx
x-amz-request-id: tx00000ea5be29143837370-006385e0d3-32941e2b-default
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 29ms
28ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/12697f09bf.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/12697f09bf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6GFEKMY757AZVMJR
age: 2477382
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: a1rJqww5kk6lKRIdMoYuvo+3HD7E3szcwTrKVVU4ncyVGl1400tEbljwaRkXSznguGC14aUQGXY=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIfKb4YZ6xZKpD3u79QcJZ5j8Xnr3vPxMD3sqMb0v4iz8E0buXrvRxz6tKLbqSRLpilz0YR6KpNmUHh2u0bZUtRF7nNEwy3rbh23YxVf1uvqfj7Zr69tH%2FU%2FOM4rDRpHgQX6niLrwfdYSqAvrxSqy0ua"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79dd69c278f29b95-FRA

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 30ms
29ms Font
application/font-woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/12697f09bf.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/12697f09bf.css
Origin: https://www.adesa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R1S6D6Z4BEAMQS46
age: 1861927
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-amz-id-2: Hwq151Ko0bkoy/Nl6kcfHAxkkGpnYqWItM9IQDkgNLmggs9er9rAoyJCf5NtUQa3a80M4jmuelc=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vc1cnUHsfzEABuPweEtbonm153jcegCZusLVnailzbcGIZE2lgGvkKbNTUmseK2EDY%2B%2BfoS35eiwCuqDC%2FiLnFnTEsg%2FTMomLsYjeQ3sY6hzomeJRGhjeVOvlgNmUjBjK0TYI%2BS7ay4iFwBpGhAgf%2BI%2F"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 79dd69c2ce76bb4a-FRA

GET
H2 200 8ajN0JDkG6g Show response
www.youtube.com/embed/ Frame F420 68 KB
29 KB 142ms
83ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/8ajN0JDkG6g

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf37ce6d5cca7702aa2be4693b43a143b3b0eee0db19bf9e4536373682b24353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adesa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 05:03:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 77 KB
78 KB 34ms
31ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Origin: https://www.adesa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BTFH3C10SJMYZ0V1
age: 687485
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79072
x-amz-id-2: d7sLxreIZBpxz+ukc1Y5aAUiZ2py9gaVRrcoynJT+t31H/jDdbsngS4rsc2U6z1nYTT5TaBD/ho=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: "59ea9019c9b9bc4d83ab9783e830735c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr%2BKrv2TCUudN%2F5esulUHiV5pUxdU8dgcXnwzoOfRR4mqbTRy3KWypcXhjr2mFFSSGv6tI4O1%2BOYweWo5mMO%2BNcUuAPaldZeK2JfF7%2Fff5OM6zFcdw%2FZjwqxb%2FiHZowDLJBbV51%2FLDyElufAmpquwUZU"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 79dd69c489fc90a2-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 75ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.adesa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:04:54 GMT
x-content-type-options: nosniff
age: 507493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:04:54 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 91ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.adesa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 16:00:09 GMT
x-content-type-options: nosniff
age: 565378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:00:09 GMT

GET
DATA 200
OK truncated
/ 231 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 89d5753a-2771-414a-bee5-f9c3b5ce6723.json Show response
cdn.cookielaw.org/consent/89d5753a-2771-414a-bee5-f9c3b5ce6723/ 3 KB
2 KB 71ms
30ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89d5753a-2771-414a-bee5-f9c3b5ce6723/89d5753a-2771-414a-bee5-f9c3b5ce6723.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ff33b31153d0f4f612b69f809362eeff9f8115bf022420f3506b6de95f417d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pULv48iVjcGhv2HU1lPS+Q==
age: 56489
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1433
x-ms-lease-status: unlocked
last-modified: Thu, 16 Feb 2023 16:55:06 GMT
server: cloudflare
etag: 0x8DB103E8E389713
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 98cb9bda-a01e-009c-0a27-42a35b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79dd69c50b4a9b5e-FRA
expires: Fri, 24 Feb 2023 05:03:07 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/adesa/public-us/prod/ 21 KB
7 KB 417ms
322ms Script
application/x-javascript 23.62.220.254
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/adesa/public-us/prod/utag.js
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.220.254 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-254.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0da47a00752fa39852e6890de40cbec5191eb8d3a0feca346436b3e9a7a2303c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 19:51:39 GMT
server: AkamaiNetStorage
etag: "0bfdef0b03962abda3f4b724e83b6da1:1610481099.303907"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 7329
expires: Thu, 23 Feb 2023 05:08:07 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 72 KB
73 KB 33ms
32ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Origin: https://www.adesa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HWK46N3M9G4MWY9X
age: 1569746
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73936
x-amz-id-2: OxXcRCKhb3Ufb685+B5pfyj1ewrui4AQxo770yU21peYoX/7KOOIyi6kPZ3fo8z9V2JcFgiYYG8=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: "f80b8a05dd76fdb40e630f1e90b1303d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MP3%2FD8fSkA2KruxZMjNmo2QEXkyC35jdljteNXjcj4sSAc1jwiGRi3PrDifJpBYnWe1xLU4P%2BjZOwJM2IObGM26D4m7agTZEWCExhTS5jS0EXYm%2Bey9IaIbAIPjdnua9KF8LVa8pi5I8FrUD6n5fbBQJ"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 79dd69c4ca3490a2-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1037106659/ 2 KB
1 KB 95ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1037106659/?random=1677128587060&cv=9&fst=1677128587060&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8652c9059f56ff6fb80b7dc8a9127065c860f14d81f1bf5957ca50523fb75051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 934
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 927682401943894 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/927682401943894?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

265daa6e99ebcd217c09fde5386c7e33b9a26c2ca7050b4e5fd7207b21b89aaf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Feb 2023 05:03:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ELtz8sAi6d5mH+S8y4BVOYPvoeOmkuV+Rh1tRw7seBh09KEX6ahAzbj3LBpALdqkMuFKip/+8LQVZtY9eO7k9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 395 KB
94 KB 30ms
28ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 38907
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 03:33:27 GMT
server: cloudflare
etag: 0x8DB0E3C3C205B1E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b1163b84-801e-0080-72c2-407b4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79dd69c5581d9142-FRA

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3006250/domain/adesa.com/ 36 B
369 B 281ms
178ms XHR
application/json 2600:9000:2204:5e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3006250/domain/adesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:5e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.adesa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: sp0pwMY-llQbmh_h--UN8nuM_-dL3LBpVDJ5XoEuEEpbJ6EM2RvPlw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3006250%26time%3D1677128587097%26url%3Dhttps%253A%252F%252Fwww.adesa.com%252Fassu...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&liSync=true&e_ipv6=AQItv7iDcLJxbwAAAYZ8p1n4JUvp_omTS1HlDWaRY8QG632ouFZB...

0
264 B

295ms
192ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&liSync=true&e_ipv6=AQItv7iDcLJxbwAAAYZ8p1n4JUvp_omTS1HlDWaRY8QG632ouFZB1JxTpwWC1avX4lJA5nZDxLxn
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4EE8F2FD045540E8AA674AF011D83F14 Ref B: FRAEDGE1812 Ref C: 2023-02-23T05:03:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1Vu2729E6kDEjEMO5lA==

Redirect headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9337EFE117FF4CD595468D2EBBB9B669 Ref B: FRAEDGE1312 Ref C: 2023-02-23T05:03:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3006250&time=1677128587097&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&liSync=true&e_ipv6=AQItv7iDcLJxbwAAAYZ8p1n4JUvp_omTS1HlDWaRY8QG632ouFZB1JxTpwWC1avX4lJA5nZDxLxn
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1Vu23Wh7Bp1Mdknqc2w==

