urlscan.io logo urlscan.io
SecurityTrails logo

12.43.152.18 Open in urlscan Pro
12.43.152.18  Public Scan

Go To Rescan Add Verdict Report
URL: http://12.43.152.18/fileNotFound.html
Submission: On January 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 28 HTTP transactions. The main IP is 12.43.152.18, located in United States and belongs to EHI-NA-AS-1, US. The main domain is 12.43.152.18.
This is the only time 12.43.152.18 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 12.43.152.18 13893 (EHI-NA-AS-1)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 5 34.255.227.52 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
2 2 52.50.54.3 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.16.186.56 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.198 15169 (GOOGLE)
28 11
13    12.43.152.18 (United States)

ASN13893 (EHI-NA-AS-1, US)
12.43.152.18
3    2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
5    34.255.227.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-227-52.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
metrics.enterprise.com
2    52.50.54.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-54-3.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2.16.186.56 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com
fast.enterprise.demdex.net
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
fls.doubleclick.net
Domain Requested by
5 dpm.demdex.net 2 redirects 12.43.152.18
assets.adobedtm.com
3 assets.adobedtm.com 12.43.152.18
assets.adobedtm.com
2 www.google-analytics.com 12.43.152.18
www.google-analytics.com
2 cm.everesttech.net 2 redirects
1 fls.doubleclick.net assets.adobedtm.com
1 www.google.de 12.43.152.18
1 www.google.com 12.43.152.18
1 stats.g.doubleclick.net www.google-analytics.com
1 fast.enterprise.demdex.net assets.adobedtm.com
1 www.googletagmanager.com assets.adobedtm.com
1 metrics.enterprise.com assets.adobedtm.com
28 11
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://12.43.152.18/fileNotFound.html
Frame ID: 508007701B80A0E69297D4B23696AAD7
Requests: 27 HTTP requests in this frame

Frame: http://fast.enterprise.demdex.net/dest5.html?d_nsid=0
Frame ID: AA3BC2AF4CDAAB0B57F8F2DCFD5D191C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Page Not Found - Enterprise Rent-A-Car

Detected technologies

Overall confidence: 100%
Detected patterns
  • https?://fls\.doubleclick\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

18 %
HTTPS

50 %
IPv6

9
Domains

11
Subdomains

11
IPs

5
Countries

323 kB
Transfer

1362 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=30545A0C536B768C0A490D44%40AdobeOrg&d_nsid=0&ts=1641305551699 HTTP 302
  • http://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=30545A0C536B768C0A490D44%40AdobeOrg&d_nsid=0&ts=1641305551699
Request Chain 11
  • http://cm.everesttech.net/cm/dd?d_uuid=03066492557484427350537992408046998458 HTTP 301
  • https://cm.everesttech.net/cm/dd?d_uuid=03066492557484427350537992408046998458 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YdRV0AAAAKfO4AQE HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YdRV0AAAAKfO4AQE
Request Chain 18
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fileNotFound.html
12.43.152.18/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
2742eba552af0dd5913710a6b81de3bc7871042d969e0c97503c3266f7edc8f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 04 Jan 2022 14:12:30 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
6332
Keep-Alive
timeout=15, max=500
Connection
Keep-Alive
Content-Type
text/html; charset=ISO-8859-1
satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/ 		1004 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
853415f0edf0f27d848d0f4a90b28bf17829dad0391b7e33a2c4e4ebb57b38cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 15:38:12 GMT
Server
AkamaiNetStorage
ETag
"154b2fed7d4e6cf18490ab15bbebe59c:1582817891.698399"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://12.43.152.18
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 04 Jan 2022 15:12:31 GMT
navStyle.css
12.43.152.18/include/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://12.43.152.18/include/navStyle.css
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
836914f172c38199b34cfb44dc4aa192d4c9ec9a67974046ab68b15271fe6847

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/fileNotFound.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:30 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"13da-55df61806f380"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=499
Content-Length
5082
navStyleIntres.css
12.43.152.18/include/ 		735 B
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://12.43.152.18/include/navStyleIntres.css
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
8083d633733a5c0252aface42af5495a06708ad7655d1f2e27aa8140514d3fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/fileNotFound.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:30 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"2df-55df61806f380"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=500
Content-Length
735
apologiesTemplate.css
12.43.152.18/include/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://12.43.152.18/include/apologiesTemplate.css
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
0ef1b72ac7bbc9f668bc4bba60e694507b5d5f41f81e371fc9b3dd916194face

