www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://myaccontcapitalone.com/
Effective URL:
https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469...
Submission: On March 30 via api (March 30th 2020, 2:01:41 pm UTC) from US

Summary HTTP 42 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 42 HTTP transactions. The main IP is 195.201.46.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.

This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.32.237.91 212.32.237.91	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	18.235.158.66 18.235.158.66	14618 (AMAZON-AES) (AMAZON-AES)
13	195.201.46.48 195.201.46.48	24940 (HETZNER-AS) (HETZNER-AS)
1	13.225.73.35 13.225.73.35	16509 (AMAZON-02) (AMAZON-02)
5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
2	217.114.212.216 217.114.212.216	31103 (KEYWEB-AS) (KEYWEB-AS)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	95.101.185.51 95.101.185.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.28.163.57 52.28.163.57	16509 (AMAZON-02) (AMAZON-02)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
42	16

1 212.32.237.91 (Hoofddorp, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

myaccontcapitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.235.158.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-158-66.compute-1.amazonaws.com

usd.jared-don.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 195.201.46.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.46.201.195.clients.your-server.de

www.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.35 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-35.fra2.r.cloudfront.net

cdn-a.yieldlove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.114.212.216 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: ns1.alpha9marketing.net

tracker.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.185.51 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-185-51.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.163.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-163-57.eu-central-1.compute.amazonaws.com

tracking.yieldlove-ad-serving.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	auskunft.de www.auskunft.de tracker.auskunft.de	374 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	11 KB
7	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	134 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	11 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
2	casalemedia.com as-sec.casalemedia.com	1 KB
2	jared-don.com usd.jared-don.com	3 KB
1	yieldlove-ad-serving.net tracking.yieldlove-ad-serving.net	107 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	yieldlove.com cdn-a.yieldlove.com	88 KB
1	myaccontcapitalone.com 1 redirects myaccontcapitalone.com	459 B
0	adform.net Failed adx.adform.net Failed
42	14

	Domain	Requested by
13	www.auskunft.de	usd.jared-don.com www.auskunft.de
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.auskunft.de securepubads.g.doubleclick.net
3	www.google-analytics.com	2 redirects www.auskunft.de
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	de.ioam.de	1 redirects www.auskunft.de
2	as-sec.casalemedia.com	cdn-a.yieldlove.com
2	stats.g.doubleclick.net	www.auskunft.de
2	tracker.auskunft.de	www.auskunft.de
2	usd.jared-don.com	usd.jared-don.com
1	tracking.yieldlove-ad-serving.net	cdn-a.yieldlove.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	script.ioam.de	www.auskunft.de
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn-a.yieldlove.com	www.auskunft.de
1	myaccontcapitalone.com	1 redirects
0	adx.adform.net Failed	cdn-a.yieldlove.com
42	18

This site contains links to these domains. Also see Links.

Domain
www.alpha9marketing.com

Subject Issuer	Validity	Valid
*.auskunft.de Sectigo RSA Domain Validation Secure Server CA	`2019-09-12` - `2021-09-11`	2 years	crt.sh
cdn-a.yieldlove.com Amazon	`2019-10-02` - `2020-11-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
tracker.auskunft.de cPanel, Inc. Certification Authority	`2020-02-27` - `2020-05-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
tracking.yieldlove-ad-serving.net Let's Encrypt Authority X3	`2020-02-28` - `2020-05-28`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
Frame ID: D0B26185F4DAA120FA9D0FA6261311D1
Requests: 40 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 1D5D01E72C45C9ED3666B15AB4F659DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 5059D61976CAE7C4FD37E56E9F8E35C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A73F0BC7BFFE267342777CEB504AC4FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://myaccontcapitalone.com/ HTTP 302
http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7... Page URL
http://usd.jared-don.com/zcredirect?visitid=eea1b90d-728e-11ea-8074-12a2890d1439&type=js&browserWidth... Page URL
https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d540828264... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

42
Requests

93 %
HTTPS

38 %
IPv6

14
Domains

18
Subdomains

16
IPs

5
Countries

667 kB
Transfer

1442 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alpha9marketing.com/unternehmen/stellenangebote
Title: Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://myaccontcapitalone.com/ HTTP 302
http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
http://usd.jared-don.com/zcredirect?visitid=eea1b90d-728e-11ea-8074-12a2890d1439&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://myaccontcapitalone.com/ HTTP 302
http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Request Chain 20

