www.auskunft.de Open in urlscan Pro
52.59.45.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://schrenkinteractive.com/
Effective URL:
https://www.auskunft.de/?rt=y&utm_source=zp
Submission: On February 11 via automatic, source certstream-suspicious (February 11th 2019, 12:06:09 am UTC)

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 43 HTTP transactions. The main IP is 52.59.45.196, located in Frankfurt, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.auskunft.de.
TLS certificate: Issued by Trustico RSA DV CA on February 28th 2018. Valid for: 2 years.

This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.240 103.224.182.240	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 11	199.59.242.151 199.59.242.151	395082 (BODIS-NJ) (BODIS-NJ - Bodis)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81f::2011	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	199.59.242.155 199.59.242.155	395082 (BODIS-NJ) (BODIS-NJ - Bodis)
2	54.172.94.62 54.172.94.62	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
10	52.59.45.196 52.59.45.196	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
43	16

1 103.224.182.240 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-240.above.com

schrenkinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 199.59.242.151 (New York, United States) 1 redirects

ASN395082 (BODIS-NJ - Bodis, LLC, US)

ww25.schrenkinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2011 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

survey.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.59.242.155 (New York, United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)

tracking.bodis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.94.62 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-94-62.compute-1.amazonaws.com

usd.photios-raj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usd.dauid-iep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.59.45.196 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

www.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	schrenkinteractive.com 2 redirects schrenkinteractive.com ww25.schrenkinteractive.com	127 KB
10	auskunft.de www.auskunft.de	400 KB
5	doubleclick.net survey.g.doubleclick.net stats.g.doubleclick.net	151 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	31 KB
4	google.com www.google.com adservice.google.com	107 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	12 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	googleapis.com fonts.googleapis.com	2 KB
1	dauid-iep.com usd.dauid-iep.com	965 B
1	photios-raj.com usd.photios-raj.com	2 KB
1	bodis.com tracking.bodis.com	341 B
1	google.de adservice.google.de	485 B
43	12

	Domain	Requested by
11	ww25.schrenkinteractive.com	1 redirects ww25.schrenkinteractive.com www.google.com
10	www.auskunft.de	usd.dauid-iep.com www.auskunft.de
3	www.google-analytics.com	2 redirects www.auskunft.de
3	fonts.gstatic.com
3	survey.g.doubleclick.net	www.google.com survey.g.doubleclick.net
3	fonts.googleapis.com	ww25.schrenkinteractive.com
3	www.google.com	ww25.schrenkinteractive.com www.google.com
2	de.ioam.de	1 redirects www.auskunft.de
2	stats.g.doubleclick.net	www.auskunft.de
1	script.ioam.de	www.auskunft.de
1	usd.dauid-iep.com	usd.photios-raj.com
1	usd.photios-raj.com	ww25.schrenkinteractive.com
1	tracking.bodis.com	ww25.schrenkinteractive.com
1	adservice.google.com	survey.g.doubleclick.net
1	adservice.google.de	survey.g.doubleclick.net
1	www.gstatic.com
1	schrenkinteractive.com	1 redirects
43	17

This site contains links to these domains. Also see Links.

Domain
www.alpha9marketing.com

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.auskunft.de Trustico RSA DV CA	`2018-02-28` - `2019-09-16`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zp
Frame ID: CCD7238F3DBF397D6993CAF6F03C12FD
Requests: 43 HTTP requests in this frame

Frame: http://www.google.com/dp/ads?max_radlink_len=60&r=m&client=dp-bodis31_3ph&channel=pid-bodis-gcontrol100&hl=en&adsafe=low&type=3&optimize_terms=on&swp=as-drid-2900872861206983&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r7&num=0&output=afd_ads&domain_name=ww25.schrenkinteractive.com&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=0&dt=1549843552361&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=900&frm=0&uio=ff6fa6st24sa11lt30sl1sr1-&jsv=10510&rurl=http%3A%2F%2Fww25.schrenkinteractive.com%2F
Frame ID: B37C7A27FBC46BFB17E9311BB861824E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://schrenkinteractive.com/ HTTP 302
http://ww25.schrenkinteractive.com/ Page URL
http://ww25.schrenkinteractive.com/?z Page URL
http://ww25.schrenkinteractive.com/rz?u=http%3A%2F%2Fusd.photios-raj.com%2Fzcvisitor%2Fcc08f370-2d90-11e9-82cb-... HTTP 302
http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7... Page URL
http://usd.dauid-iep.com/zcredirect?visitid=cc08f370-2d90-11e9-82cb-1224450f3a38&type=js&browserWidth... Page URL
https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