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/fileNotFound.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:30 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"88d-55df61806f380"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=500
Content-Length
2189
style.css
12.43.152.18/include/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://12.43.152.18/include/style.css
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
36638f640b6016ce762d7b73d241e48bb3f7ca0258267d1ad023e3553c4ff9c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/fileNotFound.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:30 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"17d9-55df61806f380"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=500
Content-Length
6105
buttons.css
12.43.152.18/include/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://12.43.152.18/include/buttons.css
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
916e0609581a669ebc43c9145ddd5c6d4679d77c0288ea4e5e40b4d340e6720c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/fileNotFound.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:30 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"aa4-55df61806f380"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=500
Content-Length
2724
ban_enterpriseLogo.jpg
12.43.152.18/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://12.43.152.18/images/ban_enterpriseLogo.jpg
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
db7b3511296dfee9303f0130ccef359aad6fc509e67944e39161c9bd46eca824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/fileNotFound.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:30 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"1428-55df61806f380"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=499
Content-Length
5160
rd
dpm.demdex.net/id/
Redirect Chain
  • http://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=30545A0C536B768C0A490D44%40AdobeOrg&d_nsid=0&ts=1641305551699
  • http://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=30545A0C536B768C0A490D44%40AdobeOrg&d_nsid=0&ts=1641305551699
110 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=30545A0C536B768C0A490D44%40AdobeOrg&d_nsid=0&ts=1641305551699
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
34.255.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-227-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v026-0fb35ce34.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
content-encoding
gzip
X-Error
172
X-TID
G9fVyB82TF4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://12.43.152.18
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
124
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v026-013622550.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Access-Control-Allow-Origin
http://12.43.152.18
X-TID
wSrBidWYQ5s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=30545A0C536B768C0A490D44%40AdobeOrg&d_nsid=0&ts=1641305551699
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mbox-contents-acd0be0245ac9c3b7e8a94d4d4491c612f0bcb5f.js
assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/mbox-contents-acd0be0245ac9c3b7e8a94d4d4491c612f0bcb5f.js
Requested by
Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fe3cd4e96e099a905c91daba11f638e3572b1fc042814b1cf465547be844daca

Request headers

Referer
http://12.43.152.18/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 15:38:21 GMT
Server
AkamaiNetStorage
ETag
"b14c9847aeaafdf591a2919e3d43b513:1582817901.402198"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://12.43.152.18
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
27783
Expires
Tue, 04 Jan 2022 15:12:32 GMT
id
metrics.enterprise.com/ 		48 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://metrics.enterprise.com/id?d_visid_ver=4.3.0&d_fieldgroup=MC&mcorgid=30545A0C536B768C0A490D44%40AdobeOrg&ts=1641305551793
Requested by
Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
Protocol
HTTP/1.1
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
2995183d6de2f451a10cacb2d949dd541eaa4af29dc351111b80165a4647322d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://12.43.152.18/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Jan 2022 14:12:32 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-675dccd488-22gs7
vary
Origin
x-c
main-1548.I52ef9e.M0-537
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://12.43.152.18
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=30545A0C536B768C0A490D44%40AdobeOrg&d_nsid=0&d_mid=03089700242507888450540313726365975096&ts=1641305552143
Requested by
Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
Protocol
HTTP/1.1
Server
34.255.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-227-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b9d14faff3c0f6db5825653b324f2e9c123493ef4862a9b8328adaf8d5948f17