GET
H2 200 www-player.css
www.youtube.com/s/player/11e3a4ec/ Frame F420 396 KB
51 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8440f93ed627785a58ee317f66bd4b18f396950ef01b0b39cde0e9d06da682bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 01:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52107
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 01:08:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F420 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:18:07 GMT
x-content-type-options: nosniff
age: 117900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 20:18:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F420 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:54:53 GMT
x-content-type-options: nosniff
age: 587294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 09:54:53 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/ Frame F420 345 KB
108 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1689ed1edf0cfc921cffd974de2ca2f00120ec12ec5fff99b6dbc23226ce8729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 04:56:02 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/ Frame F420 2 MB
604 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5175ed720ff08bcbc6d3616a69607b6f163dccfcc64b9b323e27576d22bfc5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617787
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Feb 2024 23:06:29 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/ Frame F420 9 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:38:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 04:38:05 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/89d5753a-2771-414a-bee5-f9c3b5ce6723/412b87c9-f433-4ad0-98db-dbcb3d3afedf/ 50 KB
12 KB 34ms
30ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89d5753a-2771-414a-bee5-f9c3b5ce6723/412b87c9-f433-4ad0-98db-dbcb3d3afedf/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e11045fe988ae66677a78464adaa68f12cd13ed8f365cd0a1415119b4c0c6c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZBmuVZhjdnxvEHOomRIHvg==
age: 56489
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11992
x-ms-lease-status: unlocked
last-modified: Thu, 16 Feb 2023 16:55:08 GMT
server: cloudflare
etag: 0x8DB103E8F5180F9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 45459476-c01e-00a5-2a27-42e3ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79dd69c62c909b5e-FRA
expires: Fri, 24 Feb 2023 05:03:07 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1037106659/ 42 B
455 B 80ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1037106659/?random=1677128587060&cv=9&fst=1677128400000&num=1&guid=ON&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&fmt=3&is_vtc=1&random=3213911784&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1037106659/ 42 B
455 B 86ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1037106659/?random=1677128587060&cv=9&fst=1677128400000&num=1&guid=ON&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&fmt=3&is_vtc=1&random=3213911784&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJSQCFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 04:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2897
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 23 Feb 2023 06:14:50 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/657496956/ 2 KB
1 KB 38ms
37ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/657496956/?random=1677128587240&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&value=0&bttype=purchase&auid=296444191.1677128587&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJSQCFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

75c17b4c96dc10bf200c0b7a8f83a698d7b43f33ea950935eea7de11d24006c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1223
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2317712&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=677290038793&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassu...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=677290038793&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2...

865 B
1 KB

102ms
102ms

Script
text/javascript

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=677290038793&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1fdd49e8c88338dfc0dff89b16051f3fb8db3bcfde6cd9b1491aa7e5aefd9ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 691
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=677290038793&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2317712&ADFdivider=%7C&ord=408050763541&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFdivider=%7C&ord=408050763541&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

841 B
1 KB

104ms
103ms

Script
text/javascript

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFdivider=%7C&ord=408050763541&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

15e8766a927c8b27fe3067bc8a08187bcf01f52c3607053ca9c7533154b27128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 682
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2317712&ADFdivider=%7C&ord=408050763541&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 76ms
22ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=927682401943894&ev=PageView&dl=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&rl=&if=false&ts=1677128587262&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677128587261.201089358&it=1677128587071&coo=false&tm=1&rqm=GET

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Feb 2023 05:03:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2905642,3006250/domain/adesa.com/ 36 B
367 B 181ms
180ms XHR
application/json 2600:9000:2204:5e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2905642,3006250/domain/adesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:5e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.adesa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Qmaw_pwOukzr7Y8c3aSWTHMwaF5b1THRuY-Th2w_mvrdnSaK1kfedw==

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F420
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
29ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c6f921e60fc74c83051a35650b9a7d1f8442edc2896e840b13fbc7758872595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F420 29 B
496 B 70ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:53:33 GMT
x-content-type-options: nosniff
age: 574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Feb 2023 05:08:33 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 13 KB
3 KB 31ms
31ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
age: 56489
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7b69140d-e01e-00d4-019a-4691c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79dd69c6fd649b5e-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 63 KB
12 KB 33ms
32ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330a318c75af1ffc7ede4e88f68c4db19c25ae234cd4932ee8b5223876f16149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JmuoduxOSfKPqsYZz+y+OA==
age: 56489
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12592
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 03:33:22 GMT
server: cloudflare
etag: 0x8DB0E3C3968042A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 071259c8-a01e-0110-3f27-42a855000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79dd69c70d679b5e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 30ms
29ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 56489
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 03:33:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cc0933b4-301e-0178-4b27-42f604000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79dd69c70d6b9b5e-FRA

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 77ms
28ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Feb 2023 05:03:07 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F420 65 KB
30 KB 35ms
34ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0480993b5e0d45968ddb7c50a15cef7d9c01946bd21841014a7c660a97957e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30511
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/ Frame F420 116 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0fe4b03d0ff54b97be2aedb22a607a1e87074efe40610bd9ac1b83d3311ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:13:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36403
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Feb 2024 23:13:37 GMT

GET
H2 200 mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js Show response
www.google.com/js/th/ Frame F420 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14113
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 00:51:43 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/ Frame F420 26 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cf93d31055045003243da9aa5815ef47e0d77b05edeb05384ae8266ca6e9b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 566206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8409
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Feb 2024 15:46:21 GMT

GET
DATA 200
OK truncated
/ Frame F420 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 _hQIHKnxJZ5JT7Tn7P0hxIXM2gTUd1RUbBdeHVp-NKf6xgQ3TI6k_sHlFeyNZqkU3OUEgQsKWg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F420 1 KB
2 KB 90ms
37ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/_hQIHKnxJZ5JT7Tn7P0hxIXM2gTUd1RUbBdeHVp-NKf6xgQ3TI6k_sHlFeyNZqkU3OUEgQsKWg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

058537efc9d7ccefdc760f4dc3195693ed89df2b598c72acfe4e2c20a93fcffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 22 Feb 2023 16:08:49 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/8ajN0JDkG6g/ Frame F420 19 KB
19 KB 117ms
65ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/8ajN0JDkG6g/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e69ee6ff0673adcf762194691c8a119370f8b1c25462d3c3bc0a6282dc880b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19172
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 07:03:07 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/657496956/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2w...
https://www.google.com/pagead/1p-conversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadser...

42 B
108 B

38ms
37ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&value=0&auid=296444191.1677128587&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVVBXzl1dUxyeUMxNXR1TTladkhKRFY0S2N3NzM3alY3MHBRSWFWLUZLU25RbU9admdyGldDaEFJZ0pmWG53WVF2NWV4NEpQM2c1ZC1FaTBBU05rZEV2TDhja05vbG9RX1QwX2pmNDlpVU1VS1FOR1hsODV1TUtWQ1QxSWYteTFoay1ZZU1Pd1lGaFU&is_vtc=1&ocp_id=i_P2Y-rdD4ak1wbQ-b3wDg&cid=CAQSKQDUE5ymyUR7SpR3ClQ1hQjnLLPw37syj9CvJfWIGpFFZEu0t1l_VCHA&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dDrN--MN2i0C6_BfC0pQ_uHM9p4QLsnSrQ&random=427705105&ipr=y&prhg=0

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/657496956/?random=123373501&cv=11&fst=1677128587240&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=2605COK5oPoBEPy2wrkC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&tiba=ADESA%20-%20Assurance&value=0&auid=296444191.1677128587&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVVBXzl1dUxyeUMxNXR1TTladkhKRFY0S2N3NzM3alY3MHBRSWFWLUZLU25RbU9admdyGldDaEFJZ0pmWG53WVF2NWV4NEpQM2c1ZC1FaTBBU05rZEV2TDhja05vbG9RX1QwX2pmNDlpVU1VS1FOR1hsODV1TUtWQ1QxSWYteTFoay1ZZU1Pd1lGaFU&is_vtc=1&ocp_id=i_P2Y-rdD4ak1wbQ-b3wDg&cid=CAQSKQDUE5ymyUR7SpR3ClQ1hQjnLLPw37syj9CvJfWIGpFFZEu0t1l_VCHA&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dDrN--MN2i0C6_BfC0pQ_uHM9p4QLsnSrQ&random=427705105&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 29ms
29ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=433533016&t=pageview&_s=1&dl=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&ul=en-us&de=UTF-8&dt=ADESA%20-%20Assurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1737229209&gjid=1378506840&cid=249428425.1677128587&tid=UA-60950144-19&_gid=1022956516.1677128587&_r=1&_slc=1&gtm=45He32f0n81TJSQCFZ&cd1=0&z=950838465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.adesa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.adesa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
243 B 34ms
33ms Script
application/x-javascript 23.62.220.254
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=adesa/public-us/202101121951&cb=1677128587495
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/adesa/public-us/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.220.254 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-254.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 22
expires: Thu, 23 Feb 2023 05:13:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 91ms
27ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-60950144-19&cid=249428425.1677128587&jid=1737229209&gjid=1378506840&_gid=1022956516.1677128587&_u=YGBACEAABAAAACAAI~&z=1093700587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.adesa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.adesa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 472 KB
167 KB 118ms
41ms Script
text/javascript 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d7eb8efb334aaf42bec84a1419d1caca914dbc325901d0ac7f27c07de6a7f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1677049898
age: 1775
x-guploader-uploadid: ADPycdvvQ20KqCezRNoiNBbA-qj6p1HY3gbHJwtP5l7xh5y3Q8fLphtDdYaVUmstSWkC63lVsyiOO0yvAgIKUPCuFm6w7wPz-n1v
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 22 Feb 2023 07:12:30 GMT
server: cloudflare
etag: W/"8eeb8c3fc8763fad353d78e3bcc0c0c7"
vary: Accept-Encoding
x-goog-generation: 1677049950674695
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uT4sOg==, md5=juuMP8h2P601PXjjvMDAxw==
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 483159
cf-ray: 79dd69c87a31916b-FRA
expires: Fri, 23 Feb 2024 04:33:32 GMT