INFOnline (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^szmvars$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

43
Requests

53 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

849 kB
Transfer

1748 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alpha9marketing.com/unternehmen/stellenangebote
Title: Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://schrenkinteractive.com/ HTTP 302
http://ww25.schrenkinteractive.com/ Page URL
http://ww25.schrenkinteractive.com/?z Page URL
http://ww25.schrenkinteractive.com/rz?u=http%3A%2F%2Fusd.photios-raj.com%2Fzcvisitor%2Fcc08f370-2d90-11e9-82cb-1224450f3a38%3Fcampaignid%3Df6228670-4b89-11e7-b1d2-0eda985eb958&notadsafe HTTP 302
http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
http://usd.dauid-iep.com/zcredirect?visitid=cc08f370-2d90-11e9-82cb-1224450f3a38&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://schrenkinteractive.com/ HTTP 302
http://ww25.schrenkinteractive.com/

Request Chain 26

http://ww25.schrenkinteractive.com/rz?u=http%3A%2F%2Fusd.photios-raj.com%2Fzcvisitor%2Fcc08f370-2d90-11e9-82cb-1224450f3a38%3Fcampaignid%3Df6228670-4b89-11e7-b1d2-0eda985eb958&notadsafe HTTP 302
http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Request Chain 37

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=892188241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9-82cb-1224450f3a38%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften%20-%20auskunft.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=804235266&gjid=581171312&cid=47722550.1549843555&tid=UA-77541742-2&_gid=524655328.1549843555&_r=1&z=1727518854 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=804235266&_gid=524655328.1549843555&gjid=581171312&_v=j73&z=1727518854

Request Chain 41

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=usd.dauid-iep.com&r2=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9-82cb-1224450f3a38%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0018&i2=0018e9ea44a95dc0c5c60bc62&ep=1575098096&vr=412&id=s9k4qs&i3=nocookie&n1=3&dntt=0&lt=1549843554832&ev=&cs=gkmsye&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=usd.dauid-iep.com&r2=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9-82cb-1224450f3a38%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0018&i2=0018e9ea44a95dc0c5c60bc62&ep=1575098096&vr=412&id=s9k4qs&i3=nocookie&n1=3&dntt=0&lt=1549843554832&ev=&cs=gkmsye&mo=1&sr=71

Request Chain 42

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=892188241&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9-82cb-1224450f3a38%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften%20-%20auskunft.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nobounce&ea=10%20seconds&_u=aEBAAEAB~&jid=1444078297&gjid=177305049&cid=47722550.1549843555&tid=UA-77541742-2&_gid=524655328.1549843555&_r=1&z=1069506536 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=1444078297&_gid=524655328.1549843555&gjid=177305049&_v=j73&z=1069506536

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ww25.schrenkinteractive.com/
Redirect Chain

https://schrenkinteractive.com/
http://ww25.schrenkinteractive.com/

4 KB
4 KB

455ms
103ms

Document
text/html

199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.schrenkinteractive.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: d281f81c580620dc8f4748a03908d5e24cf3cd5403fa34e73def570db930a737

Request headers

Host: ww25.schrenkinteractive.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: openresty
Date: Mon, 11 Feb 2019 00:05:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_PLpCi+NR5e0dPFRaIlSSW7uhMrpdAD0bJkbBmjJc17F9g2owHSaL6Ajz2mOds8Qh8NwQ9bPBiCjeno+onf94Gw==

Redirect headers

Date: Mon, 11 Feb 2019 00:05:50 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __tad=1549843550.2180220; expires=Thu, 08-Feb-2029 00:05:50 GMT; Max-Age=315360000
Location: http://ww25.schrenkinteractive.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 151 KB
53 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad0041c2111ccd8ed4e64e179ec9e5cca689ec74286840f03ba7002f769dfc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "10510128051899060074"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 Feb 2019 00:05:52 GMT

