urlscan.io logo urlscan.io
SecurityTrails logo

www.auskunft.de Open in urlscan Pro
195.201.46.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://applesucks.com/
Effective URL: https://www.auskunft.de/?rt=y&utm_source=zp
Submission: On September 27 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 62 HTTP transactions. The main IP is 195.201.46.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.
This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 199.59.242.152 395082 (BODIS-NJ)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.172.248.225 14618 (AMAZON-AES)
10 195.201.46.48 24940 (HETZNER-AS)
1 13.32.158.20 16509 (AMAZON-02)
8 172.217.16.194 15169 (GOOGLE)
2 185.33.223.218 29990 (ASN-APPNEXUS)
1 3 34.95.120.147 15169 (GOOGLE)
1 37.157.4.41 198622 (ADFORM)
2 69.173.144.140 26667 (RUBICONPR...)
2 104.16.68.69 13335 (CLOUDFLAR...)
1 2.18.234.21 16625 (AKAMAI-AS)
2 3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.215.100.39 43407 (INFONLINE-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 91.215.103.65 43407 (INFONLINE-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.13.108 54113 (FASTLY)
1 104.109.78.125 20940 (AKAMAI-ASN1)
1 34.98.84.165 15169 (GOOGLE)
62 25
6    199.59.242.152 (United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)
applesucks.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    35.172.248.225 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-172-248-225.compute-1.amazonaws.com
usa.odysseus-nua.com
10    195.201.46.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.46.201.195.clients.your-server.de
www.auskunft.de
1    13.32.158.20 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-20.fra56.r.cloudfront.net
cdn-a.yieldlove.com
8    172.217.16.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net
securepubads.g.doubleclick.net
2    185.33.223.218 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
yieldlove-d.openx.net
eu-u.openx.net
1    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
2    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
1    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
7    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
www.googletagservices.com
pagead2.googlesyndication.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de
script.ioam.de
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    91.215.103.65 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de
de.ioam.de
3    2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
2    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
1    104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    34.98.84.165 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 165.84.98.34.bc.googleusercontent.com
ox-delivery-prod-1-europe-west1.openx.net
Domain Requested by
10 www.auskunft.de usa.odysseus-nua.com
www.auskunft.de
8 securepubads.g.doubleclick.net www.auskunft.de
securepubads.g.doubleclick.net
www.googletagservices.com
6 applesucks.com 1 redirects applesucks.com
4 www.googletagservices.com securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com 2 redirects www.auskunft.de
2 acdn.adnxs.com cdn-a.yieldlove.com
2 eu-u.openx.net 1 redirects cdn-a.yieldlove.com
2 de.ioam.de 1 redirects www.auskunft.de
2 stats.g.doubleclick.net www.auskunft.de
2 adservice.google.de securepubads.g.doubleclick.net
www.googletagservices.com
2 fastlane.rubiconproject.com cdn-a.yieldlove.com
2 ib.adnxs.com cdn-a.yieldlove.com
2 usa.odysseus-nua.com applesucks.com
usa.odysseus-nua.com
2 fonts.gstatic.com
1 ox-delivery-prod-1-europe-west1.openx.net
1 eus.rubiconproject.com cdn-a.yieldlove.com
1 cdn.districtm.io cdn-a.yieldlove.com
1 pagead2.googlesyndication.com
1 script.ioam.de www.auskunft.de
1 adservice.google.com securepubads.g.doubleclick.net
1 as-sec.casalemedia.com cdn-a.yieldlove.com
1 dmx.districtm.io cdn-a.yieldlove.com
1 adx.adform.net cdn-a.yieldlove.com
1 yieldlove-d.openx.net cdn-a.yieldlove.com
1 cdn-a.yieldlove.com www.auskunft.de
1 fonts.googleapis.com applesucks.com
1 www.google.com applesucks.com
0 prg.smartadserver.com Failed cdn-a.yieldlove.com
62 29

This site contains links to these domains. Also see Links.