GET
H2 200 embed_html Show response
sidebar.bugherd.com/sidebar/ Frame 70A0 11 KB
3 KB 407ms
406ms Document
text/html 2600:9000:2156:1800:9:2c88:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/sidebar/embed_html?apikey=bjqnbbhsrfbzhorsn2iixa

Requested by

Host: www.bugherd.com
URL: https://www.bugherd.com/sidebarv2.js?apikey=bjqnbbhsrfbzhorsn2iixa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1800:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

8195cb6a309cf43ef91746133be7c96eb8482fac15873d040dbce44b4618cf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.adesa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: http://sidebar.bugherd.com
access-control-max-age: 1728000
access-control-request-method: *
cache-control: max-age=600, public, min-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 23 Feb 2023 05:03:07 GMT
etag: W/"cdec962dc9280a8f173fb40f127a86cf"
p3p: CP="NOI ADM DEV COM NAV OUR STP"
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur, 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: VLP_68D_dc6NjJInxN2ELF_wLmw4t6ZWTiBpSHgfiILg0VuG3ASwSw==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: cc3a5519-d547-497b-8c66-0112b8cb17f8
x-runtime: 0.003175
x-xss-protection: 1; mode=block

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 31ms
31ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 77848
x-ms-lease-status: unlocked
last-modified: Tue, 21 Feb 2023 03:49:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e2dce332-b01e-0022-2d6a-46b6d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79dd69c81a8e9142-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 29ms
29ms Fetch
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 80458
x-ms-lease-status: unlocked
last-modified: Tue, 21 Feb 2023 03:49:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 497926a2-d01e-00b1-012f-46209b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79dd69c82e939b5e-FRA

GET
H2 200 ADESANorthAmerica_Horz.png
cdn.cookielaw.org/logos/220aba37-6609-45b9-bb38-d90c71628891/89d5753a-2771-414a-bee5-f9c3b5ce6723/ 4 KB
4 KB 34ms
33ms Image
application/octet-stream 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/220aba37-6609-45b9-bb38-d90c71628891/89d5753a-2771-414a-bee5-f9c3b5ce6723/ADESANorthAmerica_Horz.png

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0187b8d6535403c2d4d62c85bbcd151d868e8dc480d11c5e6f2a2324d3d6cb96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AJOIH39V1dZPwvAPmAfEvg==
age: 56397
content-length: 4277
x-ms-lease-status: unlocked
last-modified: Tue, 28 Apr 2020 18:32:41 GMT
server: cloudflare
etag: 0x8D7EBA2895E9C12
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: b340aa52-f01e-0043-1133-5af20f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79dd69c84ac29142-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 13621
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a336c405-201e-004a-2ef4-46e881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79dd69c84ac59142-FRA

GET
H2 200 AssuranceAnimation3.json Show response
www.adesa.com/wp-content/themes/adesatheme/ 211 KB
211 KB 253ms
252ms XHR
application/octet-stream 35.239.148.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adesa.com/wp-content/themes/adesatheme/AssuranceAnimation3.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.8.1/lottie.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.239.148.240 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.148.239.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d5134d399318f501b09e8e16d3ac859286785751a4ff681a6f75ae30af525601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/assurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-cache-group: normal
last-modified: Fri, 11 Feb 2022 18:32:48 GMT
server: nginx
x-cacheable: SHORT
etag: "6206abd0-34a1e"
vary: Accept-Encoding,Cookie
x-cache: HIT: 1
content-type: application/octet-stream
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
content-length: 215582

GET
H2 200 AssuranceAnimation3.json Show response
www.adesa.com/wp-content/themes/adesatheme/ 211 KB
211 KB 376ms
376ms XHR
application/octet-stream 35.239.148.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adesa.com/wp-content/themes/adesatheme/AssuranceAnimation3.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.8.1/lottie.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.239.148.240 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.148.239.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d5134d399318f501b09e8e16d3ac859286785751a4ff681a6f75ae30af525601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/assurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-cache-group: normal
last-modified: Fri, 11 Feb 2022 18:32:48 GMT
server: nginx
x-cacheable: SHORT
etag: "6206abd0-34a1e"
vary: Accept-Encoding,Cookie
x-cache: HIT: 2
content-type: application/octet-stream
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
content-length: 215582

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F420 90 B
134 B 32ms
31ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

971fd9633aa4129eb69f7d85ab0ca9e80def28ff769aad595cc87710390252bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Feb 2023 05:03:07 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F420 28 B
54 B 38ms
37ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Goog-Request-Time: 1677128587653
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/8ajN0JDkG6g
X-YouTube-Client-Version: 1.20230215.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtydnRIUXloVVBIcyiL59ufBg%3D%3D
X-YouTube-Ad-Signals: dt=1677128587227&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C660%2C360&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 23 Feb 2023 05:03:07 GMT

GET
H3 200 8ajN0JDkG6g Show response
www.youtube.com/embed/ Frame F420 68 KB
27 KB 66ms
65ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJSQCFZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b929ac82d117526d3823054479cf101a3b92ded6db80f7c39f1e84e63eeb7bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adesa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 05:03:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe_api Show response
www.youtube.com/ 992 B
516 B 40ms
40ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJSQCFZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 23 Feb 2023 05:03:07 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 34ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-60950144-19&cid=249428425.1677128587&jid=1737229209&_u=YGBACEAABAAAACAAI~&z=1957655059

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-60950144-19&cid=249428425.1677128587&jid=1737229209&_u=YGBACEAABAAAACAAI~&z=1957655059

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generate_204
www.youtube.com/ Frame F420 0
0

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F420 0
0

POST atr
www.youtube.com/api/stats/ Frame F420 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame F420 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/11e3a4ec/ Frame F420 396 KB
51 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8440f93ed627785a58ee317f66bd4b18f396950ef01b0b39cde0e9d06da682bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 01:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52107
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 01:08:26 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/ Frame F420 345 KB
108 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1689ed1edf0cfc921cffd974de2ca2f00120ec12ec5fff99b6dbc23226ce8729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 04:56:02 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/ Frame F420 2 MB
603 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5175ed720ff08bcbc6d3616a69607b6f163dccfcc64b9b323e27576d22bfc5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617787
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Feb 2024 23:06:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/ Frame F420 9 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:38:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 04:38:05 GMT

GET
H2 404 config.json Show response
cdn.acsbapp.com/cache/app/adesa.com/ 127 B
497 B 213ms
134ms Fetch
application/xml 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/adesa.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-guploader-uploadid: ADPycdtY2aG93WJRkjU8HLm9PVbWRfLJ6MIYQ2wJ6mStaih9fYqKeva7Str99DORRkEgFWvE6fkH-yB_Jj2YrGu4r4K6DA
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *, Cache-Control, Content-Length, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
cf-ray: 79dd69ca6f963609-FRA
expires: Thu, 23 Feb 2023 05:03:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F420 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:18:07 GMT
x-content-type-options: nosniff
age: 117900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 20:18:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F420 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:54:53 GMT
x-content-type-options: nosniff
age: 587294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 09:54:53 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 1DB2 0
48 B 26ms
20ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.adesa.com
Referer: https://www.adesa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.adesa.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 05:03:07 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 4972 5 KB
2 KB 165ms
34ms Document
text/html 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2317712&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=677290038793&ADFtpmode=2&loc=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

631e2f731975981998eb3637fe2dc82f83fa73907f82dbefc4751045f1ff42d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.adesa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Feb 2023 05:03:08 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
344 B 192ms
34ms Image
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=9171928932307377304&stamp=eGVBF3uD5_8DvP-67D9Y4w2