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1590332910&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db%26t%3Dalpha-mem-BcAdMrKA%26s%3Dbadious-buzzard%26keyword%3Dcapital%2Bone%252Ccredit%2Bcard%252Conline%2Bbanking%252Chome%2Bloan%252Cmyaccontcapitalone%252Cmyaccontcapitalone.com%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001900&dr=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=66211130&gjid=887634643&cid=1613611184.1585576882&tid=UA-77541742-2&_gid=1234059408.1585576882&_r=1&z=907593712 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=66211130&_gid=1234059408.1585576882&gjid=887634643&_v=j81&z=907593712

Request Chain 35

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.jared-don.com&r2=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect.visitid.eea1b90d-728e-11ea-8074-12a2890d1439.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ee1d468af754125e81fbb5&ep=1614686017&vr=416&id=sxnjyl&i3=001ee1d468af754125e81fbb5%3A1616594485728%3A1585576885728%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1585576885728&n1=5&dntt=0&lt=1585576885731&ev=&cs=168xzd&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.jared-don.com&r2=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect.visitid.eea1b90d-728e-11ea-8074-12a2890d1439.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ee1d468af754125e81fbb5&ep=1614686017&vr=416&id=sxnjyl&i3=001ee1d468af754125e81fbb5%3A1616594485728%3A1585576885728%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1585576885728&n1=5&dntt=0&lt=1585576885731&ev=&cs=168xzd&mo=1&sr=71

Request Chain 41

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1590332910&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db%26t%3Dalpha-mem-BcAdMrKA%26s%3Dbadious-buzzard%26keyword%3Dcapital%2Bone%252Ccredit%2Bcard%252Conline%2Bbanking%252Chome%2Bloan%252Cmyaccontcapitalone%252Cmyaccontcapitalone.com%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001900&dr=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=nobounce&ea=10%20seconds&_u=aEBAAEAB~&jid=176886222&gjid=1889794668&cid=1613611184.1585576882&tid=UA-77541742-2&_gid=1234059408.1585576882&_r=1&z=1505449455 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=176886222&_gid=1234059408.1585576882&gjid=1889794668&_v=j81&z=1505449455

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

eea1b90d-728e-11ea-8074-12a2890d1439 Show response
usd.jared-don.com/zcvisitor/
Redirect Chain

http://myaccontcapitalone.com/
http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

1004 B
2 KB

1470ms
182ms

Document
text/html

18.235.158.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Protocol

HTTP/1.1

Server

18.235.158.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-158-66.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

3d715d47a40b42a8b3369bc0460ef57197bef280164f41bb13808f73a2ee1b3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.jared-don.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Mar 2020 14:01:22 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 30 Mar 2020 14:01:19 GMT
location: http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
server: nginx
set-cookie: sid=ee939f82-728e-11ea-9658-82891d380f98; path=/; domain=.myaccontcapitalone.com; expires=Sat, 17 Apr 2088 17:15:27 GMT; max-age=2147483647; HttpOnly

GET
H/1.1 200
OK zcredirect
usd.jared-don.com/ 1014 B
2 KB 94ms
94ms Document
text/html 18.235.158.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.jared-don.com/zcredirect?visitid=eea1b90d-728e-11ea-8074-12a2890d1439&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usd.jared-don.com
URL: http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Protocol

HTTP/1.1

Server

18.235.158.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-158-66.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.jared-don.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://usd.jared-don.com/zcvisitor/eea1b90d-728e-11ea-8074-12a2890d1439?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Date: Mon, 30 Mar 2020 14:01:22 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H2 200 Primary Request / Show response
www.auskunft.de/ 27 KB
10 KB 112ms
80ms Document
text/html 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900

