www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html
Effective URL:
https://www.auskunft.de/?rt=y&utm_source=zp
Submission: On January 20 via api (January 20th 2020, 5:32:07 am UTC) from US

Summary HTTP 75 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 20 domains to perform 75 HTTP transactions. The main IP is 195.201.46.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.

This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	74.206.232.234 74.206.232.234	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	5.79.68.236 5.79.68.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	209.15.13.136 209.15.13.136	13768 (COGECO-PEER1) (COGECO-PEER1)
2	35.175.38.64 35.175.38.64	14618 (AMAZON-AES) (AMAZON-AES)
13	195.201.46.48 195.201.46.48	24940 (HETZNER-AS) (HETZNER-AS)
1	52.222.155.115 52.222.155.115	16509 (AMAZON-02) (AMAZON-02)
9	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2006	15169 (GOOGLE) (GOOGLE)
2	217.114.212.216 217.114.212.216	31103 (KEYWEB-AS) (KEYWEB-AS)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
2	185.33.223.210 185.33.223.210	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.86.138.78 185.86.138.78	201081 (SMARTADSE...) (SMARTADSERVER)
3	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
1	18.194.21.214 18.194.21.214	16509 (AMAZON-02) (AMAZON-02)
1	52.28.163.57 52.28.163.57	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
2	2.21.37.17 2.21.37.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
75	26

3 74.206.232.234 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

www.kloshpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kloshpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.79.68.236 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

api.quotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.15.13.136 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

dprtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.175.38.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-38-64.compute-1.amazonaws.com

usa.lucretius-ada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 195.201.46.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.46.201.195.clients.your-server.de

www.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.155.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-155-115.fra53.r.cloudfront.net

cdn-a.yieldlove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ff.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.114.212.216 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: ns1.alpha9marketing.net

tracker.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

yieldlove-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.210 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.78 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.21.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-21-214.eu-central-1.compute.amazonaws.com

api.yieldlove-ad-serving.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.163.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-163-57.eu-central-1.compute.amazonaws.com

tracking.yieldlove-ad-serving.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.37.17 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-37-17.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	auskunft.de www.auskunft.de tracker.auskunft.de	317 KB
13	doubleclick.net securepubads.g.doubleclick.net ff.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	194 KB
10	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	60 KB
6	ampproject.org cdn.ampproject.org	124 KB
4	googletagservices.com www.googletagservices.com	99 KB
4	adnxs.com ib.adnxs.com acdn.adnxs.com	5 KB
3	districtm.io dmx.districtm.io cdn.districtm.io	903 B
3	ioam.de 1 redirects script.ioam.de de.ioam.de	13 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	kloshpro.com 1 redirects www.kloshpro.com kloshpro.com	1 KB
2	yieldlove-ad-serving.net api.yieldlove-ad-serving.net tracking.yieldlove-ad-serving.net	314 B
2	smartadserver.com prg.smartadserver.com	3 KB
2	openx.net yieldlove-d.openx.net eu-u.openx.net	1 KB
2	google.com 1 redirects adservice.google.com www.google.com	428 B
2	google.de adservice.google.de	956 B
2	lucretius-ada.com usa.lucretius-ada.com	3 KB
2	dprtb.com 1 redirects dprtb.com	3 KB
2	quotes.com 1 redirects api.quotes.com	822 B
1	adform.net adx.adform.net	455 B
1	yieldlove.com cdn-a.yieldlove.com	81 KB
75	20

	Domain	Requested by
13	www.auskunft.de	usa.lucretius-ada.com www.auskunft.de
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.auskunft.de cdn.ampproject.org
9	securepubads.g.doubleclick.net	www.auskunft.de securepubads.g.doubleclick.net www.kloshpro.com www.googletagservices.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
4	www.googletagservices.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	2 redirects www.auskunft.de
2	acdn.adnxs.com	cdn-a.yieldlove.com
2	de.ioam.de	1 redirects www.auskunft.de
2	dmx.districtm.io	cdn-a.yieldlove.com www.auskunft.de
2	prg.smartadserver.com	cdn-a.yieldlove.com
2	ib.adnxs.com	cdn-a.yieldlove.com
2	stats.g.doubleclick.net	www.auskunft.de
2	tracker.auskunft.de	www.auskunft.de
2	adservice.google.de	securepubads.g.doubleclick.net www.googletagservices.com
2	usa.lucretius-ada.com	dprtb.com usa.lucretius-ada.com
2	dprtb.com	1 redirects
2	api.quotes.com	1 redirects kloshpro.com
2	www.kloshpro.com	1 redirects
1	eu-u.openx.net	cdn-a.yieldlove.com
1	cdn.districtm.io	cdn-a.yieldlove.com
1	pagead2.googlesyndication.com
1	googleads.g.doubleclick.net	www.auskunft.de
1	www.google.com	1 redirects
1	tracking.yieldlove-ad-serving.net	cdn-a.yieldlove.com
1	api.yieldlove-ad-serving.net	cdn-a.yieldlove.com
1	adx.adform.net	cdn-a.yieldlove.com
1	yieldlove-d.openx.net	cdn-a.yieldlove.com
1	script.ioam.de	www.auskunft.de
1	ff.doubleclick.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	cdn-a.yieldlove.com	www.auskunft.de
1	kloshpro.com	www.kloshpro.com
75	32

This site contains links to these domains. Also see Links.

Domain
www.alpha9marketing.com

Subject Issuer	Validity	Valid
*.auskunft.de Sectigo RSA Domain Validation Secure Server CA	`2019-09-12` - `2021-09-11`	2 years	crt.sh
cdn-a.yieldlove.com Amazon	`2019-10-02` - `2020-11-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
tracker.auskunft.de cPanel, Inc. Certification Authority	`2020-01-02` - `2020-04-01`	3 months	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.smartadserver.com Thawte RSA CA 2018	`2018-09-07` - `2020-02-17`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
yieldlove-ad-serving.net Amazon	`2019-11-19` - `2020-12-19`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
tracking.yieldlove-ad-serving.net Let's Encrypt Authority X3	`2019-12-30` - `2020-03-29`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-02-19`	10 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zp
Frame ID: 59EBA23AD26E22403F2A6F1FF08BAA4D
Requests: 46 HTTP requests in this frame