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 05:03:08 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
342 B 191ms
34ms Image
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=843242660817194576&stamp=W_Z7F4Xk2pwDvP-67D9Y4w2

Requested by

Host: www.adesa.com
URL: https://www.adesa.com/assurance/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 05:03:08 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/ 183 KB
61 KB 67ms
63ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62469
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 04:03:07 GMT

GET
H2 200 bh_logo_short-1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23.png
sidebar.bugherd.com/assets/ Frame 70A0 2 KB
3 KB 522ms
522ms Image
image/png 2600:9000:2156:1800:9:2c88:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sidebar.bugherd.com/assets/bh_logo_short-1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23.png

Requested by

Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/sidebar/embed_html?apikey=bjqnbbhsrfbzhorsn2iixa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1800:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sidebar.bugherd.com/sidebar/embed_html?apikey=bjqnbbhsrfbzhorsn2iixa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
via: 1.1 vegur, 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=0; includeSubDomains
last-modified: Thu, 04 Aug 2022 06:57:53 GMT
server: Cowboy
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
content-length: 2267
x-amz-cf-id: ScoHf2e20oH4-1xeLUilka8sWQbauUmDZ_okfP80yAklR294PJ4GSg==

GET
H2 200 embed.js Show response
sidebar.bugherd.com/ Frame 70A0 15 KB
6 KB 21ms
21ms Script
text/javascript 2600:9000:2156:1800:9:2c88:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/embed.js?apikey=bjqnbbhsrfbzhorsn2iixa

Requested by

Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/sidebar/embed_html?apikey=bjqnbbhsrfbzhorsn2iixa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1800:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

f654733e1f094337eefe936df934292f14cb84c93324f62bada50de82acfdcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sidebar.bugherd.com/sidebar/embed_html?apikey=bjqnbbhsrfbzhorsn2iixa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:57:59 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 vegur, 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 308
x-cache: Hit from cloudfront
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection: 1; mode=block
x-request-id: 4861814d-8d4d-4a6d-ad8b-c3dbedeb48c0
x-runtime: 0.003441
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
etag: W/"82cde966d9ead0f63c944f6e8d89bd6f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: http://sidebar.bugherd.com
cache-control: max-age=600, public, min-age=0
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary: Accept-Encoding
x-amz-cf-id: bzag2YeUYUiHVbZNDr6Nuhpl_NbCGLXow4yuKiex4W2gWY05NfyHtA==

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame F420 113 B
159 B 28ms
27ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98f563af074d77bcc90d7c4429c05d6124cbe793445f4b2d79a499309d0b7965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F420 29 B
94 B 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 04:53:33 GMT
x-content-type-options: nosniff
age: 575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Feb 2023 05:08:33 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Feb 2023 05:03:08 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F420 65 KB
30 KB 38ms
38ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1582b9bad0db80519dda974e475d6c0c1890f6ed47ae857558430051ac4c93ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30837
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/ Frame F420 116 KB
36 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0fe4b03d0ff54b97be2aedb22a607a1e87074efe40610bd9ac1b83d3311ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:13:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36403
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Feb 2024 23:13:37 GMT

GET
H3 200 mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js Show response
www.google.com/js/th/ Frame F420 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14113
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 00:51:43 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/ Frame F420 26 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cf93d31055045003243da9aa5815ef47e0d77b05edeb05384ae8266ca6e9b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 566207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8409
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Feb 2024 15:46:21 GMT

GET
DATA 200
OK truncated
/ Frame F420 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 _hQIHKnxJZ5JT7Tn7P0hxIXM2gTUd1RUbBdeHVp-NKf6xgQ3TI6k_sHlFeyNZqkU3OUEgQsKWg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F420 1 KB
1 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/_hQIHKnxJZ5JT7Tn7P0hxIXM2gTUd1RUbBdeHVp-NKf6xgQ3TI6k_sHlFeyNZqkU3OUEgQsKWg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

058537efc9d7ccefdc760f4dc3195693ed89df2b598c72acfe4e2c20a93fcffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 22 Feb 2023 16:08:49 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/8ajN0JDkG6g/ Frame F420 19 KB
19 KB 22ms
22ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/8ajN0JDkG6g/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e69ee6ff0673adcf762194691c8a119370f8b1c25462d3c3bc0a6282dc880b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19172
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 07:03:07 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 4972 0
261 B 35ms
35ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4972
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=9171928932307377304&Expiration=1678338188
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9171928932307377304&Expiration=1678338188

43 B
424 B

45ms
44ms

Image
image/gif

34.250.208.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9171928932307377304&Expiration=1678338188
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Server: 34.250.208.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-208-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 05:03:08 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9171928932307377304&Expiration=1678338188
date: Thu, 23 Feb 2023 05:03:08 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 4972 0
525 B 172ms
51ms Image
text/plain 104.96.129.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=9171928932307377304

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.129.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-129-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 05:03:08 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 22 Feb 2023 05:03:08 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 4972 0
214 B 148ms
22ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 4972
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9171928932307377304&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9171928932307377304&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=f5167809aaa64e32b...
https://c1.adform.net/serving/cookie/match?party=9&uid=ac0b0703ec7ecd36780cb8ee479f413e55c5effdde107418a7eaedf283ea2d70

35 B
467 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=ac0b0703ec7ecd36780cb8ee479f413e55c5effdde107418a7eaedf283ea2d70

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=ac0b0703ec7ecd36780cb8ee479f413e55c5effdde107418a7eaedf283ea2d70
date: Thu, 23 Feb 2023 05:03:08 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4972 43 B
163 B 138ms
30ms Image
image/gif 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=9171928932307377304&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:07 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 4972
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=9171928932307377304&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=9171928932307377304&_origin=1&verify=true

0
121 B

23ms
23ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=9171928932307377304&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=9171928932307377304&_origin=1&verify=true
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 4972 43 B
684 B 330ms
52ms Image
image/gif 2.18.79.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 05:03:08 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1677128588376011-592
Expires: Thu, 23 Feb 2023 05:03:08 GMT

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 4972
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=9171928932307377304
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=9171928932307377304
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9ec3d49-26c8-4b10-8b63-7ae46e1eeac9

0
99 B

371ms
26ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9ec3d49-26c8-4b10-8b63-7ae46e1eeac9
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25513

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9ec3d49-26c8-4b10-8b63-7ae46e1eeac9
date: Thu, 23 Feb 2023 05:03:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4972
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9171928932307377304&expiration=1678338188
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9171928932307377304&expiration=1678338188&C=1

43 B
766 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9171928932307377304&expiration=1678338188&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 05:03:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 05:03:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=9171928932307377304&expiration=1678338188&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

647471
se.semasio.net/sync/1/ Frame 4972
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9171928932307377304&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9171928932307377304&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=9171928932307377304&gdpr=&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
https://se.semasio.net/sync/1/14876172?sExtCookieId=c79c63f6-f38d-4900-8b52-bdf3e81fd97b&sInitiator=internal&gdpr=&gdpr_consent=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=9214681321497529657&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QTdGRDdCQTJDMDQ5NThCNg&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKzY7n_QHkyxcXoyvwPcxmQ&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKzY7n_QHkyxcXoyvwPcxmQ&sInitiator=internal&google_cver=1&gdpr=
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7203212436661008539&sInitiator=internal&gdpr=

0
415 B

37ms
37ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/647471?sExtCookieId=7203212436661008539&sInitiator=internal&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Server: 77.243.60.138 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:10 GMT
uip-status: Ok
frontend-id: 04
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location: https://se.semasio.net/sync/1/647471?sExtCookieId=7203212436661008539&sInitiator=internal&gdpr=
Date: Thu, 23 Feb 2023 05:03:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 4972 0
344 B 124ms
28ms Image
text/plain 3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=9171928932307377304&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 05:03:08 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 4972
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9171928932307377304
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9171928932307377304&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
345 B

224ms
48ms

Image
image/gif

2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-nzt: AcO1rgVpAy3/XukFAA
x-accel-expires: @1677777966
date: Thu, 23 Feb 2023 05:03:08 GMT
x-77-pop: frankfurtDE
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 25b02131ca0563ed8cf3f6637a71022e
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-77-cache: HIT
x-age: 387422
accept-ranges: bytes
content-length: 43

Redirect headers

date: Thu, 23 Feb 2023 05:03:08 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 4972 0
98 B 138ms
33ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9171928932307377304/gdpr=/ Frame 4972 49 B
265 B 149ms
43ms Image
image/gif 54.229.20.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9171928932307377304/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.20.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-20-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.55
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 4972 62 B
227 B 290ms
200ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 23 Feb 2023 05:03:08 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 4972 43 B
273 B 113ms
31ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 4972
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