GET
H/1.1 200
OK px.gif
ww25.schrenkinteractive.com/ 42 B
275 B 103ms
102ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.schrenkinteractive.com/px.gif?ch=1&rn=1.0010879485895967
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:52 GMT
Last-Modified: Fri, 08 Feb 2019 22:50:08 GMT
Server: openresty
ETag: "5c5e07a0-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK px.gif
ww25.schrenkinteractive.com/ 42 B
275 B 101ms
101ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.schrenkinteractive.com/px.gif?ch=2&rn=1.0010879485895967
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:52 GMT
Last-Modified: Fri, 08 Feb 2019 22:50:08 GMT
Server: openresty
ETag: "5c5e07a0-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK glp Show response
ww25.schrenkinteractive.com/ 9 KB
9 KB 130ms
129ms Script
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.schrenkinteractive.com/glp?r=&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: f582146ce35c8cfc103de0762e940b82de0973f55e20793083de2f5e38c455e6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://ww25.schrenkinteractive.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Feb 2019 00:05:52 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
599 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/glp?r=&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 11 Feb 2019 00:05:52 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 11 Feb 2019 00:05:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 11 Feb 2019 00:05:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
436 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/glp?r=&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

dd9d44ccd6e4efcef9a508434c79fb5fbafc7f331aa0a8be5721bc1bcb308f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 11 Feb 2019 00:05:52 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 11 Feb 2019 00:05:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 11 Feb 2019 00:05:52 GMT

GET
H/1.1 200
OK arrows-4-bg.jpg
ww25.schrenkinteractive.com/public/legacy/10320/resources/ 98 KB
99 KB 103ms
103ms Image
image/jpeg 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.schrenkinteractive.com/public/legacy/10320/resources/arrows-4-bg.jpg
Requested by: Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: 7afbcb746fd4e18ddcfd21e7dcd3ed908db27e364b5027fffcf901fef1cb10a1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:52 GMT
Last-Modified: Fri, 08 Feb 2019 22:50:08 GMT
Server: openresty
ETag: "5c5e07a0-189d5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100821

GET
H/1.1 200
OK Cookie set ads
www.google.com/dp/ Frame B37C 0
0 64ms
59ms Document
text/html 2a00:1450:4001:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/dp/ads?max_radlink_len=60&r=m&client=dp-bodis31_3ph&channel=pid-bodis-gcontrol100&hl=en&adsafe=low&type=3&optimize_terms=on&swp=as-drid-2900872861206983&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r7&num=0&output=afd_ads&domain_name=ww25.schrenkinteractive.com&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=0&dt=1549843552361&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=900&frm=0&uio=ff6fa6st24sa11lt30sl1sr1-&jsv=10510&rurl=http%3A%2F%2Fww25.schrenkinteractive.com%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: www.google.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww25.schrenkinteractive.com/

Response headers

Content-Type: text/html; charset=UTF-8
Content-Disposition: inline
Date: Mon, 11 Feb 2019 00:05:52 GMT
Expires: Mon, 11 Feb 2019 00:05:52 GMT
Cache-Control: private, max-age=3600
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Encoding: gzip
Server: gws
Content-Length: 6167
X-XSS-Protection: 1; mode=block
Set-Cookie: 1P_JAR=2019-02-11-00; expires=Wed, 13-Mar-2019 00:05:52 GMT; path=/; domain=.google.com NID=158=jH4OZenXZlQTRNDNgu_rBk4BpyCWtD9W0aTnYA868Oi4DxUGqW9-0JrZ35oK0PuaMBXDQd5wwMeJjOvYosvmeKIgoQcI6ecohrpDSKlEJMIQqQD9Ou5fJXH7sngaJkIsmAdEOsl8M6JZ6J27qXcGP6nusdKQ2jKy5_nawxRGVKA; expires=Tue, 13-Aug-2019 00:05:52 GMT; path=/; domain=.google.com; HttpOnly CONSENT=WP.276a20; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com

GET
H/1.1 200
OK async_survey Show response
survey.g.doubleclick.net/ 49 KB
18 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:81f::2011
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2011 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Resource Hash

798ab71452b5f37fe9be6674253fcc65042594d11f81cd58f8d6be504ab84b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Feb 2019 00:05:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, no-cache, must-revalidate, no-store
Transfer-Encoding: chunked
Content-Disposition: attachment; filename="f.txt"
Vary: *
X-Xss-Protection: 1; mode=block
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK caf.gif
www.gstatic.com/domainads/tracking/ 43 B
392 B 44ms
38ms Image
image/gif 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.gstatic.com/domainads/tracking/caf.gif?ts=1549843552358&rid=4609448