Frame: https://ff.doubleclick.net/tag/js/fetch_frame_2020011301.html
Frame ID: ED2F61BC06D0B2C4A458B1FC8807E202
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttFVRUVoWgSURmcj8zTM2y4_-7CON-mA8GH981lYPWJUtrnoZj25cC_YpvNITrtkOhkoWiKiQdMKsKmwN9qPSokadzhF76XE_JtOUgO1aBqfia9b6babGRQOgG3BeLtr162RhPIP0z05_vOMZhV15TS66a6VwG8FOleZSPfAnnUcu8E5SSv3EwEb4Sj-FV3aSX2cBIOSbjwsBSQKTkbdTF8ZLHsi6qXlCfjMsbGWxVkO43yANpXh6j-KKpJX5FA6oFdbo8DOc1ygAKP2Hph6GykJs&sai=AMfl-YSFOEfxqGf-VG9kwWA5ylzsboUAalvXc7_jJly8zBHXQbJXaS6PxR4-qHP5t1dVy4TS4KRmrnu1eCCu4h0CM6BENP62zrKzR1Njnk5S&sig=Cg0ArKJSzMj5wW97dov0EAE&urlfix=1&adurl=
Frame ID: DC3C32E55C5F6663B7B65D419AA4D866
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: E11DAA989776585A7F513CDF8D80260A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Frame ID: CDF3447E001B0AB64BC7274483437FC0
Requests: 16 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 737B07ED47FC41C92EAC4B94D3B111FA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B891CB142FE36728F8F430318012505B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E44A7BB0E825D618B3E90AF5B59BA18D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: 97DACE6AE9722FCDDAA3DE1E27DB1C88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html HTTP 302
http://www.kloshpro.com/ Page URL
http://kloshpro.com/ Page URL
http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b Page URL
http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b?hr=1 HTTP 302
http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOd... Page URL
http://dprtb.com/Redirect/ HTTP 302
http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7... Page URL
http://usa.lucretius-ada.com/zcredirect?visitid=28742030-3b46-11ea-9b7c-0af2069a31dd&type=js&browserWidth... Page URL
https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

75
Requests

92 %
HTTPS

31 %
IPv6

20
Domains

32
Subdomains

26
IPs

7
Countries

923 kB
Transfer

2215 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alpha9marketing.com/unternehmen/stellenangebote
Title: Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html HTTP 302
http://www.kloshpro.com/ Page URL
http://kloshpro.com/ Page URL
http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b Page URL
http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b?hr=1 HTTP 302
http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b0RyOVJvTkZlMEp6dGxtT2Y2QS1mQWlRMg2&id=ca85c2c4-3918-4fa9-bb9c-6c6c2e6a0e24 Page URL
http://dprtb.com/Redirect/ HTTP 302
http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
http://usa.lucretius-ada.com/zcredirect?visitid=28742030-3b46-11ea-9b7c-0af2069a31dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html HTTP 302
http://www.kloshpro.com/

Request Chain 3

http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b?hr=1 HTTP 302
http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b0RyOVJvTkZlMEp6dGxtT2Y2QS1mQWlRMg2&id=ca85c2c4-3918-4fa9-bb9c-6c6c2e6a0e24

Request Chain 4

http://dprtb.com/Redirect/ HTTP 302
http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1955557314&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect%3Fvisitid%3D28742030-3b46-11ea-9b7c-0af2069a31dd%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=76346885&gjid=1692837929&cid=1806288697.1579498312&tid=UA-77541742-2&_gid=2123249386.1579498312&_r=1&z=1314308482 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=76346885&_gid=2123249386.1579498312&gjid=1692837929&_v=j79&z=1314308482

Request Chain 35

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.lucretius-ada.com&r2=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect.visitid.28742030-3b46-11ea-9b7c-0af2069a31dd.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBrandenburg&cb=000a&i2=000a6d533d2487a345e253b47&ep=1602797975&vr=415&id=jflnsx&i3=000a6d533d2487a345e253b47%3A1609219912206%3A1579498312206%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1579498312206&n1=4&dntt=0&lt=1579498312207&ev=&cs=p480wp&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.lucretius-ada.com&r2=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect.visitid.28742030-3b46-11ea-9b7c-0af2069a31dd.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBrandenburg&cb=000a&i2=000a6d533d2487a345e253b47&ep=1602797975&vr=415&id=jflnsx&i3=000a6d533d2487a345e253b47%3A1609219912206%3A1579498312206%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1579498312206&n1=4&dntt=0&lt=1579498312207&ev=&cs=p480wp&mo=1&sr=71

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 76

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1955557314&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect%3Fvisitid%3D28742030-3b46-11ea-9b7c-0af2069a31dd%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=nobounce&ea=10%20seconds&_u=aEBAAEAB~&jid=353505285&gjid=1964820833&cid=1806288697.1579498312&tid=UA-77541742-2&_gid=2123249386.1579498312&_r=1&z=227049330 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=353505285&_gid=2123249386.1579498312&gjid=1964820833&_v=j79&z=227049330

75 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
www.kloshpro.com/
Redirect Chain

http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html
http://www.kloshpro.com/

638 B
622 B

94ms
93ms

Document
text/html

74.206.232.234
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kloshpro.com/
Protocol: HTTP/1.1
Server: 74.206.232.234 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: aaa862bb6acbb0df32a6bf2e3bc917a97a2f5100ae7b97cb518185fc3adceb9b

Request headers

Host: www.kloshpro.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server: nginx
Date: Mon, 20 Jan 2020 05:31:49 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 20 Jan 2020 05:31:49 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: http://www.kloshpro.com/

POST
H/1.1 200
OK Cookie set / Show response
kloshpro.com/ 154 B
557 B 835ms
709ms Document
text/html 74.206.232.234
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: http://kloshpro.com/
Requested by: Host: www.kloshpro.com
URL: http://www.kloshpro.com/
Protocol: HTTP/1.1
Server: 74.206.232.234 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ac99201607ba5107245397cff2e2fdf32cb068070b29b38583f09c29a84f96e

Request headers

Host: kloshpro.com
Connection: keep-alive
Content-Length: 12
Pragma: no-cache
Cache-Control: no-cache
Origin: http://www.kloshpro.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.kloshpro.com/
Accept-Encoding: gzip, deflate
Origin: http://www.kloshpro.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.kloshpro.com/

Response headers

Server: nginx
Date: Mon, 20 Jan 2020 05:31:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MSwidHMiOjE1Nzk0OTgzMTAsImhhc2giOiJhYjhlZjViNSJ9;Expires=Mon, 20-Jan-2020 06:31:50 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK 286827c6-3b46-11ea-bf8a-091c8f6c630b Show response
api.quotes.com/ 171 B
374 B 126ms
31ms Document
text/html 5.79.68.236
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b
Requested by: Host: kloshpro.com
URL: http://kloshpro.com/
Protocol: HTTP/1.1
Server: 5.79.68.236 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 20e7ddc44707e55968c33dc8538ef6a94a7067be27f7c00e3ac0626ffc82caba

Request headers

Host: api.quotes.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://kloshpro.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://kloshpro.com/

Response headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 171
content-type: text/html; charset=utf-8
date: Mon, 20 Jan 2020 05:31:50 GMT
server: nginx

GET
H/1.1

200
OK

Cookie set click Show response
dprtb.com/
Redirect Chain

http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b?hr=1
http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b...