Request headers

Referer
http://12.43.152.18/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v026-0a13d5aae.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
content-encoding
gzip
X-TID
Tnr6KB9ZQ5s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://12.43.152.18
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
927
Expires
Thu, 01 Jan 1970 00:00:00 UTC
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • http://cm.everesttech.net/cm/dd?d_uuid=03066492557484427350537992408046998458
  • https://cm.everesttech.net/cm/dd?d_uuid=03066492557484427350537992408046998458
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YdRV0AAAAKfO4AQE
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YdRV0AAAAKfO4AQE
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YdRV0AAAAKfO4AQE
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
HTTP/1.1
Server
34.255.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-227-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v026-0c3609612.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6ie3Em41Qfo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v026-00b8ba9f8.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GCzP1eg0TCU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YdRV0AAAAKfO4AQE
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pan_utilityUnderline.jpg
12.43.152.18/images/ 		379 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://12.43.152.18/images/pan_utilityUnderline.jpg
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/include/navStyle.css
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
e86245749bd9c2edab8ff63e812d7d66e97de171979520c5c6e796d26f838ef2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/include/navStyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"17b-55df61806f380"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=498
Content-Length
379
navBg_Intres.jpg
12.43.152.18/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://12.43.152.18/images/navBg_Intres.jpg
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/include/navStyleIntres.css
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
df94edda05b955baab1d85393baea134fb8dbec44b0b0ca52c23a11d018afe6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/include/navStyleIntres.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"1139-55df61806f380"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=499
Content-Length
4409
navBg_left_Intres.jpg
12.43.152.18/images/ 		579 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://12.43.152.18/images/navBg_left_Intres.jpg
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/include/navStyleIntres.css
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
cd1b0718efd442fa8dbeff184fda33c9b0b08c19bbc1fa67689633c9737160d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/include/navStyleIntres.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"243-55df61806f380"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=499
Content-Length
579
buttonBg2.gif
12.43.152.18/images/ 		935 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://12.43.152.18/images/buttonBg2.gif
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/include/navStyle.css
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
8675d0a0946f238b7c0ae90e6a590a12bfa467d4b06d3e9e750a3e41b33b5b9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/include/navStyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"3a7-55df61806f380"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=499
Content-Length
935
buttonBg1.gif
12.43.152.18/images/ 		453 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://12.43.152.18/images/buttonBg1.gif
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/include/navStyle.css
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
380035a9f0ce9c4cd5389ca7e58333cc3b0ff2780802bd6427f1f608e25d3293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/include/navStyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"1c5-55df61806f380"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=498
Content-Length
453
btn_bg_button_orange_arrow.gif
12.43.152.18/images/ 		874 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://12.43.152.18/images/btn_bg_button_orange_arrow.gif
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/include/buttons.css
Protocol
HTTP/1.1
Server
12.43.152.18 , United States, ASN13893 (EHI-NA-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
c31367cb7d41077e60b2a5b0b487d58ab16a29644a663599acbf740ccbf697af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/include/buttons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Last-Modified
Tue, 14 Nov 2017 19:07:10 GMT
Server
Apache
ETag
"36a-55df61806f380"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=500
Content-Length
874
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
H2
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2258
date
Tue, 04 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 04 Jan 2022 15:34:54 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
js
www.googletagmanager.com/gtag/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8163242
Requested by
Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7f5d7f879c87730bbf1b1e682d0f1a4b4c647899ab52f3b0dce1448abaea8d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:12:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35942
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 14:12:32 GMT
s-code-contents-d6260cd16c768a70ed750852d8a333b8ed6e5e45.js
assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/s-code-contents-d6260cd16c768a70ed750852d8a333b8ed6e5e45.js
Requested by
Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1bf118033ccc44e7f8079805f6a0a8dfc3bf4a17060bf6ecbdbbd070fc73d72f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 14:12:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 15:38:13 GMT
Server
AkamaiNetStorage
ETag
"e35d8153ce895998f83fb386051b7404:1582817893.203592"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://12.43.152.18
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
34130
Expires
Tue, 04 Jan 2022 15:12:32 GMT
dest5.html
fast.enterprise.demdex.net/ Frame AA3B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://fast.enterprise.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js
Protocol
HTTP/1.1
Server
2.16.186.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-56.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified
Mon, 03 Feb 2020 17:27:06 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=21600
Date
Tue, 04 Jan 2022 14:12:32 GMT
Content-Length
2785
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=413922188&t=pageview&_s=1&dl=http%3A%2F%2F12.43.152.18%2FfileNotFound.html&ul=en-us&de=windows-1252&dt=404%20Page%20Not%20Found%20-%20Enterprise%20Rent-A-Car&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=586191830&gjid=1179430904&cid=207985099.1641305552&tid=UA-81889725-1&_gid=1389577200.1641305552&_r=1&_slc=1&z=1110672172
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://12.43.152.18/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 14:12:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://12.43.152.18
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81889725-1&cid=207985099.1641305552&jid=586191830&gjid=1179430904&_gid=1389577200.1641305552&_u=YGBACEAABAAAAC~&z=1005119678
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://12.43.152.18/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 04 Jan 2022 14:12:32 GMT
content-type
text/plain
access-control-allow-origin
http://12.43.152.18
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-81889725-1&cid=207985099.1641305552&jid=586191830&_u=YGBACEAABAAAAC~&z=1602221637
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 14:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-81889725-1&cid=207985099.1641305552&jid=586191830&_u=YGBACEAABAAAAC~&z=1602221637
Requested by
Host: 12.43.152.18
URL: http://12.43.152.18/fileNotFound.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 14:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
fls.doubleclick.net/ 		40 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
http://fls.doubleclick.net/json?spot=8163242&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=714695697406
Requested by
Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/s-code-contents-d6260cd16c768a70ed750852d8a333b8ed6e5e45.js
Protocol
HTTP/1.1
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://12.43.152.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 14:12:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
X-Frame-Options
SAMEORIGIN
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
60
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| e object| adobe function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams string| h function| ga string| GoogleAnalyticsObject object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| dataLayer function| gtag string| internalDomain object| ps string| ehiHost number| c undefined| sacct_env string| childRSID string| dlh string| dlhref string| s_account object| s function| s_doPlugins object| dfaConfig undefined| _jQueryDependent function| handleResFormError function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| s_Integrate_DFA string| v number| s_objectID number| s_giq object| s_3_Integrate_DFA_get_0 object| y object| z