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Feb 2019 00:05:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
Server: sffe
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Accept-Ranges: bytes
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v8/ 13 KB
13 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v8/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

477d1b38d53ab3df4d259898b74cbd6d9aca136f074a901d3458edcaf7ff7a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Quicksand
Origin: http://ww25.schrenkinteractive.com

Response headers

date: Fri, 18 Jan 2019 02:35:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Oct 2018 20:50:42 GMT
server: sffe
age: 2064593
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13596
x-xss-protection: 1; mode=block
expires: Sat, 18 Jan 2020 02:35:59 GMT

GET
H/1.1 200
OK prompt_embed_static.js Show response
survey.g.doubleclick.net/insights/consumersurveys/static/415984757911223668/ 366 KB
132 KB 6ms
6ms Script
application/javascript 2a00:1450:4001:81f::2011
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://survey.g.doubleclick.net/insights/consumersurveys/static/415984757911223668/prompt_embed_static.js
Requested by: Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81f::2011 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b4c2261f07904c4b3c33a52b918264d6dc7b3b41245bad8f9c7d4bbadaa58012

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 22:32:59 GMT
Content-Encoding: gzip
Server: Google Frontend
Age: 178373
ETag: "dTz-jg"
Content-Type: application/javascript
X-Cloud-Trace-Context: 6590cfea907dec599ade9f5727027da3
Cache-Control: public, max-age=2592000
Content-Length: 134940
Expires: Sun, 10 Mar 2019 22:32:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
485 B 59ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ww25.schrenkinteractive.com

Requested by

Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Feb 2019 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
485 B 37ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ww25.schrenkinteractive.com

Requested by

Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Feb 2019 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK prompt Show response
survey.g.doubleclick.net/gk/ 0
410 B 17ms
16ms Script
text/javascript 2a00:1450:4001:81f::2011
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://survey.g.doubleclick.net/gk/prompt?t=a&site=kv4ic6olrzkr6&random=1549843552471&ref&token=NT

Requested by

Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2011 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Why: UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 11 Feb 2019 00:05:52 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Content-Disposition: attachment; filename="f.txt"
Content-Length: 23
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK rigd
tracking.bodis.com/ 0
341 B 238ms
125ms XHR
image/png 199.59.242.155
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://tracking.bodis.com/rigd?d=schrenkinteractive.com&dr=as-drid-2900872861206983&h=6e360c3798f4ae3f4441494750c5352c
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/glp?r=&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 199.59.242.155 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww25.schrenkinteractive.com/
Origin: http://ww25.schrenkinteractive.com

Response headers

Pragma: no-cache
Date: Mon, 11 Feb 2019 00:05:52 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
ww25.schrenkinteractive.com/ 4 KB
4 KB 103ms
103ms Document
text/html 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.schrenkinteractive.com/?z
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/glp?r=&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: 05d9e9ef8cf88aa3f103306f5f8c4c3294474b207a1192636654f60b32926c5e

Request headers

Host: ww25.schrenkinteractive.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww25.schrenkinteractive.com/

Response headers

Server: openresty
Date: Mon, 11 Feb 2019 00:05:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BfQHcvDZyMcEOtYuOaUT+zpggQ96YHic8eHA9SgX9/lKijSnItYaOUri7Dbn8YPploBosJFgnCPytsdxQQiyZQ==

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 151 KB
53 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/?z

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad0041c2111ccd8ed4e64e179ec9e5cca689ec74286840f03ba7002f769dfc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/?z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "10510128051899060074"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 Feb 2019 00:05:52 GMT

GET
H/1.1 200
OK px.gif
ww25.schrenkinteractive.com/ 42 B
275 B 103ms
102ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.schrenkinteractive.com/px.gif?ch=1&rn=9.603846517686511
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/?z
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/?z
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/?z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:52 GMT
Last-Modified: Fri, 08 Feb 2019 22:50:08 GMT
Server: openresty
ETag: "5c5e07a0-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK px.gif
ww25.schrenkinteractive.com/ 42 B
275 B 101ms
101ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.schrenkinteractive.com/px.gif?ch=2&rn=9.603846517686511
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/?z
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/?z
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/?z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:52 GMT
Last-Modified: Fri, 08 Feb 2019 22:50:08 GMT
Server: openresty
ETag: "5c5e07a0-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK glp Show response
ww25.schrenkinteractive.com/ 8 KB
8 KB 128ms
128ms Script
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.schrenkinteractive.com/glp?r=http%3A%2F%2Fww25.schrenkinteractive.com%2F&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&z&rw=1600&rh=1200&ww=1600&wh=1200
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/?z
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: fae4923530dbc953f3d1c277076f5db997705573a59e393e4f54e9bed03d69c6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://ww25.schrenkinteractive.com/?z
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/?z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Feb 2019 00:05:53 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
686 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400