5 KB
3 KB

270ms
217ms

Document
text/html

209.15.13.136
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b0RyOVJvTkZlMEp6dGxtT2Y2QS1mQWlRMg2&id=ca85c2c4-3918-4fa9-bb9c-6c6c2e6a0e24
Protocol: HTTP/1.1
Server: 209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c0eb07c1cb8bea9538ba7c5fdd024aedd21d8cb983f0ec4a1f6eccfbb8c80711

Request headers

Host: dprtb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://api.quotes.com/286827c6-3b46-11ea-bf8a-091c8f6c630b

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: ALgkHKUUPxkHqtt=ALgkHKUUPxkHqtt; path=/
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Mon, 20 Jan 2020 05:31:50 GMT
Content-Length: 2175

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 20 Jan 2020 05:31:50 GMT
location: http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b0RyOVJvTkZlMEp6dGxtT2Y2QS1mQWlRMg2&id=ca85c2c4-3918-4fa9-bb9c-6c6c2e6a0e24
server: nginx

GET
H/1.1

200
OK

28742030-3b46-11ea-9b7c-0af2069a31dd Show response
usa.lucretius-ada.com/zcvisitor/
Redirect Chain

http://dprtb.com/Redirect/
http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

1012 B
2 KB

225ms
191ms

Document
text/html

35.175.38.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Requested by

Host: dprtb.com
URL: http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b0RyOVJvTkZlMEp6dGxtT2Y2QS1mQWlRMg2&id=ca85c2c4-3918-4fa9-bb9c-6c6c2e6a0e24

Protocol

HTTP/1.1

Server

35.175.38.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-38-64.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

3dabc180a2f44c509d08de0ab8b3ce69cec83336981ef2881821e82f37bf0365

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.lucretius-ada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b0RyOVJvTkZlMEp6dGxtT2Y2QS1mQWlRMg2&id=ca85c2c4-3918-4fa9-bb9c-6c6c2e6a0e24
Accept-Encoding: gzip, deflate
Origin: http://dprtb.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://dprtb.com/click?data=elNwanBHa2p0cWFGdm92b1NpdDJwTy1YcjRHN1pTd1dWMXQ0VkgzZTNKaUJMVUdOdzFLenR3VEw4VXNpUHFGeDNTRlNLY2haRS15bWI5U1NVNVA0eG5rUGY1S1VCazBPMDBPRUM4SE5WQTFtMTVVZ016QUpsaUFidzN4YkR2b0RyOVJvTkZlMEp6dGxtT2Y2QS1mQWlRMg2&id=ca85c2c4-3918-4fa9-bb9c-6c6c2e6a0e24

Response headers

Date: Mon, 20 Jan 2020 05:31:51 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Mon, 20 Jan 2020 05:31:50 GMT
Content-Length: 240

GET
H/1.1 200
OK zcredirect Show response
usa.lucretius-ada.com/ 268 B
965 B 101ms
101ms Document
text/html 35.175.38.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.lucretius-ada.com/zcredirect?visitid=28742030-3b46-11ea-9b7c-0af2069a31dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usa.lucretius-ada.com
URL: http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Protocol

HTTP/1.1

Server

35.175.38.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-38-64.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

6cb9ded1e23611c9e4f9107efa1ff7cce4f6a7f43c133bf2635b4b4c387297f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.lucretius-ada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://usa.lucretius-ada.com/zcvisitor/28742030-3b46-11ea-9b7c-0af2069a31dd?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Date: Mon, 20 Jan 2020 05:31:51 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H2 200 Primary Request / Show response
www.auskunft.de/ 18 KB
8 KB 177ms
102ms Document
text/html 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/?rt=y&utm_source=zp

Requested by

Host: usa.lucretius-ada.com
URL: http://usa.lucretius-ada.com/zcredirect?visitid=28742030-3b46-11ea-9b7c-0af2069a31dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

23637ee754c28643bdcdd44d6f251b6697faaa28d7b974086ea6e04e9b2bef8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.auskunft.de
:scheme: https
:path: /?rt=y&utm_source=zp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://usa.lucretius-ada.com/zcredirect?visitid=28742030-3b46-11ea-9b7c-0af2069a31dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://usa.lucretius-ada.com/zcredirect?visitid=28742030-3b46-11ea-9b7c-0af2069a31dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status: 200
server: nginx
date: Mon, 20 Jan 2020 05:31:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: AUSKUNFT_SESSION=3tk11big6981idl5mjeurakib5; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip

GET
H2 200 main-index.b4baadf82cc899a24b31.css
www.auskunft.de/assets/bundles/ 31 KB
8 KB 15ms
13ms Stylesheet
text/css 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main-index.b4baadf82cc899a24b31.css

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

f65ea795f2b912862e16f50edc8681f049196e948e00632f4584447734ceca59

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-7c79"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:51 GMT

GET
H2 200 yieldlove-bidder.js Show response
cdn-a.yieldlove.com/ 266 KB
81 KB 39ms
8ms Script
application/javascript 52.222.155.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-115.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 17f6b8cf72deed6e88bff2703e8dfcadbe4cafb360e8a5fc867565919fa07b1a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 02:37:32 GMT
content-encoding: gzip
age: 10459
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=10800
x-amz-cf-pop: FRA53
access-control-allow-origin: *
x-amz-cf-id: SCXjMmBQYZS4IEoCqHsWkpx6TAGcpCemYHa_1Iy7jG0YZGURbeJH2A==
via: 1.1 b8b7a48d4425abc8f20c14956fccf2e5.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
16 KB 36ms
15ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

bc4f139d9d3210909ff725789b95c1892f5dae98d757b36d5ccf1b48d7cffab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "403 / 22 of 1000 / last-modified: 1579291109"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16134
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:51 GMT

GET
H2 200 auskunft_de_logo.webp
www.auskunft.de/img/ 1 KB
1 KB 32ms
27ms Image
image/webp 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:51 GMT
last-modified: Fri, 21 Jul 2017 08:52:49 GMT
server: nginx
etag: "5971c0e1-4ee"
strict-transport-security: max-age=2592000
content-type: image/webp
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1262
expires: Wed, 19 Feb 2020 05:31:51 GMT

GET
H2 200 geo-location-icon_basic.svg
www.auskunft.de/img/ 1 KB
1 KB 32ms
28ms Image
image/svg+xml 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.auskunft.de/img/geo-location-icon_basic.svg
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.46.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:51 GMT
last-modified: Fri, 15 Nov 2019 10:29:36 GMT
server: nginx
etag: "5dce7e10-4d3"
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 1235

GET
H2 200 jquery.min.js Show response
www.auskunft.de/assets/static/ 86 KB
35 KB 27ms
21ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/static/jquery.min.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-15851"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:51 GMT