Requested by

Host: usd.jared-don.com
URL: http://usd.jared-don.com/zcredirect?visitid=eea1b90d-728e-11ea-8074-12a2890d1439&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

d7959c1d41e541734776c9b9ce4936c72fe1e40ff0706419f6e19c62480624af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.auskunft.de
:scheme: https
:path: /?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://usd.jared-don.com/zcredirect?visitid=eea1b90d-728e-11ea-8074-12a2890d1439&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://usd.jared-don.com/zcredirect?visitid=eea1b90d-728e-11ea-8074-12a2890d1439&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status: 200
server: nginx
date: Mon, 30 Mar 2020 14:01:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: AUSKUNFT_SESSION=87d2lfjt9k48jq6ecaecj2d5ok; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip

GET
H2 200 main-index.35f6e95fa2aaec50b09c.css
www.auskunft.de/assets/bundles/ 29 KB
8 KB 12ms
11ms Stylesheet
text/css 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main-index.35f6e95fa2aaec50b09c.css

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

c2feb9e35c9455a79bcdd80b8557055c85bb84fbf82c9321daf075c9433e4e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-7580"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 yieldlove-bidder.js Show response
cdn-a.yieldlove.com/ 287 KB
88 KB 1048ms
8ms Script
application/javascript 13.225.73.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-35.fra2.r.cloudfront.net
Software: / Express
Resource Hash: f341d69a5a4bb29c7eb7b664b3e7a050f0ef6cb4657de8395b12a97e4f6e1e84

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 13:49:47 GMT
content-encoding: gzip
age: 696
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=10800
x-amz-cf-pop: FRA2-C2
access-control-allow-origin: *
x-amz-cf-id: rZbHttKQDmD5KH8lZfOOxQlH9oB54wtNFWwBpKKdW4dKRegpXYBBHQ==
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 44 KB
15 KB 16ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

13b4167f33493222630961881087c84a10d604eff3e36d3419ad411ed762e704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "471 / 827 of 1000 / last-modified: 1585413499"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
expires: Mon, 30 Mar 2020 14:01:22 GMT

GET
H2 200 auskunft_de_logo.webp
www.auskunft.de/img/ 1 KB
1 KB 21ms
20ms Image
image/webp 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
last-modified: Fri, 21 Jul 2017 08:52:49 GMT
server: nginx
etag: "5971c0e1-4ee"
strict-transport-security: max-age=2592000
content-type: image/webp
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1262
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 geo-location-icon_basic.svg
www.auskunft.de/img/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.auskunft.de/img/geo-location-icon_basic.svg
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.46.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 14:01:21 GMT
last-modified: Fri, 15 Nov 2019 10:29:36 GMT
server: nginx
etag: "5dce7e10-4d3"
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 1235

GET
H2 200 jquery.min.js Show response
www.auskunft.de/assets/static/ 86 KB
35 KB 17ms
16ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/static/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-15851"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 main.781501066f19f35889c1.js Show response
www.auskunft.de/assets/bundles/ 92 KB
35 KB 23ms
22ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main.781501066f19f35889c1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

82bcb02c18847b71b66c6a8ed4553e4742d34c502ac1562fa126317ad4ab0ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-171ad"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5270
date: Mon, 30 Mar 2020 12:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 30 Mar 2020 14:33:32 GMT

GET
H2 200 background
www.auskunft.de/ 219 KB
219 KB 35ms
35ms Image
image/jpeg 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/background

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
server: nginx
strict-transport-security: max-age=2592000
content-type: image/jpeg
status: 200
cache-control: public, max-age=1209600
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 auskunft.63ab7166db6d37d1b0b1f0044ea63394.woff2
www.auskunft.de/assets/bundles/ 12 KB
12 KB 18ms
18ms Font
application/octet-stream 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/auskunft.63ab7166db6d37d1b0b1f0044ea63394.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

31fe0532b149e8a76100ed48594a204d40e7560cf0f880ce7d7421b50273bba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/assets/bundles/main-index.35f6e95fa2aaec50b09c.css
Origin: https://www.auskunft.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: "5e81f146-2e14"
strict-transport-security: max-age=2592000
content-type: application/octet-stream
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11796
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 168 KB
62 KB 16ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62957
x-xss-protection: 0
expires: Mon, 30 Mar 2020 14:01:22 GMT

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 24 KB
9 KB 3334ms
14ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js?m=1
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.12 001e
Resource Hash: 743598a62f8a0b8ea281e5a9daefd9806d61c74b039551094118e4ac0bee61c6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 30 Mar 2020 14:01:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2020 14:01:25 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.12 001e
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 30 Mar 2020 16:01:25 GMT