Requested by

Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/glp?r=http%3A%2F%2Fww25.schrenkinteractive.com%2F&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&z&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b433fff5919be961f970430072a831557793a468074cd8aaf30427dc6209dc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww25.schrenkinteractive.com/?z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 11 Feb 2019 00:05:53 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 11 Feb 2019 00:05:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 11 Feb 2019 00:05:53 GMT

POST
H/1.1 200
OK gzb
ww25.schrenkinteractive.com/ 198 B
515 B 490ms
490ms XHR
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.schrenkinteractive.com/gzb
Requested by: Host: ww25.schrenkinteractive.com
URL: http://ww25.schrenkinteractive.com/glp?r=http%3A%2F%2Fww25.schrenkinteractive.com%2F&u=http%3A%2F%2Fww25.schrenkinteractive.com%2F&z&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://ww25.schrenkinteractive.com
Accept-Encoding: gzip, deflate
Host: ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://ww25.schrenkinteractive.com/?z
Connection: keep-alive
Content-Length: 288
Referer: http://ww25.schrenkinteractive.com/?z
Origin: http://ww25.schrenkinteractive.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 11 Feb 2019 00:05:53 GMT
Server: openresty
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 198
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://ww25.schrenkinteractive.com

Response headers

date: Mon, 14 Jan 2019 19:46:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:38 GMT
server: sffe
age: 2348370
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8732
x-xss-protection: 1; mode=block
expires: Tue, 14 Jan 2020 19:46:23 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://ww25.schrenkinteractive.com

Response headers

date: Fri, 21 Dec 2018 06:27:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 4469885
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sat, 21 Dec 2019 06:27:48 GMT

GET
H/1.1

200
OK

cc08f370-2d90-11e9-82cb-1224450f3a38
usd.photios-raj.com/zcvisitor/
Redirect Chain

http://ww25.schrenkinteractive.com/rz?u=http%3A%2F%2Fusd.photios-raj.com%2Fzcvisitor%2Fcc08f370-2d90-11e9-82cb-1224450f3a38%3Fcampaignid%3Df6228670-4b89-11e7-b1d2-0eda985eb958&notadsafe
http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

1004 B
2 KB

205ms
98ms

Document
text/html

54.172.94.62
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Requested by

Protocol

HTTP/1.1

Server

54.172.94.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-172-94-62.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.photios-raj.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww25.schrenkinteractive.com/?z
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww25.schrenkinteractive.com/?z

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Mon, 11 Feb 2019 00:05:53 GMT
Server: ZeroPark-Traffic
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding: chunked
Connection: keep-alive

Redirect headers

Server: openresty
Date: Mon, 11 Feb 2019 00:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Location: http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

GET
H/1.1 200
OK zcredirect Show response
usd.dauid-iep.com/ 268 B
965 B 233ms
99ms Document
text/html 54.172.94.62
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.dauid-iep.com/zcredirect?visitid=cc08f370-2d90-11e9-82cb-1224450f3a38&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usd.photios-raj.com
URL: http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Protocol

HTTP/1.1

Server

54.172.94.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-172-94-62.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

6cb9ded1e23611c9e4f9107efa1ff7cce4f6a7f43c133bf2635b4b4c387297f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.dauid-iep.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://usd.photios-raj.com/zcvisitor/cc08f370-2d90-11e9-82cb-1224450f3a38?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Mon, 11 Feb 2019 00:05:53 GMT
redirected: JS
Server: ZeroPark-Traffic
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.auskunft.de/ 27 KB
10 KB 88ms
47ms Document
text/html 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/?rt=y&utm_source=zp

Requested by

Host: usd.dauid-iep.com
URL: http://usd.dauid-iep.com/zcredirect?visitid=cc08f370-2d90-11e9-82cb-1224450f3a38&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