GET
H2 200 main.dbe0fa461b5c5c6ec421.js Show response
www.auskunft.de/assets/bundles/ 93 KB
36 KB 34ms
29ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main.dbe0fa461b5c5c6ec421.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

c8b303c52dd7687f7a21ea799dc41a09dca232faa75f372a12a9aa197ce566b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-17295"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6816
date: Mon, 20 Jan 2020 03:38:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 20 Jan 2020 05:38:15 GMT

GET
H2 200 background
www.auskunft.de/ 164 KB
164 KB 30ms
29ms Image
image/jpeg 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/background

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0698405bd8a5983afbf3542111e84c7daeeda227c254d6d1031fa3a3009c7a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:51 GMT
server: nginx
strict-transport-security: max-age=2592000
content-type: image/jpeg
status: 200
cache-control: public, max-age=1209600
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a2c35de4389fa7e5c99461e89f7b9f6ea18701cd5bd4ff425ad4a70daa61d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 auskunft.922e35b4c3e9904c457a8efd1de95551.woff2
www.auskunft.de/assets/bundles/ 11 KB
12 KB 23ms
21ms Font
application/octet-stream 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/auskunft.922e35b4c3e9904c457a8efd1de95551.woff2

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

d2b74929c564a9d1006a56a9c49e240437920f94034e4c5e8948cf72e70722b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.auskunft.de/assets/bundles/main-index.b4baadf82cc899a24b31.css
Origin: https://www.auskunft.de

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:51 GMT
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: "5e219130-2d54"
strict-transport-security: max-age=2592000
content-type: application/octet-stream
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11604
expires: Wed, 19 Feb 2020 05:31:51 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
778 B 27ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020011301.js Show response
securepubads.g.doubleclick.net/gpt/ 166 KB
61 KB 15ms
15ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

2fd3899fa327925b33fcb6e2ef324bcbf1abc9b2cb9634f8ebc6bd7ff78b6322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Jan 2020 14:10:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61968
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:51 GMT

GET
H2 200 fetch_frame_2020011301.html
ff.doubleclick.net/tag/js/ Frame ED2F 0
0 26ms
5ms Document
text/html 2a00:1450:4001:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.doubleclick.net/tag/js/fetch_frame_2020011301.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ff.doubleclick.net
:scheme: https
:path: /tag/js/fetch_frame_2020011301.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 6460
date: Mon, 20 Jan 2020 04:48:42 GMT
expires: Tue, 19 Jan 2021 04:48:42 GMT
last-modified: Mon, 13 Jan 2020 14:10:22 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2589
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 matomo.js Show response
tracker.auskunft.de/ 68 KB
22 KB 53ms
21ms Script
application/javascript 217.114.212.216
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.auskunft.de/matomo.js
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns1.alpha9marketing.net
Software: Apache /
Resource Hash: 7960e3f3049e145cdf8690073ea439c8788099f8504b9168fd68b5607511bf9f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:51 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 07:59:41 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 22671

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 34 KB
11 KB 37ms
12ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.10 000a
Resource Hash: 4864f80367a75e917c35414b85b05ee44e1bd15d405403f12f84e6905a7e2740

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 20 Jan 2020 05:31:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 05:31:51 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.10 000a
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 20 Jan 2020 07:31:51 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1955557314&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcred...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=76346885&_gid=2123249386.1579498312&gjid=1692837929&_v=j79&z=1314308482

35 B
102 B

56ms
55ms

Image
image/gif

2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=76346885&_gid=2123249386.1579498312&gjid=1692837929&_v=j79&z=1314308482

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 20 Jan 2020 05:31:52 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jan 2020 05:31:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=76346885&_gid=2123249386.1579498312&gjid=1692837929&_v=j79&z=1314308482
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors~app.2981c5d437c17859e366.js Show response
www.auskunft.de/assets/bundles/ 29 KB
11 KB 20ms
19ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/vendors~app.2981c5d437c17859e366.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.dbe0fa461b5c5c6ec421.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

1a35339f07c37362c18017a2fcf7eee64521b4702894ffd81a8eb97d3190fca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-72fe"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:52 GMT

GET
H2 200 app.e64e75a3bc0e5d9c8189.js Show response
www.auskunft.de/assets/bundles/ 33 KB
10 KB 53ms
53ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/app.e64e75a3bc0e5d9c8189.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.dbe0fa461b5c5c6ec421.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

f0bff1eaa5ed35615e466c5ae5ee1a5d4157dbd1a4ff372dd956320bc39acaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-8202"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:52 GMT

GET
H2 200 arj Show response
yieldlove-d.openx.net/w/1.0/ 4 KB
1 KB 101ms
83ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&jr=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect%3Fvisitid%3D28742030-3b46-11ea-9b7c-0af2069a31dd%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=a827c44c-dc48-48d2-a7d5-a64358f23e0a%2Ce3212db0-9ba7-4f9e-8a44-4cec56283952&nocache=1579498312068&aus=300x250%7C728x90&divIds=%252F53015287%252Fauskunft.de_d_300x250_1%2C%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797124%2C540797111&
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash: 20a62e24e759d49583fecd638ba8661d4737381e311c8a509126c4814738412c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
server: OXGW/16.174.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.auskunft.de
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 920
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
455 B 188ms
108ms XHR
application/json 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTY4ODY0OCZ0cmFuc2FjdGlvbklkPWE4MjdjNDRjLWRjNDgtNDhkMi1hN2Q1LWE2NDM1OGYyM2UwYQ%3D%3D&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPWUzMjEyZGIwLTliYTctNGY5ZS04YTQ0LTRjZWM1NjI4Mzk1Mg%3D%3D&pt=gross&stid=87dc2120-3618-4c74-9c5c-3b6c8a11a2d3&fd=1

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jan 2020 05:31:52 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
4 KB 101ms
26ms XHR
application/json 185.33.223.210
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5d6b3b2f14d374c7637ea091393ac4dd4d1e39a0cea7ff297277357b9f3add3c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: text/plain

Response headers

Date: Mon, 20 Jan 2020 05:31:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 83.143.245.68; 83.143.245.68; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.168:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 05238a99-7a13-4dbe-9199-4efc2012b38a
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 643ms
552ms XHR
application/json 185.86.138.78
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.78 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jan 2020 05:31:52 GMT
X-SMRT-D: 4%3b14%3b43
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 172ms
80ms XHR
application/json 185.86.138.78
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.78 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jan 2020 05:31:51 GMT
X-SMRT-D: 4%3b13%3b91
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

OPTIONS
H2 204 v1 Show response
dmx.districtm.io/b/ 0
463 B 106ms
32ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: POST
Origin: https://www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://www.auskunft.de
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
status: 204
access-control-max-age: 14400
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 557eaa23084c9cf4-AMS
access-control-allow-headers: origin, content-type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 226 B
918 B 86ms
16ms XHR
application/json 185.33.223.210
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

88e5283b61fdc73dcaf5fadcb200cac817af544ef9c4b308e44446bec6655941

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jan 2020 05:31:54 GMT
X-Proxy-Origin: 83.143.245.68; 83.143.245.68; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: 1ba90510-b3ae-4402-b281-3f5b6829acdb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 226
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020011301.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
24 KB 15ms
15ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

dafea9f7076ad2b1d3996eb94c7256bfd9b1f29c2c7ee8bd386332c14e12fc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Jan 2020 14:10:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24439
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 51ms
39ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.lucretius-ada.com&r2=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect.visitid.2874203...
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.lucretius-ada.com&r2=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect.visitid.2874203...