Domain
android.auskunft.de
ios.auskunft.de
www.alpha9marketing.com
Subject Issuer Validity Valid
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.auskunft.de
Sectigo RSA Domain Validation Secure Server CA		 2019-09-12 -
2021-09-11		 2 years crt.sh
cdn-a.yieldlove.com
Amazon		 2018-10-11 -
2019-11-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.ioam.de
COMODO RSA Organization Validation Secure Server CA		 2017-12-22 -
2020-12-21		 3 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh

This page contains 8 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zp
Frame ID: BC5E003BC538C5FEA6C9E886EAE6384B
Requests: 47 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E95CA23FC18A6386BE779FCAA3978973
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: 359158416D6E3890DCFF923FAFA0203C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: 01B49328C41BD7BE077FB62C1CCB2CCE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A963ECEDDBAAA9F0F8225D1DF5C6E691
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5AD617DB6D1C930434309A544751F8F2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 87F1898D5E143E839FFB4A146D3B4CF5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 143F1150848110C6CE8835891E65C659
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://applesucks.com/ Page URL
  2. http://applesucks.com/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2F11a3d400-e0e6-11e9-a749... HTTP 302
    http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7... Page URL
  3. http://usa.odysseus-nua.com/zcredirect?visitid=11a3d400-e0e6-11e9-a749-0a223b75d50c&type=js&browserWidth... Page URL
  4. https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

62
Requests

84 %
HTTPS

33 %
IPv6

20
Domains

29
Subdomains

25
IPs

6
Countries

929 kB
Transfer

2206 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://applesucks.com/ Page URL
  2. http://applesucks.com/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2F11a3d400-e0e6-11e9-a749-0a223b75d50c%3Fcampaignid%3Df6228670-4b89-11e7-b1d2-0eda985eb958&notadsafe HTTP 302
    http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
  3. http://usa.odysseus-nua.com/zcredirect?visitid=11a3d400-e0e6-11e9-a749-0a223b75d50c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://applesucks.com/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2F11a3d400-e0e6-11e9-a749-0a223b75d50c%3Fcampaignid%3Df6228670-4b89-11e7-b1d2-0eda985eb958&notadsafe HTTP 302
  • http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Request Chain 37
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1600698981&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D11a3d400-e0e6-11e9-a749-0a223b75d50c%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=515565195&gjid=623536330&cid=1676087253.1569561437&tid=UA-77541742-2&_gid=240772760.1569561437&_r=1&z=1991596568 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=515565195&_gid=240772760.1569561437&gjid=623536330&_v=j79&z=1991596568
Request Chain 39
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.11a3d400-e0e6-11e9-a749-0a223b75d50c.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0010&i2=001008b58f54642e85d8d9b5c&ep=1599818669&vr=415&id=i7wp09&i3=001008b58f54642e85d8d9b5c%3A1596172636656%3A1569561436656%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569561436656&n1=4&dntt=0&lt=1569561436657&ev=&cs=f92adk&mo=1 HTTP 302
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.11a3d400-e0e6-11e9-a749-0a223b75d50c.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0010&i2=001008b58f54642e85d8d9b5c&ep=1599818669&vr=415&id=i7wp09&i3=001008b58f54642e85d8d9b5c%3A1596172636656%3A1569561436656%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569561436656&n1=4&dntt=0&lt=1569561436657&ev=&cs=f92adk&mo=1&sr=71
Request Chain 56
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Request Chain 62
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1600698981&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D11a3d400-e0e6-11e9-a749-0a223b75d50c%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=nobounce&ea=10%20seconds&_u=aEBAAEAB~&jid=330024870&gjid=718061158&cid=1676087253.1569561437&tid=UA-77541742-2&_gid=240772760.1569561437&_r=1&z=1817708300 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=330024870&_gid=240772760.1569561437&gjid=718061158&_v=j79&z=1817708300

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
applesucks.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://applesucks.com/
Protocol
HTTP/1.1
Server
199.59.242.152 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
75bbdb8a97926fbe1b7f8a6cc2b648099e37149a55296342f5a4bff6a780f4ca