326cd4b6700187d22d4769103374b3b2336a50816ac14116cc7d09495b48cbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.auskunft.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://usd.dauid-iep.com/zcredirect?visitid=cc08f370-2d90-11e9-82cb-1224450f3a38&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://usd.dauid-iep.com/zcredirect?visitid=cc08f370-2d90-11e9-82cb-1224450f3a38&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

Server: nginx
Date: Mon, 11 Feb 2019 00:05:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=86400
X-Backend-Server: ip-172-31-22-169
Content-Encoding: gzip

GET
H/1.1 200
OK main.375d6139106c7c0d889d.css
www.auskunft.de/assets/bundles/ 309 KB
56 KB 17ms
17ms Stylesheet
text/css 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main.375d6139106c7c0d889d.css

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fecc90945654c7b13841b347090eb3469f158a96a8d8d4c0a4cc871f18b271a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 10:52:10 GMT
Server: nginx
ETag: W/"5c5d5f5a-4d385"
Strict-Transport-Security: max-age=86400
Content-Type: text/css
Access-Control-Allow-Origin: https://buchung.auskunft.de
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
X-Backend-Server: ip-172-31-22-169
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H/1.1 200
OK auskunft_de_logo.webp
www.auskunft.de/img/ 1 KB
2 KB 38ms
8ms Image
image/webp 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Last-Modified: Fri, 21 Jul 2017 08:52:49 GMT
Server: nginx
ETag: "5971c0e1-4ee"
Strict-Transport-Security: max-age=86400
Content-Type: image/webp
Access-Control-Allow-Origin: https://buchung.auskunft.de
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
X-Backend-Server: ip-172-31-22-169
Content-Length: 1262
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H/1.1 200
OK auskunft-rankingmonitor-teaser.png
www.auskunft.de/img/ 22 KB
22 KB 45ms
15ms Image
image/png 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/img/auskunft-rankingmonitor-teaser.png

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5c28dfd53100786cb50ff52925a8f6609793e060b46ba26d3733c4de2132ab4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Last-Modified: Thu, 19 Jul 2018 14:38:44 GMT
Server: nginx
ETag: "5b50a274-57e4"
Strict-Transport-Security: max-age=86400
Content-Type: image/png
Access-Control-Allow-Origin: https://buchung.auskunft.de
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
X-Backend-Server: ip-172-31-22-169
Content-Length: 22500
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.auskunft.de/assets/509e1d8f/ 85 KB
35 KB 34ms
9ms Script
application/javascript 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/509e1d8f/jquery.min.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 10:51:52 GMT
Server: nginx
ETag: W/"5c5d5f48-1538f"
Strict-Transport-Security: max-age=86400
Content-Type: application/javascript
Access-Control-Allow-Origin: https://buchung.auskunft.de
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
X-Backend-Server: ip-172-31-22-169
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H/1.1 200
OK main.c6db98139f7c72fa8af6.js Show response
www.auskunft.de/assets/bundles/ 22 KB
10 KB 37ms
9ms Script
application/javascript 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main.c6db98139f7c72fa8af6.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c83549a1f7c42b1e3663e68bd6408a13fb1ed336aef9d9b9424092fabbf5075f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 10:52:10 GMT
Server: nginx
ETag: W/"5c5d5f5a-57f7"
Strict-Transport-Security: max-age=86400
Content-Type: application/javascript
Access-Control-Allow-Origin: https://buchung.auskunft.de
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
X-Backend-Server: ip-172-31-22-169
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1007
date: Sun, 10 Feb 2019 23:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Mon, 11 Feb 2019 01:49:07 GMT

GET
H/1.1 200
OK background
www.auskunft.de/ 219 KB
219 KB 21ms
21ms Image
image/jpeg 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/background

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Feb 2019 00:05:54 GMT
Server: nginx
Strict-Transport-Security: max-age=86400
Content-Type: image/jpeg
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Backend-Server: ip-172-31-22-169
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4

Request headers

Response headers

Content-Type: image/jpeg

GET
H/1.1 200
OK auskunft.bc54edff783c46b47e5fdc3a7ddf4fa2.woff2
www.auskunft.de/assets/bundles/ 11 KB
12 KB 8ms
8ms Font
application/octet-stream 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/auskunft.bc54edff783c46b47e5fdc3a7ddf4fa2.woff2