0
694 B

13ms
12ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.lucretius-ada.com&r2=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect.visitid.28742030-3b46-11ea-9b7c-0af2069a31dd.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBrandenburg&cb=000a&i2=000a6d533d2487a345e253b47&ep=1602797975&vr=415&id=jflnsx&i3=000a6d533d2487a345e253b47%3A1609219912206%3A1579498312206%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1579498312206&n1=4&dntt=0&lt=1579498312207&ev=&cs=p480wp&mo=1&sr=71
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.05.0 0026
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 20 Jan 2020 05:31:52 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.05.0 0026
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 20 Jan 2020 05:31:52 GMT
X-Powered-By: BLACKBIRD-RCV v1.05.0 0026
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 20 Jan 2020 05:31:52 GMT
Server: nginx
Location: /tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.lucretius-ada.com&r2=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect.visitid.28742030-3b46-11ea-9b7c-0af2069a31dd.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FBrandenburg&cb=000a&i2=000a6d533d2487a345e253b47&ep=1602797975&vr=415&id=jflnsx&i3=000a6d533d2487a345e253b47%3A1609219912206%3A1579498312206%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1579498312206&n1=4&dntt=0&lt=1579498312207&ev=&cs=p480wp&mo=1&sr=71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sun, 20 Jan 2019 05:31:52 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
440 B 91ms
59ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-Type: application/json

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.auskunft.de
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 557eaa23df68c85b-AMS
access-control-allow-headers: origin, content-type

GET
H2 200 searchbar.f552cd71f8da45c7aa82.js Show response
www.auskunft.de/assets/bundles/ 9 KB
4 KB 12ms
11ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/searchbar.f552cd71f8da45c7aa82.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.dbe0fa461b5c5c6ec421.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

061e71870a41adf8592771fc1a0b222e06f5e60bc3b1b03b7e593da32c215cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-24f3"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:52 GMT

GET
H2 200 searchbar-handle-sort.45faf22cf8d2c422bf0b.js Show response
www.auskunft.de/assets/bundles/ 892 B
763 B 12ms
11ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/searchbar-handle-sort.45faf22cf8d2c422bf0b.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.dbe0fa461b5c5c6ec421.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

923e3c819403a534784cb2da9bb77bb1cd2faf0f994a826a0addbed91987100e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-37c"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:52 GMT

GET
H2 200 geolocation.d08a02258f3c1fd911e0.js Show response
www.auskunft.de/assets/bundles/ 6 KB
2 KB 12ms
12ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/geolocation.d08a02258f3c1fd911e0.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.dbe0fa461b5c5c6ec421.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

b257f918ad1e71439cb4f4eacb09d462d9d4bbf0c327bf3fcb331e3abf5fe5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 10:49:20 GMT
server: nginx
etag: W/"5e219130-1825"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 19 Feb 2020 05:31:52 GMT

GET
H2 200 matomo.php
tracker.auskunft.de/ 43 B
132 B 111ms
110ms Image
image/gif 217.114.212.216
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.auskunft.de/matomo.php?action_name=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&idsite=1&rec=1&r=293011&h=6&m=31&s=52&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&urlref=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect%3Fvisitid%3D28742030-3b46-11ea-9b7c-0af2069a31dd%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&_id=311955ff733b2ed9&_idts=1579498312&_idvc=1&_idn=0&_rcn=zp&_refts=1579498312&_viewts=1579498312&_ref=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect%3Fvisitid%3D28742030-3b46-11ea-9b7c-0af2069a31dd%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&send_image=1&cookie=1&res=1600x1200&gt_ms=104&pv_id=FTfVGs&devicePixelRatio=1
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns1.alpha9marketing.net
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: br
server: Apache
vary: Origin,Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-store
content-length: 47

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC3C 0
0 19ms
18ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttFVRUVoWgSURmcj8zTM2y4_-7CON-mA8GH981lYPWJUtrnoZj25cC_YpvNITrtkOhkoWiKiQdMKsKmwN9qPSokadzhF76XE_JtOUgO1aBqfia9b6babGRQOgG3BeLtr162RhPIP0z05_vOMZhV15TS66a6VwG8FOleZSPfAnnUcu8E5SSv3EwEb4Sj-FV3aSX2cBIOSbjwsBSQKTkbdTF8ZLHsi6qXlCfjMsbGWxVkO43yANpXh6j-KKpJX5FA6oFdbo8DOc1ygAKP2Hph6GykJs&sai=AMfl-YSFOEfxqGf-VG9kwWA5ylzsboUAalvXc7_jJly8zBHXQbJXaS6PxR4-qHP5t1dVy4TS4KRmrnu1eCCu4h0CM6BENP62zrKzR1Njnk5S&sig=Cg0ArKJSzMj5wW97dov0EAE&urlfix=1&adurl=

Requested by

Host: www.kloshpro.com
URL: http://www.kloshpro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jan 2020 05:31:52 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DC3C 52 KB
16 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae00b320e8479277bf802702335f10321b2e481f582b2b59f282b9ff33dfdc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "403 / 676 of 1000 / last-modified: 1579291109"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16139
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC3C 72 KB
28 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09f123f44ea215f1123eac7a936b4cf940740ab87bb38e7f74b0fdbf049b747d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579273895063399"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27810
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2217ce1c5cb8571a4ac742a321f5dbb323fb93132bcb11c7fcec751ac338e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579273895063399"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28056
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 pubads_impl_2020011301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DC3C 166 KB
61 KB 15ms
15ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

2fd3899fa327925b33fcb6e2ef324bcbf1abc9b2cb9634f8ebc6bd7ff78b6322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Jan 2020 14:10:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61968
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame DC3C 113 B
178 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DC3C 14 KB
8 KB 320ms
319ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1148794506278009&correlator=2148844995441224&output=ldjh&impl=fif&vrg=2020011301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200120&iu=%2F53015287%2Fauskunft.de_d_728x90_1_dc&sz=728x90&eri=2&cookie=ID%3D7d0d7b3471cfd449%3AT%3D1579498312%3AS%3DALNI_MYVda_mLhxmt7lzVfeB6inV2A-Tgg&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1579498312&dt=1579498312519&dlt=1579498312437&idt=77&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=726&adk=3040953405&uci=wpwj9q7v31pp&ifi=1&ifk=2918664091&u_tz=60&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1806288697.1579498312&ga_sid=1579498313&ga_hid=687147226&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