167ms
57ms

Image
image/gif

52.218.92.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Server: 52.218.92.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 05:03:09 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: H882CXF7R1SSV4ZQ
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: O1mObcEJy6XG7W15dwkXth7W0BwAv3I6NBlgkG2GrPpjsKvst5edTYzBFZgyHgcsw/HLtJpOEX4=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 23 Feb 2023 05:03:07 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 4972
Redirect Chain

https://pixel.onaudience.com/?mapped=9171928932307377304&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=72b05945977c5c66/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2fbbda35f671c3fa69baf86c7effc959&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
265 B

143ms
46ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 4972
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=9171928932307377304
https://tags.adsafety.net/v1/cm?cm_uid=CM120230223051661c25e38131790002&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=807988d6e1bf74aa0aa2a0f4f0d97ac3
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120230223051661c25e38131790002&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=807988d6e1bf74aa0aa2a0f4f0d97ac3&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzAyMjMwNTE2NjFjMjVlMzgxMzE3OTAwMDI&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEGSPZzT0soGF0xu-8jtU3c8&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120230223051661c25e38131790002
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=843242660817194576

43 B
2 KB

36ms
35ms

Image
image/gif

89.163.240.122
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=843242660817194576
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Server: 89.163.240.122 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm45.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 05:03:09 GMT
Last-Modified: Thu, 23 Feb 2023 05:03:09 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=843242660817194576
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 4972 0
338 B 186ms
44ms Image
text/plain 52.212.203.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.203.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-203-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Thu, 23 Feb 2023 05:03:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1677128588
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 4972
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTE3MTkyODkzMjMwNzM3NzMwNA
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECjmRGkFiwzk4AOYKZVKT50&google_cver=1&google_ula=1641347,0

35 B
467 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECjmRGkFiwzk4AOYKZVKT50&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECjmRGkFiwzk4AOYKZVKT50&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 4972
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=9214681321497529657&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=843242660817194576

43 B
1 KB

28ms
28ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=843242660817194576

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 05:03:08 GMT
AN-X-Request-Uuid: 7dd34907-ff1f-479f-b03a-82145a8237d4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=843242660817194576
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 4972 0
261 B 41ms
34ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4972 42 B
447 B 117ms
28ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 23 Feb 2023 05:03:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 4972 43 B
444 B 177ms
34ms Image
image/gif 13.32.110.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-41.vie50.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 01:22:48 GMT
Via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: VIE50-C2
Age: 13220
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: ET-G7AnrLtSieYIFhiARoO_XY79V93Wv3FXadBrllu0deaUAJMto4w==

GET
H/1.1

200

p
a.audrte.com/ Frame 4972
Redirect Chain

https://a.audrte.com/a?adform_uid=9171928932307377304
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEHTPR9YfnJxzZdH8vS9_Z4k&google_cver=1
https://a.audrte.com/p

68 B
424 B

112ms
112ms

Image
image/png

52.0.191.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: HTTP/1.1
Server: 52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-191-77.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 05:03:09 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 23 Feb 2023 05:03:09 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 4972
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9171928932307377304&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9171928932307377304&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=90440740891662290960699931582106828541&noredirect=1

35 B
467 B

35ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=90440740891662290960699931582106828541&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v046-0b57eb040.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ZfVlvF4STps=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=90440740891662290960699931582106828541&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 4972
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9171928932307377304
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217083104436000209089

35 B
467 B

81ms
33ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217083104436000209089

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217083104436000209089
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 4972
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7203212436661008539

35 B
467 B

77ms
35ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7203212436661008539

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7203212436661008539
Date: Thu, 23 Feb 2023 05:03:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 4972 62 B
438 B 162ms
162ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 23 Feb 2023 05:03:08 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 4972
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=c79c63f6-f38d-4900-8b52-bdf3e81fd97b

35 B
467 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=c79c63f6-f38d-4900-8b52-bdf3e81fd97b

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Thu, 23 Feb 2023 05:03:08 GMT
Server: MT3 475 4bd2ccd master zrh-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=c79c63f6-f38d-4900-8b52-bdf3e81fd97b
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 23 Feb 2023 05:03:07 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 4972
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=4S5jaHJQ1Pv3L65

35 B
467 B

34ms
33ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=4S5jaHJQ1Pv3L65

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 05:03:08 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=4S5jaHJQ1Pv3L65
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4972 70 B
264 B 47ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 05:03:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET image.sbmx
global.ib-ibi.com/ Frame 4972 0
0

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 4972 43 B
1 KB 81ms
20ms Image
image/gif 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=9171928932307377304

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 4972
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2180097278
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=OpwxAzAPsUUbxVP3FJYbbe

35 B
476 B

35ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=OpwxAzAPsUUbxVP3FJYbbe

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:09 GMT
via: 1.1 google
last-modified: Thu, 23 Feb 2023 05:03:09 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=OpwxAzAPsUUbxVP3FJYbbe
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 4972 23 B
172 B 868ms
46ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Thu, 23 Feb 2023 05:03:09 GMT
pragma: no-cache
date: Thu, 23 Feb 2023 05:03:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 4972 12 B
155 B 877ms
58ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:09 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H2 204 /
s.ad.smaato.net/c/ Frame 4972 0
241 B 827ms
27ms Image
text/plain 2600:9000:223f:d600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=9171928932307377304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:09 GMT
cache-control: no-cache, must-revalidate
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: FMao4lcH8cLyU8V_TQNl_PTOl6s4fQv1UZ6PIsAL8hkGaEDyzo9Szw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 4972
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=9171928932307377304&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=9171928932307377304&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=fda7a462-79b5-4b0d-9018-48d8295c67be

35 B
476 B

34ms
33ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=fda7a462-79b5-4b0d-9018-48d8295c67be

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 05:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Thu, 23 Feb 2023 05:03:09 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=fda7a462-79b5-4b0d-9018-48d8295c67be
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 9171928932307377304
match.contentexchange.me/adform/ Frame 4972 0
49 B 745ms
39ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/9171928932307377304?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:09 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 4972 37 B
140 B 619ms
22ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=9171928932307377304&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET put
e1.emxdgt.com/ Frame 4972 0
0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 4972 0
261 B 35ms
33ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=9171928932307377304&agencyId=7384&advertiserId=2090561&src=tp&rnd=474576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F420 90 B
134 B 32ms
31ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39b17fb27e083028d6969f887a62938b5190417c814ff4bd7c9ad86376153073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Feb 2023 05:03:08 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 152 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbb6037eb409967ff95e782503ddf3b000f74c59d804c2b216f089e43bd9bad7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F420 4 KB
2 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 05:03:08 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F420 0
11 B 30ms
29ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?C2qgOA
Requested by: Host: www.adesa.com
URL: https://www.adesa.com/assurance/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/110/ Frame F420 50 KB
15 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/110/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 16:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 23 Feb 2023 15:19:08 GMT

GET
H2 200 resources Show response
sidebar.bugherd.com/sidebar/ Frame 70A0 333 B
1 KB 399ms
399ms Fetch
application/json 2600:9000:2156:1800:9:2c88:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/sidebar/resources?apikey=bjqnbbhsrfbzhorsn2iixa

Requested by

Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/embed.js?apikey=bjqnbbhsrfbzhorsn2iixa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1800:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e41ee6dfe13f805bce6db65a638b26ceec416a8f71c7a5245093e05d75e1ad05

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sidebar.bugherd.com/sidebar/embed_html?apikey=bjqnbbhsrfbzhorsn2iixa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Feb 2023 05:03:08 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 vegur, 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection: 1; mode=block
x-request-id: 475692b0-d714-4028-90b7-6a7f9c6204fb
x-runtime: 0.008580
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
etag: W/"4b90be6504deff8bdb3a874dc9366969"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: http://sidebar.bugherd.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary: Accept-Encoding
x-amz-cf-id: JWJrvgF8IA8JytBZBWwtE7PjDq2R3s2GMfBz0gzGlLfzk09Fzrg4bg==

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F420 28 B
54 B 38ms
37ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Goog-Request-Time: 1677128590270
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/8ajN0JDkG6g?enablejsapi=1&origin=https%3A%2F%2Fwww.adesa.com
X-YouTube-Client-Version: 1.20230215.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtydnRIUXloVVBIcyiL59ufBg%3D%3D
X-YouTube-Ad-Signals: dt=1677128587892&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C660%2C360&vis=1&wgl=true&ca_type=image&bid=ANyPxKoGfxHW03KXPfJS-K7csggpl2ZhOr-Q5TtcL68LIDZanR63OCAILkfGhLButo5RE5wSIR1wUti0rI6qFMUhE7t_8QBmpA