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

36fa594394aa6ee8da9546e221c77b36f79531c5770ab5f7873b93077c1ed190

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Origin: https://www.auskunft.de
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.auskunft.de/assets/bundles/main.375d6139106c7c0d889d.css
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.auskunft.de/assets/bundles/main.375d6139106c7c0d889d.css
Origin: https://www.auskunft.de

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Last-Modified: Fri, 08 Feb 2019 10:52:10 GMT
Server: nginx
ETag: "5c5d5f5a-2d58"
Strict-Transport-Security: max-age=86400
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
X-Backend-Server: ip-172-31-22-169
Content-Length: 11608
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=892188241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=804235266&_gid=524655328.1549843555&gjid=581171312&_v=j73&z=1727518854

35 B
136 B

17ms
16ms

Image
image/gif

2a00:1450:400c:c04::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=804235266&_gid=524655328.1549843555&gjid=581171312&_v=j73&z=1727518854

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 11 Feb 2019 00:05:54 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="45,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Feb 2019 00:05:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=804235266&_gid=524655328.1549843555&gjid=581171312&_v=j73&z=1727518854
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 31 KB
10 KB 90ms
22ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.9 0018
Resource Hash: d095cc776aa743b70468281916bed508dc8157b86dc627e92c6caec2adb203e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 00:05:54 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.9 0018
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: privat, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 11 Feb 2019 02:05:54 GMT

GET
H/1.1 200
OK vendors~app.f14e5413c5bc6eb11d83.js Show response
www.auskunft.de/assets/bundles/ 47 KB
18 KB 16ms
15ms Script
application/javascript 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/vendors~app.f14e5413c5bc6eb11d83.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.c6db98139f7c72fa8af6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d872ecfe3feff25436430c711eb99d0f116e68e69d9ab651bb0393af8b9d3428

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j; _ga=GA1.2.47722550.1549843555; _gid=GA1.2.524655328.1549843555; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 10:52:10 GMT
Server: nginx
ETag: W/"5c5d5f5a-ba66"
Strict-Transport-Security: max-age=86400
Content-Type: application/javascript
Access-Control-Allow-Origin: https://buchung.auskunft.de
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
X-Backend-Server: ip-172-31-22-169
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H/1.1 200
OK app.aea58420659e30c2b29f.js Show response
www.auskunft.de/assets/bundles/ 47 KB
16 KB 12ms
11ms Script
application/javascript 52.59.45.196
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/app.aea58420659e30c2b29f.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.c6db98139f7c72fa8af6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.59.45.196 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-45-196.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c2849535b30e06fd104bf4ccf565f8f2dcf03964b5397ca59e0a6ffdc4c3e943

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
Cookie: AUSKUNFT_SESSION=t5c79mg5npo5t4h26ahsgifv4j; _ga=GA1.2.47722550.1549843555; _gid=GA1.2.524655328.1549843555; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 11 Feb 2019 00:05:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 10:52:10 GMT
Server: nginx
ETag: W/"5c5d5f5a-bc23"
Strict-Transport-Security: max-age=86400
Content-Type: application/javascript
Access-Control-Allow-Origin: https://buchung.auskunft.de
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
X-Backend-Server: ip-172-31-22-169
Expires: Wed, 13 Mar 2019 00:05:54 GMT

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=usd.dauid-iep.com&r2=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9...
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=usd.dauid-iep.com&r2=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9...

0
694 B

22ms
22ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=usd.dauid-iep.com&r2=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9-82cb-1224450f3a38%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0018&i2=0018e9ea44a95dc0c5c60bc62&ep=1575098096&vr=412&id=s9k4qs&i3=nocookie&n1=3&dntt=0&lt=1549843554832&ev=&cs=gkmsye&mo=1&sr=71
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.05.0 0023
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 00:05:54 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.05.0 0023
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 11 Feb 2019 00:05:54 GMT
X-Powered-By: BLACKBIRD-RCV v1.05.0 0023
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 11 Feb 2019 00:05:54 GMT
Server: nginx
Location: /tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&pt=CP&ps=lin&er=N22&rf=usd.dauid-iep.com&r2=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dcc08f370-2d90-11e9-82cb-1224450f3a38%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0018&i2=0018e9ea44a95dc0c5c60bc62&ep=1575098096&vr=412&id=s9k4qs&i3=nocookie&n1=3&dntt=0&lt=1549843554832&ev=&cs=gkmsye&mo=1&sr=71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sun, 11 Feb 2018 00:05:54 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=892188241&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusd.dauid-iep.com%2Fzcredirect%3F...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=1444078297&_gid=524655328.1549843555&gjid=177305049&_v=j73&z=1069506536