5a4723f80d3a4b1a51001f3c71fa4dcf33f75c56ffd5e7a7f6fcff8c9b141489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8324
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020011301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DC3C 63 KB
24 KB 16ms
15ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

dafea9f7076ad2b1d3996eb94c7256bfd9b1f29c2c7ee8bd386332c14e12fc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Jan 2020 14:10:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24439
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DC3C 0
0 6ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame DC3C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0365ed1b958e28d860b20777ee5413ced0554d31ef8aeebe8973c92b8ea86f7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E11D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 19 Jan 2020 13:35:42 GMT
expires: Mon, 18 Jan 2021 13:35:42 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 57370
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC3C 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2217ce1c5cb8571a4ac742a321f5dbb323fb93132bcb11c7fcec751ac338e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 20 Jan 2020 05:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579273895063399"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28056
x-xss-protection: 0
expires: Mon, 20 Jan 2020 05:31:52 GMT

GET
H2 200 5111110714 Show response
api.yieldlove-ad-serving.net/v1/bl/53015287/ 2 B
207 B 34ms
9ms XHR
application/json 18.194.21.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldlove-ad-serving.net/v1/bl/53015287/5111110714
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.21.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-21-214.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de

Response headers

date: Mon, 20 Jan 2020 05:31:53 GMT
x-powered-by: Express
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-key: /bl/53015287/5111110714
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 2

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011912050130240/ 20 KB
7 KB 30ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2580
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7140
x-xss-protection: 0
server: sffe
date: Mon, 20 Jan 2020 04:48:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d61e8113ad0598ef"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jan 2021 04:48:53 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011912050130240/ Frame CDF3 200 KB
55 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2584
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55703
x-xss-protection: 0
server: sffe
date: Mon, 20 Jan 2020 04:48:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d665c0313f255e6"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jan 2021 04:48:49 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011912050130240/v0/ Frame CDF3 15 KB
6 KB 28ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b388700842c722b76892ae257a262436a354966566be5fc2fc06dcb7a006d49d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35885
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5590
x-xss-protection: 0
server: sffe
date: Sun, 19 Jan 2020 19:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "725cf1b04be851c6"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Jan 2021 19:33:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011912050130240/v0/ Frame CDF3 152 KB
41 KB 24ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2580
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41415
x-xss-protection: 0
server: sffe
date: Mon, 20 Jan 2020 04:48:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "66b88e0b1300c1e3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jan 2021 04:48:53 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011912050130240/v0/ Frame CDF3 3 KB
1 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627128aa43dc242642c6d678f53ebface174b2a3a3de58522b644fd5c61c5f67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35873
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1398
x-xss-protection: 0
server: sffe
date: Sun, 19 Jan 2020 19:34:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0b9648fcbc3c015a"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Jan 2021 19:34:00 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011912050130240/v0/ Frame CDF3 45 KB
14 KB 26ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

816ec7f0b489b0fd32872606d9458c49ac0d3f3fcbb901bd0a38f797d2eb14b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35888
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14335
x-xss-protection: 0
server: sffe
date: Sun, 19 Jan 2020 19:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e120bec091dd60ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Jan 2021 19:33:45 GMT

GET
DATA 200
OK truncated
/ Frame CDF3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a3fecbf7f2bda2a01141e7175e8cd2f0f18bc499e426f428bc4014a2fbb022e

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15669892787423148320
tpc.googlesyndication.com/simgad/ Frame CDF3 27 KB
27 KB 7ms
5ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15669892787423148320?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnRZmyMJ2_UIbjAqNPM2d8sQ28kPA

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6bf42c4eba9fcdee9c95d26ef11e4636615810e20d9f6aa2b47115ec350d2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 03:51:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Jan 2020 10:40:36 GMT
server: sffe
age: 524448
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 27184
x-xss-protection: 0
expires: Wed, 13 Jan 2021 03:51:05 GMT

GET
H2 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDF3 3 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 19 Jan 2020 11:08:44 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 66189
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2958
x-xss-protection: 0
expires: Mon, 20 Jan 2020 11:08:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDF3 295 B
418 B 10ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 19 Jan 2020 11:08:48 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 66185
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 20 Jan 2020 11:08:48 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CDF3 0
0 18ms
17ms Image
text/html 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0LTVSTslXqPPD8rOgAfpjKyYCbajxI5bpt2_gfIKsp-X9P4YEAEgl8DaH2CV-vCBjAegAdOx-cgDyAECqQJM89uQt5uyPuACAKgDAcgDCKoE4wFP0NNXXFE7TH6h8pXhafv4lEvIm-cOaWF4BnBpmK1wI-DqK3Lefjlmwh2SWkIWg4Uy0xoNSCIQWn9DfhjW4w89xS4wxDNQ1dNTKMveHoDXdS0FKZR0Xl1tAWUY2flc9l82Z9VgjKHla9rjnthmNVoaxvhJuabHW8qgwcxf-1hJYgApuXpgM5eC1rswfUzr0VzDusBG9K4e_E60oTZsd8nOPU1fj7v6EznfoPwv9lfnad4hnrdCJLzGB5uRaS3WYqgkf5tW3TPWYIJPd7XTx-Snvlyw7tfh0MRZXVRnT4PPWixOVMAEiJjA4MkC4AQBoAYCgAeW0OIrqAeOzhuoB9XJG6gHk9gbqAe6BqgH8tkbqAemvhuoB-zVG9gHAfIHBBCmxg_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkwNjg5NjY2MzEzODk2NzeACgPICwHYEwM&sigh=nbYPw_FoW5o&tpd=AGWhJms0bvYnAXUrL5DCbgSJ5knF1HK007L0OYvB_fYQcm5zJg
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s18-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

POST
H2 200 hb2.php Show response
tracking.yieldlove-ad-serving.net/ 2 B
107 B 30ms
7ms XHR
text/plain 52.28.163.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.auskunft.de
Content-type: application/x-www-form-urlencoded

Response headers

status: 200
date: Mon, 20 Jan 2020 05:48:46 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: *
content-type: text/plain;charset=UTF-8

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CDF3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date: Mon, 20 Jan 2020 05:31:53 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 15669892787423148320
tpc.googlesyndication.com/simgad/ Frame CDF3 27 KB
27 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15669892787423148320?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnRZmyMJ2_UIbjAqNPM2d8sQ28kPA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6bf42c4eba9fcdee9c95d26ef11e4636615810e20d9f6aa2b47115ec350d2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 03:51:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Jan 2020 10:40:36 GMT
server: sffe
age: 524448
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 27184
x-xss-protection: 0
expires: Wed, 13 Jan 2021 03:51:05 GMT