10 Cookies

Domain/Path Name / Value
12.43.152.18/ Name: AMCVS_30545A0C536B768C0A490D44%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdRV0AAAAKfO4AQE
12.43.152.18/ Name: _ga
Value: GA1.1.207985099.1641305552
12.43.152.18/ Name: _gid
Value: GA1.1.1389577200.1641305552
12.43.152.18/ Name: _gat_ehiglobal
Value: 1
.demdex.net/ Name: demdex
Value: 17933586229907495713929665714409782204
12.43.152.18/ Name: _gcl_au
Value: 1.1.1849148750.1641305552
.dpm.demdex.net/ Name: dpm
Value: 17933586229907495713929665714409782204
12.43.152.18/ Name: AMCV_30545A0C536B768C0A490D44%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C18997%7CMCMID%7C03089700242507888450540313726365975096%7CMCAID%7CNONE%7CMCOPTOUT-1641312752s%7CNONE%7CMCAAMLH-1641910352%7C6%7CMCAAMB-1641910352%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19004%7CvVersion%7C4.3.0
12.43.152.18/ Name: s_pers
Value: %20s_dfa%3Dehglobalprod%7C1641307352981%3B%20s_vs%3D1%7C1641307353100%3B

2 Console Messages

Source Level URL
Text
javascript warning URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/mbox-contents-acd0be0245ac9c3b7e8a94d4d4491c612f0bcb5f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/satelliteLib-64715503a5c3f03a9c38350e5a8825412fb1d39a.js(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://assets.adobedtm.com/637ae9c62c9fe0a9a2fd27b1350da0b838190621/mbox-contents-acd0be0245ac9c3b7e8a94d4d4491c612f0bcb5f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
fast.enterprise.demdex.net
fls.doubleclick.net
metrics.enterprise.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
12.43.152.18
142.250.184.198
15.188.95.229
2.16.186.56
2a00:1450:4001:803::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:827::2004
2a00:1450:400c:c0c::9d
2a02:26f0:6c00:28a::1e80
34.255.227.52
52.50.54.3
0ef1b72ac7bbc9f668bc4bba60e694507b5d5f41f81e371fc9b3dd916194face
1bf118033ccc44e7f8079805f6a0a8dfc3bf4a17060bf6ecbdbbd070fc73d72f
2742eba552af0dd5913710a6b81de3bc7871042d969e0c97503c3266f7edc8f5
2995183d6de2f451a10cacb2d949dd541eaa4af29dc351111b80165a4647322d
36638f640b6016ce762d7b73d241e48bb3f7ca0258267d1ad023e3553c4ff9c0
380035a9f0ce9c4cd5389ca7e58333cc3b0ff2780802bd6427f1f608e25d3293
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8083d633733a5c0252aface42af5495a06708ad7655d1f2e27aa8140514d3fcf
836914f172c38199b34cfb44dc4aa192d4c9ec9a67974046ab68b15271fe6847
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853415f0edf0f27d848d0f4a90b28bf17829dad0391b7e33a2c4e4ebb57b38cf
8675d0a0946f238b7c0ae90e6a590a12bfa467d4b06d3e9e750a3e41b33b5b9c
916e0609581a669ebc43c9145ddd5c6d4679d77c0288ea4e5e40b4d340e6720c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b9d14faff3c0f6db5825653b324f2e9c123493ef4862a9b8328adaf8d5948f17
c31367cb7d41077e60b2a5b0b487d58ab16a29644a663599acbf740ccbf697af
c7f5d7f879c87730bbf1b1e682d0f1a4b4c647899ab52f3b0dce1448abaea8d2
cd1b0718efd442fa8dbeff184fda33c9b0b08c19bbc1fa67689633c9737160d1
db7b3511296dfee9303f0130ccef359aad6fc509e67944e39161c9bd46eca824
df94edda05b955baab1d85393baea134fb8dbec44b0b0ca52c23a11d018afe6a
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e86245749bd9c2edab8ff63e812d7d66e97de171979520c5c6e796d26f838ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe3cd4e96e099a905c91daba11f638e3572b1fc042814b1cf465547be844daca