Response headers

date: Thu, 23 Feb 2023 05:03:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 23 Feb 2023 05:03:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?BTZ6xQ

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=ekTXU4ZKU1xiStQR&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.adesa.com%2F&lact=419&cl=509820939&mos=0&volume=100&cbr=Chrome&cbrver=110.0.5481.100&c=WEB_EMBEDDED_PLAYER&cver=1.20230215.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=47&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24415864%2C24416291%2C24421758%2C24439360%2C24450367%2C24451032%2C24470718%2C24481213&muted=0&docid=8ajN0JDkG6g

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=9171928932307377304

Domain: e1.emxdgt.com
URL: https://e1.emxdgt.com/put?d=d52&uid=9171928932307377304

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1VbK6TostHA
.youtube.com/	1970-01-20 14:11:20	Name: VISITOR_INFO1_LIVE Value: rvtHQyhUPHs
.youtube.com/	1970-01-20 14:11:20	Name: DEVICE_INFO Value: ChxOekl3TXpJeE1qUXpNelV3Tnpnd05UQTFNZz09EIvn258GGIvn258G
.adesa.com/	1970-01-20 12:01:44	Name: _gcl_au Value: 1.1.296444191.1677128587
.adesa.com/	1970-01-20 12:01:44	Name: _fbp Value: fb.1.1677128587261.201089358
.linkedin.com/	1970-01-20 10:35:20	Name: UserMatchHistory Value: AQIvAi26RF54yAAAAYZ8p1ftVtgtfojXEyJtY99KlCwVUMNZFHbmD5dDqOp7GCkIY-TFO5OGZHcU5A
.linkedin.com/	1970-01-20 10:35:20	Name: AnalyticsSyncHistory Value: AQKwQIyl7xMWOQAAAYZ8p1ftQHmGNU1oeB4t6THqLDPh1BT248BDFHx-9QxD6R4ZLnw-zlEdzez9pFj5iybL0g
.linkedin.com/	1970-01-20 18:37:44	Name: bcookie Value: "v=2&2266c286-11af-4a50-8191-f74d365de14b"
.linkedin.com/	1970-01-20 09:53:34	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2848:u=1:x=1:i=1677128587:t=1677214987:v=2:sig=AQHtybrd10PR21EKbyAzY69ZlGiKlHE6"
.adesa.com/	1970-01-20 19:28:08	Name: _ga Value: GA1.2.249428425.1677128587
.adesa.com/	1970-01-20 09:53:34	Name: _gid Value: GA1.2.1022956516.1677128587
.adesa.com/	1970-01-20 09:52:08	Name: _gat_UA-60950144-19 Value: 1
.doubleclick.net/	1970-01-20 19:13:44	Name: IDE Value: AHWqTUkD26JfeycUrs-JO8WX6nCTOa8I4mzacqUNtKg6YwjomBJybkKzqwMoiVEO
www.adesa.com/	1970-01-20 09:53:34	Name: ln_or Value: eyIzMDA2MjUwIjoiZCIsIjI5MDU2NDIsMzAwNjI1MCI6ImQifQ%3D%3D
.adesa.com/	1970-01-20 18:37:44	Name: utag_main Value: v_id:01867ca758e40018a28559e22e2703074002006c00b08$_sn:1$_se:1$_ss:1$_st:1677130387493$ses_id:1677128587493%3Bexp-session$_pn:1%3Bexp-session
.adesa.com/	1970-01-20 18:37:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Feb+23+2023+05%3A03%3A07+GMT%2B0000+(GMT)&version=202301.1.0&isIABGlobal=false&hosts=&consentId=a6cb2907-8dca-49ea-9164-4552ec621243&interactionCount=0&landingPath=https%3A%2F%2Fwww.adesa.com%2Fassurance%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.adform.net/	1970-01-20 10:32:27	Name: C Value: 1
.www.linkedin.com/	1970-01-20 18:37:44	Name: bscookie Value: "v=1&20230223050307a59de55c-6c5d-41fd-8c72-cf64f729f6baAQHb3TV0p2SiQPhILZ2n4Ztd6Y5Kx9tm"
.linkedin.com/	1970-01-20 14:11:20	Name: li_gc Value: MTswOzE2NzcxMjg1ODc7MjswMjFI+FpeSkTjSydWyav+d+wJpHW+G75rKnys7hilDB4EhA==
.adform.net/	1970-01-20 09:53:34	Name: CM Value: 1\|1
.adform.net/	1970-01-20 11:18:32	Name: uid Value: 843242660817194576
.adform.net/	1970-01-20 10:12:18	Name: CM14 Value: 1677214988_1677128588_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 11:18:28	Name: uid Value: 843242660817194576
.casalemedia.com/	1970-01-20 18:37:44	Name: CMID Value: Y-bzjLILc7414eKkBN01BwAA
.casalemedia.com/	1970-01-20 12:01:44	Name: CMPS Value: 5167
.casalemedia.com/	1970-01-20 12:01:44	Name: CMPRO Value: 5167
.adscale.de/	1970-01-20 18:34:24	Name: uu Value: f5167809aaa64e32b27cc45b194441c6
.adscale.de/	1970-01-20 18:34:24	Name: cct Value: 1677128588225
.yahoo.com/	1970-01-20 18:38:06	Name: A3 Value: d=AQABBIzz9mMCEA_g9ZHS8eeySlWuGGCWj1kFEgEBAQFF-GMAZAAAAAAA_eMAAA&S=AQAAAj7NhkJS3WL5ecdHH1MZRls
.bidswitch.net/	1970-01-20 18:37:44	Name: tuuid Value: e9ec3d49-26c8-4b10-8b63-7ae46e1eeac9
.bidswitch.net/	1970-01-20 18:37:44	Name: c Value: 1677128588
.bidswitch.net/	1970-01-20 18:37:44	Name: tuuid_lu Value: 1677128588
.360yield.com/	1970-01-20 12:01:44	Name: tuuid Value: 6762abce-1560-49c1-8db8-818b6b76016c
.360yield.com/	1970-01-20 12:01:44	Name: tuuid_lu Value: 1677128588
.ih.adscale.de/	1970-01-20 18:34:24	Name: tu Value: 4#995587896#42~9171928932307377304~465869~0~0
.analytics.yahoo.com/	1970-01-20 18:37:44	Name: IDSYNC Value: 1760~2a5h
.semasio.net/	1970-01-20 18:37:44	Name: SEUNCY Value: A7FD7BA2C04958B6
.eyeota.net/	1970-01-20 09:52:09	Name: SERVERID Value: 20993~DM
.360yield.com/	1970-01-20 12:01:44	Name: um Value: !42,KYipou7X6qTEUP9tB60Hize5N4RNe-SqGsGIO3aQCr3Z,1678338188
.360yield.com/	1970-01-20 12:01:44	Name: umeh Value: !42,0,1739336588,-1
.ads.stickyadstv.com/	1970-01-20 11:18:32	Name: uid-bp-617 Value: 9171928932307377304
.ads.stickyadstv.com/	1970-01-20 10:35:20	Name: UID Value: a343e88935543bf3bee89874c05ca760
cm.adsafety.net/	1970-01-20 18:37:44	Name: UID Value: CM120230223051661c25e38131790002
.adsafety.net/	1970-01-20 18:37:44	Name: cm_uid Value: CM120230223051661c25e38131790002
.onaudience.com/	1970-01-20 18:37:44	Name: cookie Value: 72b05945977c5c66
.onaudience.com/	1970-01-20 09:53:34	Name: done_redirects104 Value: 1
.onaudience.com/	1970-01-20 09:53:34	Name: done_redirects161 Value: 1
.adnxs.com/	1970-01-20 12:01:44	Name: uuid2 Value: 9214681321497529657
.krxd.net/	1970-01-20 14:11:20	Name: _kuid_ Value: PZWg5ilR
.onaudience.com/	1970-01-20 09:53:34	Name: done_redirects147 Value: 1
.adnxs.com/	1970-01-20 12:01:44	Name: anj Value: dTM7k!M4/YErk#WF']wIg2C%um#Pa2!]tbPl1MO?+q([.UbUt]_(xr-VD2Z`Xy0psQ8j'V8lX(ZtD^F.!_6-zQEVk`!)*(pm$MIX
.pubmatic.com/	1970-01-20 10:35:20	Name: KRTBCOOKIE_391 Value: 22924-9171928932307377304&KRTB&23263-9171928932307377304
.pubmatic.com/	1970-01-20 10:35:20	Name: PugT Value: 1677128587
.mathtag.com/	1970-01-20 19:18:03	Name: uuid Value: c79c63f6-f38d-4900-8b52-bdf3e81fd97b
.agkn.com/	1970-01-20 18:37:44	Name: ab Value: 0001%3AOWJrYWhUeJCsLDaCJFtmUISJYQG6KkgS
.adfarm1.adition.com/	1970-01-20 12:01:44	Name: UserID1 Value: 7203212436661008539
.bugherd.com/	1970-01-20 14:12:46	Name: _bugherd_session5 Value: lcXTpQNmtYzbayBJwfLqKzxw5kZC3ZbYgr5%2F7J7TBfVJ8ej1x7uOC%2BAwa%2Fls89HFwwM%2FtbjOue65WQRhu6jq5By0vy72Ph8xj960GFAM45j9BnxjuYvh4cubFSoZ8pBPvAMinQav%2Fb%2FYLOMwPkKTcuhRk52xkMcDCdzR4DgUYwrr9iUd%2B7fvn8Ic7JUspNJjPM0MWP3R2dyJ--bZlcOJyH2CBL%2BRUp--8%2BVDDf519ExhTRTR%2B%2FtTpQ%3D%3D