GET
H2 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDF3 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 19 Jan 2020 11:08:44 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 66189
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2958
x-xss-protection: 0
expires: Mon, 20 Jan 2020 11:08:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CDF3 295 B
355 B 9ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 19 Jan 2020 11:08:48 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 66185
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 20 Jan 2020 11:08:48 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CDF3 0
0 18ms
18ms Image
text/html 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4lHMSTslXqPPD8rOgAfpjKyYCbajxI5bpt2_gfIKsp-X9P4YEAEgl8DaH2CV-vCBjAegAdOx-cgDyAECqQJM89uQt5uyPuACAKgDAaoE4wFP0NNXXFE7TH6h8pXhafv4lEvIm-cOaWF4BnBpmK1wI-DqK3Lefjlmwh2SWkIWg4Uy0xoNSCIQWn9DfhjW4w89xS4wxDNQ1dNTKMveHoDXdS0FKZR0Xl1tAWUY2flc9l82Z9VgjKHla9rjnthmNVoaxvhJuabHW8qgwcxf-1hJYgApuXpgM5eC1rswfUzr0VzDusBG9K4e_E60oTZsd8nOPU1fj7v6EznfoPwv9lfnad4hnrdCJLzGB5uRaS3WYqgkf5tW3TPWYIJPd7XTx-Snvlyw7tfh0MRZXVRnT4PPWixOVMAEiJjA4MkC4AQBoAYCgAeW0OIrqAeOzhuoB9XJG6gHk9gbqAe6BqgH8tkbqAemvhuoB-zVG9gHAfIHBBCmxg_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkwNjg5NjY2MzEzODk2NzeACgPICwHYEwM&sigh=w5SDmZmzs7w&vt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s18-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CDF3 42 B
110 B 35ms
34ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6RUbfPDH-1koC3PUoSH_4IwSLSsGusppw3VJkW9jySfWZmVaGvw_t3n9ujFYv0uUTL-ckDLWTwRzFbfbm9m4A_f-S0YWWoaNwtUDB4HnX56VE1APWfGRoIidqJqFY55VpOM0MaMg2lNBzO6QZZ3H_&sai=AMfl-YS_N4bs5Jd0qPAT7zQyQIJ9fZVGapioWovdOgyZ8mH9gJukyCuOHFlTf-XiE3f_YbXVbxk5ohbLl52ecP1tNfhINI5L1bD4L57cl5oXo70pFYZUDIal0OZF4DM&sig=Cg0ArKJSzEVT9cHHtw2fEAE&cid=CAASF-Ro7LLbZn9Syiat25px7JBE3X7gqDtB&id=ampim&o=0,91&d=728,90&ss=1600,1200&bs=728,90&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=138&tls=1138&g=100&h=100&tt=1139&r=v&adk=3358614790&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.auskunft.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jan 2020 05:31:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 737B 0
0 111ms
109ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 20 Jan 2020 05:31:56 GMT
content-type: text/html
set-cookie: __cfduid=d68da12fd7bda7bac0d31834dea9379711579498316; expires=Wed, 19-Feb-20 05:31:56 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 557eaa3b7b3cc85b-AMS
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B891 0
0 23ms
7ms Document
text/html 2.21.37.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.17 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-17.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Accept-Encoding: gzip, deflate, br
Cookie: icu=ChgI9JFeEAoYASABKAEwyvaU8QU4AUABSAEQyvaU8QUYAA..; uuid2=203481303187434598
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 19 Jan 2021 05:31:56 GMT
Date: Mon, 20 Jan 2020 05:31:56 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E44A 0
0 30ms
13ms Document
text/html 2.21.37.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.17 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-17.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Accept-Encoding: gzip, deflate, br
Cookie: icu=ChgI9JFeEAoYASABKAEwyvaU8QU4AUABSAEQyvaU8QUYAA..; uuid2=203481303187434598
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 19 Jan 2021 05:31:56 GMT
Date: Mon, 20 Jan 2020 05:31:56 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 97DA 0
0 21ms
20ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
cookie: i=8e91ea7f-77bd-060e-1be3-1dd60f311fb1|1579498311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=8e91ea7f-77bd-060e-1be3-1dd60f311fb1|1579498311; Version=1; Expires=Tue, 19-Jan-2021 05:31:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1579498316|mOgikimWiygu; Version=1; Expires=Tue, 04-Feb-2020 05:31:56 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 20 Jan 2020 05:31:56 GMT
content-type: text/html
content-length: 373
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1955557314&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredire...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=353505285&_gid=2123249386.1579498312&gjid=1964820833&_v=j79&z=227049330