GET
H2 200 matomo.js Show response
tracker.auskunft.de/ 68 KB
22 KB 7290ms
26ms Script
application/javascript 217.114.212.216
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.auskunft.de/matomo.js
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns1.alpha9marketing.net
Software: Apache /
Resource Hash: 1093f0317db2bfb85328107b5cc89ccee3d9296b62859c7bc86a649de9a226c4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:29 GMT
content-encoding: br
last-modified: Tue, 24 Mar 2020 08:38:44 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 22671

GET
H2 200 vendors~app.fb876fe1775d03c4f631.js Show response
www.auskunft.de/assets/bundles/ 30 KB
12 KB 15ms
15ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/vendors~app.fb876fe1775d03c4f631.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.781501066f19f35889c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

3a1637eb5aadd6cbea7400dae6fce88cef714a68e4d477079ed72befdfffc347

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-772d"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 app.2994b02f80793d11c0a4.js Show response
www.auskunft.de/assets/bundles/ 33 KB
11 KB 17ms
16ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/app.2994b02f80793d11c0a4.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.781501066f19f35889c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

83a1ff048840500437365d777e3c8b9fa24f605fc53bfbe73d167e6715f87a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-84d2"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1590332910&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=66211130&_gid=1234059408.1585576882&gjid=887634643&_v=j81&z=907593712

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=66211130&_gid=1234059408.1585576882&gjid=887634643&_v=j81&z=907593712

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 30 Mar 2020 14:01:22 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Mar 2020 14:01:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=66211130&_gid=1234059408.1585576882&gjid=887634643&_v=j81&z=907593712
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 374ms
373ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2045732303713237&correlator=2385084976955691&output=ldjh&impl=fifs&adsid=NT&vrg=2020032302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200330&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1585576882&dt=1585576882468&dlt=1585576882291&idt=157&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=732&adks=3358614790&ucis=1&ifi=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db%26t%3Dalpha-mem-BcAdMrKA%26s%3Dbadious-buzzard%26keyword%3Dcapital%2Bone%252Ccredit%2Bcard%252Conline%2Bbanking%252Chome%2Bloan%252Cmyaccontcapitalone%252Cmyaccontcapitalone.com%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001900&ref=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&dssz=26&icsg=43775&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1613611184.1585576882&ga_sid=1585576882&ga_hid=1590332910&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

5b2aa32e7b8881440bea5149203f99d51b24d1ca97ab39f51fb40e07dbbaa286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Mon, 30 Mar 2020 14:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7137
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 17ms
17ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25234
x-xss-protection: 0
expires: Mon, 30 Mar 2020 14:01:22 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 searchbar.a8e64a5745bd8e26bde7.js Show response
www.auskunft.de/assets/bundles/ 9 KB
3 KB 14ms
12ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/searchbar.a8e64a5745bd8e26bde7.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.781501066f19f35889c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

73ead1540b51224a594a4c4eea19f0c57c892e37f27ac2e92948a49fa932f6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-2281"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 searchbar-handle-sort.44b06ace4fb54aa8c8ad.js Show response
www.auskunft.de/assets/bundles/ 892 B
763 B 14ms
13ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/searchbar-handle-sort.44b06ace4fb54aa8c8ad.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.781501066f19f35889c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

b7394f8c08c751edc64a628dd0a1ea865ba587b521b7139e230ff76c2a7fc37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-37c"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 geolocation.736c4d54ccb973ed0e6c.js Show response
www.auskunft.de/assets/bundles/ 6 KB
2 KB 16ms
15ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/geolocation.736c4d54ccb973ed0e6c.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.781501066f19f35889c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