35 B
102 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c04::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=1444078297&_gid=524655328.1549843555&gjid=177305049&_v=j73&z=1069506536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 11 Feb 2019 00:06:04 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="45,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Feb 2019 00:06:04 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=47722550.1549843555&jid=1444078297&_gid=524655328.1549843555&gjid=177305049&_v=j73&z=1069506536
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.auskunft.de/	1970-01-18 22:32:09	Name: _gid Value: GA1.2.524655328.1549843555
.auskunft.de/	1970-01-19 16:01:55	Name: _ga Value: GA1.2.47722550.1549843555
.auskunft.de/	1970-01-18 22:30:43	Name: _gat Value: 1
www.auskunft.de/	1969-12-31 23:59:59	Name: AUSKUNFT_SESSION Value: t5c79mg5npo5t4h26ahsgifv4j

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
de.ioam.de
fonts.googleapis.com
fonts.gstatic.com
schrenkinteractive.com
script.ioam.de
stats.g.doubleclick.net
survey.g.doubleclick.net
tracking.bodis.com
usd.dauid-iep.com
usd.photios-raj.com
ww25.schrenkinteractive.com
www.auskunft.de
www.google-analytics.com
www.google.com
www.gstatic.com
103.224.182.240
199.59.242.151
199.59.242.155
2a00:1450:4001:809::2004
2a00:1450:4001:814::2003
2a00:1450:4001:815::200a
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2011
2a00:1450:4001:821::200e
2a00:1450:400c:c04::9d
52.59.45.196
54.172.94.62
91.215.100.40
91.215.103.64
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05d9e9ef8cf88aa3f103306f5f8c4c3294474b207a1192636654f60b32926c5e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
326cd4b6700187d22d4769103374b3b2336a50816ac14116cc7d09495b48cbaf
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
36fa594394aa6ee8da9546e221c77b36f79531c5770ab5f7873b93077c1ed190
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
477d1b38d53ab3df4d259898b74cbd6d9aca136f074a901d3458edcaf7ff7a09
5c28dfd53100786cb50ff52925a8f6609793e060b46ba26d3733c4de2132ab4c
6cb9ded1e23611c9e4f9107efa1ff7cce4f6a7f43c133bf2635b4b4c387297f7
798ab71452b5f37fe9be6674253fcc65042594d11f81cd58f8d6be504ab84b86
7afbcb746fd4e18ddcfd21e7dcd3ed908db27e364b5027fffcf901fef1cb10a1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4
853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8ad0041c2111ccd8ed4e64e179ec9e5cca689ec74286840f03ba7002f769dfc8
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
b433fff5919be961f970430072a831557793a468074cd8aaf30427dc6209dc3d
b4c2261f07904c4b3c33a52b918264d6dc7b3b41245bad8f9c7d4bbadaa58012
c2849535b30e06fd104bf4ccf565f8f2dcf03964b5397ca59e0a6ffdc4c3e943
c83549a1f7c42b1e3663e68bd6408a13fb1ed336aef9d9b9424092fabbf5075f
d095cc776aa743b70468281916bed508dc8157b86dc627e92c6caec2adb203e8
d281f81c580620dc8f4748a03908d5e24cf3cd5403fa34e73def570db930a737
d872ecfe3feff25436430c711eb99d0f116e68e69d9ab651bb0393af8b9d3428
dd9d44ccd6e4efcef9a508434c79fb5fbafc7f331aa0a8be5721bc1bcb308f2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f582146ce35c8cfc103de0762e940b82de0973f55e20793083de2f5e38c455e6
fae4923530dbc953f3d1c277076f5db997705573a59e393e4f54e9bed03d69c6
fecc90945654c7b13841b347090eb3469f158a96a8d8d4c0a4cc871f18b271a2

www.auskunft.de Open in urlscan Pro 52.59.45.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

53 %HTTPS

56 %IPv6

12 Domains

17 Subdomains

16 IPs

4 Countries

849 kBTransfer

1748 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.auskunft.de Open in urlscan Pro
52.59.45.196 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

53 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

849 kB
Transfer

1748 kB
Size

4
Cookies

43 HTTP transactions
1 data transactions