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=353505285&_gid=2123249386.1579498312&gjid=1964820833&_v=j79&z=227049330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 20 Jan 2020 05:32:01 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jan 2020 05:32:01 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1806288697.1579498312&jid=353505285&_gid=2123249386.1579498312&gjid=1964820833&_v=j79&z=227049330
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.auskunft.de/	1970-01-19 16:10:53	Name: _pk_id.1.8d6f Value: 311955ff733b2ed9.1579498312.1.1579498312.1579498312.
www.auskunft.de/	1969-12-31 23:59:59	Name: session_id Value: 755c4265-eddb-49c9-bece-99250859cb46
.auskunft.de/	1970-01-19 06:46:24	Name: _gid Value: GA1.2.2123249386.1579498312
www.auskunft.de/	1970-01-19 11:07:46	Name: _pk_ref.1.8d6f Value: %5B%22zp%22%2C%22%22%2C1579498312%2C%22http%3A%2F%2Fusa.lucretius-ada.com%2Fzcredirect%3Fvisitid%3D28742030-3b46-11ea-9b7c-0af2069a31dd%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%5D
.auskunft.de/	1970-01-19 15:00:19	Name: ioam2018 Value: 000a6d533d2487a345e253b47:1609219912206:1579498312206:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1579498312206:ruqs3d
.auskunft.de/	1970-01-20 00:16:10	Name: _ga Value: GA1.2.1806288697.1579498312
www.auskunft.de/	1970-01-19 06:45:00	Name: _pk_ses.1.8d6f Value: 1
.auskunft.de/	1970-01-19 06:44:58	Name: _gat Value: 1
www.auskunft.de/	1969-12-31 23:59:59	Name: AUSKUNFT_SESSION Value: 3tk11big6981idl5mjeurakib5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 412) Message: Powered by AMP ⚡ HTML – Version 1912050130240 https://www.auskunft.de/?rt=y&utm_source=zp
console-api	warning	URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 19) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=C4lHMSTslXqPPD8rOgAfpjKyYCbajxI5bpt2_gfIKsp-X9P4YEAEgl8DaH2CV-vCBjAegAdOx-cgDyAECqQJM89uQt5uyPuACAKgDAaoE4wFP0NNXXFE7TH6h8pXhafv4lEvIm-cOaWF4BnBpmK1wI-DqK3Lefjlmwh2SWkIWg4Uy0xoNSCIQWn9DfhjW4w89xS4wxDNQ1dNTKMveHoDXdS0FKZR0Xl1tAWUY2flc9l82Z9VgjKHla9rjnthmNVoaxvhJuabHW8qgwcxf-1hJYgApuXpgM5eC1rswfUzr0VzDusBG9K4e_E60oTZsd8nOPU1fj7v6EznfoPwv9lfnad4hnrdCJLzGB5uRaS3WYqgkf5tW3TPWYIJPd7XTx-Snvlyw7tfh0MRZXVRnT4PPWixOVMAEiJjA4MkC4AQBoAYCgAeW0OIrqAeOzhuoB9XJG6gHk9gbqAe6BqgH8tkbqAemvhuoB-zVG9gHAfIHBBCmxg_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkwNjg5NjY2MzEzODk2NzeACgPICwHYEwM&sigh=w5SDmZmzs7w&vt=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
api.quotes.com
api.yieldlove-ad-serving.net
cdn-a.yieldlove.com
cdn.ampproject.org
cdn.districtm.io
de.ioam.de
dmx.districtm.io
dprtb.com
eu-u.openx.net
ff.doubleclick.net
googleads.g.doubleclick.net
ib.adnxs.com
kloshpro.com
pagead2.googlesyndication.com
prg.smartadserver.com
script.ioam.de
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tracker.auskunft.de
tracking.yieldlove-ad-serving.net
usa.lucretius-ada.com
www.auskunft.de
www.google-analytics.com
www.google.com
www.googletagservices.com
www.kloshpro.com
yieldlove-d.openx.net
104.16.190.66
172.217.22.98
18.194.21.214
185.33.223.210
185.86.138.78
195.201.46.48
2.21.37.17
209.15.13.136
217.114.212.216
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:816::2006
2a00:1450:4001:81a::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:821::2002
2a00:1450:400c:c0c::9d
34.95.120.147
35.175.38.64
37.157.6.252
5.79.68.236
52.222.155.115
52.28.163.57
74.206.232.234
91.215.103.64
91.215.103.65
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
061e71870a41adf8592771fc1a0b222e06f5e60bc3b1b03b7e593da32c215cb9
0698405bd8a5983afbf3542111e84c7daeeda227c254d6d1031fa3a3009c7a68
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09f123f44ea215f1123eac7a936b4cf940740ab87bb38e7f74b0fdbf049b747d
0a3fecbf7f2bda2a01141e7175e8cd2f0f18bc499e426f428bc4014a2fbb022e
17f6b8cf72deed6e88bff2703e8dfcadbe4cafb360e8a5fc867565919fa07b1a
1a35339f07c37362c18017a2fcf7eee64521b4702894ffd81a8eb97d3190fca7
20a62e24e759d49583fecd638ba8661d4737381e311c8a509126c4814738412c
20e7ddc44707e55968c33dc8538ef6a94a7067be27f7c00e3ac0626ffc82caba
23637ee754c28643bdcdd44d6f251b6697faaa28d7b974086ea6e04e9b2bef8d
2fd3899fa327925b33fcb6e2ef324bcbf1abc9b2cb9634f8ebc6bd7ff78b6322
3dabc180a2f44c509d08de0ab8b3ce69cec83336981ef2881821e82f37bf0365
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4864f80367a75e917c35414b85b05ee44e1bd15d405403f12f84e6905a7e2740
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a4723f80d3a4b1a51001f3c71fa4dcf33f75c56ffd5e7a7f6fcff8c9b141489
5d6b3b2f14d374c7637ea091393ac4dd4d1e39a0cea7ff297277357b9f3add3c
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a
627128aa43dc242642c6d678f53ebface174b2a3a3de58522b644fd5c61c5f67
6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570
6cb9ded1e23611c9e4f9107efa1ff7cce4f6a7f43c133bf2635b4b4c387297f7
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7960e3f3049e145cdf8690073ea439c8788099f8504b9168fd68b5607511bf9f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816ec7f0b489b0fd32872606d9458c49ac0d3f3fcbb901bd0a38f797d2eb14b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
88e5283b61fdc73dcaf5fadcb200cac817af544ef9c4b308e44446bec6655941
8ac99201607ba5107245397cff2e2fdf32cb068070b29b38583f09c29a84f96e
923e3c819403a534784cb2da9bb77bb1cd2faf0f994a826a0addbed91987100e
98a2c35de4389fa7e5c99461e89f7b9f6ea18701cd5bd4ff425ad4a70daa61d2
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
a2217ce1c5cb8571a4ac742a321f5dbb323fb93132bcb11c7fcec751ac338e89
aaa862bb6acbb0df32a6bf2e3bc917a97a2f5100ae7b97cb518185fc3adceb9b
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
ae00b320e8479277bf802702335f10321b2e481f582b2b59f282b9ff33dfdc5a
b0365ed1b958e28d860b20777ee5413ced0554d31ef8aeebe8973c92b8ea86f7
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
b257f918ad1e71439cb4f4eacb09d462d9d4bbf0c327bf3fcb331e3abf5fe5e4
b388700842c722b76892ae257a262436a354966566be5fc2fc06dcb7a006d49d
bc4f139d9d3210909ff725789b95c1892f5dae98d757b36d5ccf1b48d7cffab7
c0eb07c1cb8bea9538ba7c5fdd024aedd21d8cb983f0ec4a1f6eccfbb8c80711
c8b303c52dd7687f7a21ea799dc41a09dca232faa75f372a12a9aa197ce566b3
d2b74929c564a9d1006a56a9c49e240437920f94034e4c5e8948cf72e70722b7
dafea9f7076ad2b1d3996eb94c7256bfd9b1f29c2c7ee8bd386332c14e12fc4a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bf42c4eba9fcdee9c95d26ef11e4636615810e20d9f6aa2b47115ec350d2aa
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bff1eaa5ed35615e466c5ae5ee1a5d4157dbd1a4ff372dd956320bc39acaf7
f65ea795f2b912862e16f50edc8681f049196e948e00632f4584447734ceca59

www.auskunft.de Open in urlscan Pro 195.201.46.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

92 %HTTPS

31 %IPv6

20 Domains

32 Subdomains

26 IPs

7 Countries

923 kBTransfer

2215 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

92 %
HTTPS

31 %
IPv6

20
Domains

32
Subdomains

26
IPs

7
Countries

923 kB
Transfer

2215 kB
Size

9
Cookies

75 HTTP transactions
3 data transactions