b08543809ebca0dd7fe5ebcbe8e0f944f176cb8ac781adc0a80505426c31db06

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: public
date: Mon, 30 Mar 2020 14:01:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 13:16:54 GMT
server: nginx
etag: W/"5e81f146-1825"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 29 Apr 2020 14:01:21 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 1D5D 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 30 Mar 2020 13:32:14 GMT
expires: Tue, 30 Mar 2021 13:32:14 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1748
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585308637081045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27959
x-xss-protection: 0
expires: Mon, 30 Mar 2020 14:01:22 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
752 B 53ms
31ms XHR
application/json 95.101.185.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=392699&v=7.2&r=%7B%22id%22%3A%2213a1359a54c095%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222f2f256a7456cb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223bd9e80eaffd74%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db%26t%3Dalpha-mem-BcAdMrKA%26s%3Dbadious-buzzard%26keyword%3Dcapital%2Bone%252Ccredit%2Bcard%252Conline%2Bbanking%252Chome%2Bloan%252Cmyaccontcapitalone%252Cmyaccontcapitalone.com%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001900%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.185.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-185-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f55a836ba05d0c924af2f92759c8ae430a097a1ff4ae5293b6bd14d55414f19

Request headers

Origin: https://www.auskunft.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Mar 2020 14:01:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Mon, 30 Mar 2020 14:01:23 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
752 B 75ms
19ms XHR
application/json 95.101.185.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=392699&v=8.1&r=%7B%22id%22%3A%2213a1359a54c095%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222f2f256a7456cb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22video%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A4%7D%7D%2C%7B%22id%22%3A%223bd9e80eaffd74%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db%26t%3Dalpha-mem-BcAdMrKA%26s%3Dbadious-buzzard%26keyword%3Dcapital%2Bone%252Ccredit%2Bcard%252Conline%2Bbanking%252Chome%2Bloan%252Cmyaccontcapitalone%252Cmyaccontcapitalone.com%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001900%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1&
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.185.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-185-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f55a836ba05d0c924af2f92759c8ae430a097a1ff4ae5293b6bd14d55414f19

Request headers

Origin: https://www.auskunft.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Mar 2020 14:01:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Mon, 30 Mar 2020 14:01:23 GMT

GET /
adx.adform.net/adx/ 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
26 KB 452ms
447ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2045732303713237&correlator=1976892066825825&output=ldjh&impl=fifs&adsid=NT&eid=44714449&vrg=2020032302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200330&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=1&prev_scp=yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dnever%26yieldlove_is_reloaded%3Dnever%26yieldlove_ab%3Ddefault%26yieldlove_meta_ab%3Dpid%253A19965.scenario%253Adefault%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1&eri=1&cookie=ID%3Dd202f78356c3e2d0%3AT%3D1585576882%3AS%3DALNI_MailSaPkacWM_Pbf9LSAQh9mo-jLQ&cookie_enabled=1&bc=31&abxe=1&lmt=1585576883&dt=1585576883411&dlt=1585576882291&idt=157&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=732&adks=3358614790&ucis=2&ifi=2&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db%26t%3Dalpha-mem-BcAdMrKA%26s%3Dbadious-buzzard%26keyword%3Dcapital%2Bone%252Ccredit%2Bcard%252Conline%2Bbanking%252Chome%2Bloan%252Cmyaccontcapitalone%252Cmyaccontcapitalone.com%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001900&ref=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&dssz=30&icsg=10740219903&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1613611184.1585576882&ga_sid=1585576882&ga_hid=1590332910&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8e4b07ce758c35efcad02c03c39a3706c0bcc7de1a630165336c4a849753cbcc

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1718110944308225207/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1718110944308225207/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COPQnJeuwugCFTRR5QodZVoOqw&gqi=&layout=/sadbundle/%24csp%253Der3%24/1718110944308225207/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1718110944308225207/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1718110944308225207/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COPQnJeuwugCFTRR5QodZVoOqw&gqi=&layout=/sadbundle/%24csp%253Der3%24/1718110944308225207/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 26243
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 30 Mar 2020 14:01:23 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5059 0
0 9ms
9ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 30 Mar 2020 13:32:14 GMT
expires: Tue, 30 Mar 2021 13:32:14 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1749
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

POST
H2 200 hb2.php Show response
tracking.yieldlove-ad-serving.net/ 2 B
107 B 276ms
10ms XHR
text/plain 52.28.163.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

Origin: https://www.auskunft.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 200
date: Mon, 30 Mar 2020 14:20:56 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: *
content-type: text/plain;charset=UTF-8

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.jared-don.com&r2=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect.visitid.eea1b90d-728e-1...
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.jared-don.com&r2=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect.visitid.eea1b90d-728e-1...