tags.adsafety.net/	1970-01-20 18:37:44	Name: UID Value: 807988d6e1bf74aa0aa2a0f4f0d97ac3
tags.adsafety.net/	1970-01-20 18:37:44	Name: DID Value: 807988d6e1bf74aa0aa2a0f4f0d97ac3
tags.adsafety.net/	1970-01-20 18:37:44	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 18:37:44	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 10:35:20	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 18:37:44	Name: ct_uid Value: 807988d6e1bf74aa0aa2a0f4f0d97ac3
.adsafety.net/	1970-01-20 18:37:44	Name: ct_did Value: 807988d6e1bf74aa0aa2a0f4f0d97ac3
.adsafety.net/	1970-01-20 18:37:44	Name: ct_idt Value: 100
.demdex.net/	1970-01-20 14:11:20	Name: demdex Value: 90440740891662290960699931582106828541
.bluekai.com/	1970-01-20 14:12:46	Name: bku Value: aG/99/pp2ZwuXjX7
.bluekai.com/	1970-01-20 14:12:46	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEAhBpW81MQ81p/p1ezpBpzp1exe9JlLYe6=
cm.adsafety.net/	1970-01-20 18:37:44	Name: permanent Value: 1
.id5-sync.com/	1970-01-20 09:52:08	Name: cf Value:
.id5-sync.com/	1970-01-20 09:52:08	Name: cip Value:
.id5-sync.com/	1970-01-20 09:52:08	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:52:08	Name: car Value:
.id5-sync.com/	1970-01-20 09:52:08	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:52:08	Name: callback Value:
.dpm.demdex.net/	1970-01-20 14:11:20	Name: dpm Value: 90440740891662290960699931582106828541
.w55c.net/	1970-01-20 19:19:30	Name: wfivefivec Value: 4S5jaHJQ1Pv3L65
.w55c.net/	1970-01-20 10:35:20	Name: matchadform Value: 5
.audrte.com/	1970-01-20 10:13:44	Name: arcki2 Value: 42cZNjKRFDjQrmH6v0WAkNj7w!20220908!1677128589086!ip#217.114.218.27
.audrte.com/	1970-01-20 10:13:44	Name: arcki2_adform Value: 9171928932307377304!20220908!1677128589089
.audrte.com/	1970-01-20 10:13:44	Name: arcki2_ddp Value: CAESEHTPR9YfnJxzZdH8vS9_Z4k!20220908!1677128589267
ads.smartstream.tv/	1970-01-20 18:37:44	Name: DID Value: 807988d6e1bf74aa0aa2a0f4f0d97ac3
ads.smartstream.tv/	1970-01-20 18:37:44	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 18:37:44	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 10:35:20	Name: cm_uid Value: CM120230223051661c25e38131790002
.weborama.fr/	1970-01-20 19:18:03	Name: AFFICHE_W Value: Oc2rx29GwwU572
.tapad.com/	1970-01-20 11:18:32	Name: TapAd_TS Value: 1677128589729
.tapad.com/	1970-01-20 11:18:32	Name: TapAd_DID Value: fda7a462-79b5-4b0d-9018-48d8295c67be
.tapad.com/	1970-01-20 11:18:32	Name: TapAd_3WAY_SYNCS Value:
cm.adsafety.net/	1970-01-20 18:37:44	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNXZYOFVMS2lmUkhhQmQyTDYwaVBZb2tHS09tRzRQdmNiVDNxSTlOYVpKeURzSDNGT1VBOW55V0ZoUGhlVmhLdHFCUmFjVmVKYnhHNkluU0hSTzlxbloxWFYvbFJqNTA4VVVDcVViUXRQcjFzVDJXa0YvSlpWWURmenZUeTdVTUtxL0dYVDB0U0hkNTE0Z1lWdXRXdm5FYTdaU2c2eWlUSDdtSVB3NGx1ekR3TkpIaVpxb1VnSVYyUHljRzdPbk16Zk00QzRqejVuTytDRzNiaWtncTlabVgyM05kaDlqazlvM05UWW9mRkV2YVRBQ3pUdnFMeGlybVdkd0tWZmoyZ2FtT2NiUENyNUQ0MWQ2R3JLVkZVam0rZ2xVYllKeDJiVFJLN2tkQ21Tb0k5NUI3dXZJbUNqczVXYUUvOElwcEgrNURySHgvTnAwQUFOU3NKcmYzTmN0Y3lac1VkbXlrbUkvQkxybEdOaGR4M1VWN1NPT2VsM1RVVXJOVGtmNk1pQXpTUHJEUk9IM01XSjV4bjd1WEZTNUpvZlVFT0NHVnVBL1IwYkF1OW1kcitCaURCUDdwa0NyNDc3dnNSQzdEUTI3aThIdFVMYzhMQVVZOEVaRU1hNmx6ampjZklRWjlpS3RyTmh5a0lSVWhZK1lTZmF3RnVkM1RpK1hqNTRPVmQvbnhRcHlvQUZVUUdYMFcvMld4OU11S04xQTFMR2kzcXZzUjVYcTlzWkRmeXZoQWhTUEhvVGJsQmZIZ0RKeFVQTUtVWU5Tb1dNV3hlbzltSGhzeGxPemc5c2dpRVlsNmV5ekdSYVRCSzlzZkZ6am83UEFWT3I0Z3NOWHlQbUpJbFQrM0F6czNVWTNDdlBUYVM0N08vdHlmUmpTNEQ0OFFMazU1ZlRqM0d5RkgydDRYUHJXcVd1K0RsMktlSFZ0VFZqQzdpd2tzeUthakJlU3dwa2FnRFZrMm5INldEWlprK3N4dmg5M2w2N2dUaXBBcFVhREViVXhTY1AxTHVMNS8xNDB1R1BseTRNTEdLYUpsM2FjU3FpRll5N0ovRkRBQXRkRXIxUmdyODlkS1JSM1ZjZlhabFI1V0x5ZWlTblU1NHc9PQ%3D%3D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://openauction.prod.nw.adesa.com/static-components/ol-nw-ui-wc-common-widgets/latest/ol-nw-ui-wc-common-widgets/ol-nw-ui-wc-common-widgets.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.acsbapp.com/cache/app/adesa.com/config.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=9171928932307377304 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9171928932307377304/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=9171928932307377304 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
acsbapp.com
ad.360yield.com
ad.yieldlab.net
adesaassurance.com
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
app.five9.com
beacon.krxd.net
c1.adform.net
cdn.acsbapp.com
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
cm.adsafety.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
jnn-pa.googleapis.com
karadesa.wpengine.com
karadesa.wpenginepowered.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
maxcdn.bootstrapcdn.com
openauction.prod.nw.adesa.com
p.typekit.net
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
sidebar.bugherd.com
simage2.pubmatic.com
snap.licdn.com
static.doubleclick.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
tags.tiqcdn.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
use.fontawesome.com
use.typekit.net
www.adesa.com
www.bugherd.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
e1.emxdgt.com
global.ib-ibi.com
www.gstatic.com
www.youtube.com
104.111.217.42
104.96.129.75
13.107.42.14
13.248.245.213
13.32.110.41
139.162.141.41
141.193.213.11
141.226.228.48
141.94.171.215
142.250.186.66
142.251.39.66
15.197.193.217
162.19.138.120
18.156.0.31
18.185.232.77
18.196.192.213
18.205.222.128
18.66.97.75
185.167.164.43
185.64.189.110
185.80.39.216
185.86.138.151
185.89.211.116
185.89.211.132
198.105.202.32
2.18.79.139
2001:4de0:ac18::1:a:3b
23.62.220.254
2600:9000:2156:1800:9:2c88:9400:93a1
2600:9000:2204:5e00:2:53b2:240:93a1
2600:9000:223f:d600:1b:5138:8a40:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:b9b
2606:4700:3037::ac43:bd68
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700::6813:bc61
2606:4700:e2::ac40:840f
2620:1ec:21::14
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2016
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c0a::9a
2a00:1450:400d:80e::2008
2a02:26f0:11a::217:9a48
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:6ea0:c700::11
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.214.165
3.124.175.221
3.65.209.188
34.111.113.62
34.250.208.145
34.254.143.3
35.190.24.218