0
694 B

17ms
16ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.jared-don.com&r2=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect.visitid.eea1b90d-728e-11ea-8074-12a2890d1439.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ee1d468af754125e81fbb5&ep=1614686017&vr=416&id=sxnjyl&i3=001ee1d468af754125e81fbb5%3A1616594485728%3A1585576885728%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1585576885728&n1=5&dntt=0&lt=1585576885731&ev=&cs=168xzd&mo=1&sr=71
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0033
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Mar 2020 14:01:25 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0033
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 30 Mar 2020 14:01:25 GMT
X-Powered-By: BLACKBIRD-RCV v1.06.2 0033
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 30 Mar 2020 14:01:25 GMT
Server: nginx
Location: /tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.jared-don.com&r2=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect.visitid.eea1b90d-728e-11ea-8074-12a2890d1439.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=001e&i2=001ee1d468af754125e81fbb5&ep=1614686017&vr=416&id=sxnjyl&i3=001ee1d468af754125e81fbb5%3A1616594485728%3A1585576885728%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1585576885728&n1=5&dntt=0&lt=1585576885731&ev=&cs=168xzd&mo=1&sr=71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sat, 30 Mar 2019 14:01:25 GMT

GET
H2 200 matomo.php
tracker.auskunft.de/ 43 B
109 B 90ms
89ms Image
image/gif 217.114.212.216
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.auskunft.de/matomo.php?action_name=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&idsite=1&rec=1&r=908825&h=16&m=1&s=29&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db%26t%3Dalpha-mem-BcAdMrKA%26s%3Dbadious-buzzard%26keyword%3Dcapital%2Bone%2Ccredit%2Bcard%2Conline%2Bbanking%2Chome%2Bloan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001900&urlref=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&_id=0b283c223b87a854&_idts=1585576890&_idvc=1&_idn=0&_rcn=zp&_refts=1585576890&_viewts=1585576890&_ref=http%3A%2F%2Fusd.jared-don.com%2Fzcredirect%3Fvisitid%3Deea1b90d-728e-11ea-8074-12a2890d1439%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&send_image=1&cookie=1&res=1600x1200&gt_ms=81&pv_id=0pdkIT&devicePixelRatio=1
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zreea1b90d728e11ea807412a2890d14395963c8dce8d5408282646ec93208002604597469dce5d895db&t=alpha-mem-BcAdMrKA&s=badious-buzzard&keyword=capital+one%2Ccredit+card%2Conline+banking%2Chome+loan%2Cmyaccontcapitalone%2Cmyaccontcapitalone.com&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001900
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns1.alpha9marketing.net
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 14:01:29 GMT
content-encoding: br
server: Apache
vary: Origin,Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-store
content-length: 47

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 24ms
24ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b26ff1409c3573c3b54b263d0b510470f1d2a9e725ca195456f220e0920f2d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Mon, 30 Mar 2020 14:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5154
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 14:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 30 Mar 2020 14:01:31 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A73F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 30 Mar 2020 13:30:43 GMT
expires: Tue, 30 Mar 2021 13:30:43 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1848
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 18ms
18ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032302&jk=2045732303713237&bg=!SkmlSVFYiUN6K0mIytwCAAAAWFIAAAAPmQFbVj9RCXnC7rpqsCIYzew7hWT6XkBHbfqnCn5CjQ6nd56zPmo21YYz6osob3x9krN_4DdyDZ4Pwza0x6P9lasai-mvFmZJQ5gWeAUS-P6Sm7ks1GquhwGMRfzJqQWu8iigW4tUMk-AyXh8ChoaoC1sMQ_4NF0wpNFWdq9imepqsqUOmcuSMWiV8bAq2L2ZXPxOHdIb0-cMoCMg6dwXKRr9AK8PzP99axE8om9wNriikLXkrOaypNC9VM0kyrdiODNAt1373E8pZBHg8yObtryvhR6a-YzYMyrDrExb4czdye4qY2pIXr2UdTvkf4zm9fXKPrWAsP0gbPWN48EyHT37JE0gL5dYTSh9VlQpJh3tYNIDVQXRWPFxj_ysof0pOWX7wyuAnv00lPZCrurY8KQ7M5iM5WOt-jtKc1q3Px9_GG8GnEoPDdkK3WB9RY3mZitof-HBST7dfjW6CK4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 30 Mar 2020 14:01:31 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1590332910&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzreea1b90d728e11ea807412a2890d14395963c8dc...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=176886222&_gid=1234059408.1585576882&gjid=1889794668&_v=j81&z=1505449455

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=176886222&_gid=1234059408.1585576882&gjid=1889794668&_v=j81&z=1505449455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 30 Mar 2020 14:01:32 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Mar 2020 14:01:32 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1613611184.1585576882&jid=176886222&_gid=1234059408.1585576882&gjid=1889794668&_v=j81&z=1505449455
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adx.adform.net
URL: https://adx.adform.net/adx/?rp=4&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPTZjMzJjNGYzLTk1NGQtNGEzZi05ZjhmLTk4N2ZlNDFlMmJkYw%3D%3D&pt=gross&stid=05e64dd8-6f23-41ab-9fa6-6469842108d7&fd=1

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 08:26:17	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
adx.adform.net
as-sec.casalemedia.com
cdn-a.yieldlove.com
de.ioam.de
myaccontcapitalone.com
pagead2.googlesyndication.com
script.ioam.de
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tracker.auskunft.de
tracking.yieldlove-ad-serving.net
usd.jared-don.com
www.auskunft.de
www.google-analytics.com
www.googletagservices.com
adx.adform.net
13.225.73.35
172.217.18.98
18.235.158.66
195.201.46.48
212.32.237.91
217.114.212.216
2a00:1450:4001:808::2001
2a00:1450:4001:814::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::200e
2a00:1450:400c:c08::9b
52.28.163.57
91.215.100.40
91.215.103.64
95.101.185.51
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1093f0317db2bfb85328107b5cc89ccee3d9296b62859c7bc86a649de9a226c4
13b4167f33493222630961881087c84a10d604eff3e36d3419ad411ed762e704
26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd
31fe0532b149e8a76100ed48594a204d40e7560cf0f880ce7d7421b50273bba9
3a1637eb5aadd6cbea7400dae6fce88cef714a68e4d477079ed72befdfffc347
3d715d47a40b42a8b3369bc0460ef57197bef280164f41bb13808f73a2ee1b3a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b2aa32e7b8881440bea5149203f99d51b24d1ca97ab39f51fb40e07dbbaa286
5f55a836ba05d0c924af2f92759c8ae430a097a1ff4ae5293b6bd14d55414f19
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a
6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570
73ead1540b51224a594a4c4eea19f0c57c892e37f27ac2e92948a49fa932f6e4
743598a62f8a0b8ea281e5a9daefd9806d61c74b039551094118e4ac0bee61c6
82bcb02c18847b71b66c6a8ed4553e4742d34c502ac1562fa126317ad4ab0ea4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a1ff048840500437365d777e3c8b9fa24f605fc53bfbe73d167e6715f87a03
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4
8e4b07ce758c35efcad02c03c39a3706c0bcc7de1a630165336c4a849753cbcc
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b08543809ebca0dd7fe5ebcbe8e0f944f176cb8ac781adc0a80505426c31db06
b26ff1409c3573c3b54b263d0b510470f1d2a9e725ca195456f220e0920f2d16
b7394f8c08c751edc64a628dd0a1ea865ba587b521b7139e230ff76c2a7fc37a
c2feb9e35c9455a79bcdd80b8557055c85bb84fbf82c9321daf075c9433e4e25
d7959c1d41e541734776c9b9ce4936c72fe1e40ff0706419f6e19c62480624af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f341d69a5a4bb29c7eb7b664b3e7a050f0ef6cb4657de8395b12a97e4f6e1e84

www.auskunft.de Open in urlscan Pro 195.201.46.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

93 %HTTPS

38 %IPv6

14 Domains

18 Subdomains

16 IPs

5 Countries

667 kBTransfer

1442 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

93 %
HTTPS

38 %
IPv6

14
Domains

18
Subdomains

16
IPs

5
Countries

667 kB
Transfer

1442 kB
Size

1
Cookies

42 HTTP transactions
1 data transactions