35.239.148.240
35.244.159.8
35.244.174.68
37.157.4.28
37.157.5.142
37.157.6.234
46.19.11.36
52.0.191.77
52.212.203.64
52.213.180.231
52.218.92.163
54.229.20.73
63.33.80.180
69.173.144.139
69.192.160.219
77.243.60.138
85.114.159.93
87.242.89.90
89.163.240.122
91.210.226.74
92.123.37.164
0187b8d6535403c2d4d62c85bbcd151d868e8dc480d11c5e6f2a2324d3d6cb96
04358a74cab1a97e5d65af3873264951ab36bd6d19fb85c3146fc0e24206db64
0480993b5e0d45968ddb7c50a15cef7d9c01946bd21841014a7c660a97957e89
04c2c26190e5e8fa09172b34612ad0bece7c93e0727b18f3d3b3f283f598e963
058537efc9d7ccefdc760f4dc3195693ed89df2b598c72acfe4e2c20a93fcffb
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
0da47a00752fa39852e6890de40cbec5191eb8d3a0feca346436b3e9a7a2303c
0fa2979a20f7c35a86b198fdf7ad5ebec76995fe4328f81cb9d9e1cc8d92e550
0ff33b31153d0f4f612b69f809362eeff9f8115bf022420f3506b6de95f417d1
119943e039d1fa66e79802cefaff7b3d13264438d293688e99d70c29eddc483e
1582b9bad0db80519dda974e475d6c0c1890f6ed47ae857558430051ac4c93ba
15e8766a927c8b27fe3067bc8a08187bcf01f52c3607053ca9c7533154b27128
1689ed1edf0cfc921cffd974de2ca2f00120ec12ec5fff99b6dbc23226ce8729
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1fdd49e8c88338dfc0dff89b16051f3fb8db3bcfde6cd9b1491aa7e5aefd9ce1
21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74
223267d6035906e9d2528497e2fdffb0086461f9315c21b70b3b07d5b19101c8
265daa6e99ebcd217c09fde5386c7e33b9a26c2ca7050b4e5fd7207b21b89aaf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c6f921e60fc74c83051a35650b9a7d1f8442edc2896e840b13fbc7758872595
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330a318c75af1ffc7ede4e88f68c4db19c25ae234cd4932ee8b5223876f16149
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
3699e9a8168525eb97795c72bb6315a198b4b18d9c914cc9f3a17fb2c79d1615
39b17fb27e083028d6969f887a62938b5190417c814ff4bd7c9ad86376153073
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f1fd15468d0c38328697d2c9972b88377ba881d458e32bb58d71b5f8a9ea183
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5175ed720ff08bcbc6d3616a69607b6f163dccfcc64b9b323e27576d22bfc5f7
53597f12b58d2705e2b81df3cfc6e7fcd98f0638d339bc400d0b077569f3586f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
57e69ee6ff0673adcf762194691c8a119370f8b1c25462d3c3bc0a6282dc880b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
631e2f731975981998eb3637fe2dc82f83fa73907f82dbefc4751045f1ff42d5
670404f84e671d78774bc80586a00e58f0d3b925500838acba608273efa85e58
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691a8cdeedc099d295941fe8f3139f15a3cfbc3e6a1c4ef3499c64ea4fd997ec
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
75c17b4c96dc10bf200c0b7a8f83a698d7b43f33ea950935eea7de11d24006c6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7cf93d31055045003243da9aa5815ef47e0d77b05edeb05384ae8266ca6e9b37
8195cb6a309cf43ef91746133be7c96eb8482fac15873d040dbce44b4618cf1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8440f93ed627785a58ee317f66bd4b18f396950ef01b0b39cde0e9d06da682bd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d7eb8efb334aaf42bec84a1419d1caca914dbc325901d0ac7f27c07de6a7f9
85f60a2ebb2b58cd80676a54bca75edc09c78fc9b624b15f69a533b18f4bf160
8652c9059f56ff6fb80b7dc8a9127065c860f14d81f1bf5957ca50523fb75051
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670
9169767f79e6a45da832e69d7f562e654f427d17e59d40f38255ce0169029a94
92e9fd081ba6292897f9ec2dd97fe9a260854dcc69cfa46fc242db5f27338d85
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
971fd9633aa4129eb69f7d85ab0ca9e80def28ff769aad595cc87710390252bd
98f563af074d77bcc90d7c4429c05d6124cbe793445f4b2d79a499309d0b7965
9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7
9cb249cfb695c8bb5847efbca4c1d5bbb6700c32b2c1505e56961725888a27ef
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a33826a01f36276404801e090ce16ef6e55dca72f83b9951db5bc54548ae7bea
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
ab60df6b60e2d9c6eb41d43c3c97b97419384c2fde934bf655e73e59ca237b41
adbe57d1ec007b4d30ec076309b537931c9411b26f60aab81f9210c4a2fe67b4
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1253bf6ac23911b4d171baa86a7b89d9ae36db99a47b1bcb58edade80f7cc4b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b929ac82d117526d3823054479cf101a3b92ded6db80f7c39f1e84e63eeb7bdc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
bfafb9f99179d8ed2225e21357e27db0ed8031308326bc0ff5030f9206ea3617
c5a877227c8ded0ce60e254114b549245adb42c7965b0084d2b1fce5d2a34b1a
c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6
cbb6037eb409967ff95e782503ddf3b000f74c59d804c2b216f089e43bd9bad7
cc0fe4b03d0ff54b97be2aedb22a607a1e87074efe40610bd9ac1b83d3311ce2
cf37ce6d5cca7702aa2be4693b43a143b3b0eee0db19bf9e4536373682b24353
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d5134d399318f501b09e8e16d3ac859286785751a4ff681a6f75ae30af525601
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8ef0acc12d8e368a81245f34492c583be385ac959b9cafeab265248e2c3d306
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
db61b459336cdb08df868984d7fc33a0caf60a7061e8e688b28ed4974154e531
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e11045fe988ae66677a78464adaa68f12cd13ed8f365cd0a1415119b4c0c6c40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41ee6dfe13f805bce6db65a638b26ceec416a8f71c7a5245093e05d75e1ad05
e95129805f4b51a676aef6b86af4a94a572b99e51b4c6a01851c19e81a89f4e3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07e3b8caf1f17324feec6caaa907f49dbcacae1877c7024cf674a5338a5f382
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f654733e1f094337eefe936df934292f14cb84c93324f62bada50de82acfdcbc
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe59e9a251206ee2659dab00e672a296f44adacd560171762b56c6dcc077c34e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff6bec21fa2e300c6b4fb65f089eef17b0267333303ad5c4711a9a447d7a4b2a

www.adesa.com Open in urlscan Pro 35.239.148.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

82 %HTTPS

38 %IPv6

76 Domains

95 Subdomains

70 IPs

12 Countries

3801 kBTransfer

11501 kBSize

90 Cookies

17 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.adesa.com Open in urlscan Pro
35.239.148.240 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

82 %
HTTPS

38 %
IPv6

76
Domains

95
Subdomains

70
IPs

12
Countries

3801 kB
Transfer

11501 kB
Size

90
Cookies

186 HTTP transactions
4 data transactions