Request headers

Host
applesucks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Server
openresty
Date
Fri, 27 Sep 2019 05:17:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_GBrxZJyaYczvxR9w4GJAAgU8j7GUnAoDlOy1vEWgdGoMsRzXfb9ukHuC12D8dhEJ13aVtum5d6KoZ9Eaei6iOw==
caf.js
www.google.com/adsense/domains/ 		157 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: applesucks.com
URL: http://applesucks.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
023ff0da6e315217a377112e4b191a4c0c4b7d9a19bed411d4fc1ebca7eb01be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://applesucks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date
Fri, 27 Sep 2019 05:17:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"6848234215970170253"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
0
Expires
Fri, 27 Sep 2019 05:17:15 GMT
px.gif
applesucks.com/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://applesucks.com/px.gif?ch=1&rn=2.198632672276131
Requested by
Host: applesucks.com
URL: http://applesucks.com/
Protocol
HTTP/1.1
Server
199.59.242.152 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://applesucks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date
Fri, 27 Sep 2019 05:17:15 GMT
Last-Modified
Thu, 26 Sep 2019 13:09:41 GMT
Server
openresty
ETag
"5d8cb895-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
px.gif
applesucks.com/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://applesucks.com/px.gif?ch=2&rn=2.198632672276131
Requested by
Host: applesucks.com
URL: http://applesucks.com/
Protocol
HTTP/1.1
Server
199.59.242.152 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://applesucks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date
Fri, 27 Sep 2019 05:17:15 GMT
Last-Modified
Thu, 26 Sep 2019 13:09:41 GMT
Server
openresty
ETag
"5d8cb895-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
glp
applesucks.com/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by
Host: applesucks.com
URL: http://applesucks.com/
Protocol
HTTP/1.1
Server
199.59.242.152 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
0fdf55a8ee0469e6a2e788560edb4ba46022eac9ea0b05d2178bbe9f18128197

Request headers

Referer
http://applesucks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 05:17:15 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: applesucks.com
URL: http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
221ab0163748d4ca62f1a0c417d618644c0f7b414c1e91efbddbeb0faa43c6b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://applesucks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 27 Sep 2019 05:17:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:15 GMT
gzb
applesucks.com/ 		199 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://applesucks.com/gzb
Requested by
Host: applesucks.com
URL: http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
199.59.242.152 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
http://applesucks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 05:17:15 GMT
Server
openresty
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
199
Expires
Mon, 26 Jul 1997 05:00:00 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://applesucks.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 23 Aug 2019 10:40:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:46 GMT
server
sffe
age
3004578
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14932
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:40:57 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://applesucks.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Sun, 25 Aug 2019 01:21:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:45 GMT
server
sffe
age
2865373
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14380
x-xss-protection
0
expires
Mon, 24 Aug 2020 01:21:02 GMT
11a3d400-e0e6-11e9-a749-0a223b75d50c
usa.odysseus-nua.com/zcvisitor/
Redirect Chain
  • http://applesucks.com/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2F11a3d400-e0e6-11e9-a749-0a223b75d50c%3Fcampaignid%3Df6228670-4b89-11e7-b1d2-0eda985eb958&notadsafe
  • http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
1010 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Requested by
Host: applesucks.com
URL: http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
35.172.248.225 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-172-248-225.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
9c51eccb6de7d3279de74249251fca4119f3f144a33bebdb95e27624be8b0262
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usa.odysseus-nua.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://applesucks.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Referer
http://applesucks.com/

Response headers

Date
Fri, 27 Sep 2019 05:17:16 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Server
openresty
Date
Fri, 27 Sep 2019 05:17:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Location
http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
zcredirect
usa.odysseus-nua.com/ 		268 B
965 B 		Document
General
Check archive.org
Download Go to
Full URL
http://usa.odysseus-nua.com/zcredirect?visitid=11a3d400-e0e6-11e9-a749-0a223b75d50c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: usa.odysseus-nua.com
URL: http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Protocol
HTTP/1.1
Server
35.172.248.225 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-172-248-225.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
6cb9ded1e23611c9e4f9107efa1ff7cce4f6a7f43c133bf2635b4b4c387297f7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usa.odysseus-nua.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Referer
http://usa.odysseus-nua.com/zcvisitor/11a3d400-e0e6-11e9-a749-0a223b75d50c?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Date
Fri, 27 Sep 2019 05:17:16 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request /
www.auskunft.de/ 		24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/?rt=y&utm_source=zp
Requested by
Host: usa.odysseus-nua.com
URL: http://usa.odysseus-nua.com/zcredirect?visitid=11a3d400-e0e6-11e9-a749-0a223b75d50c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
30e356026512a770206af44675d8efc3514b17244c5d2ae53673a9aa2a949c97
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
www.auskunft.de
:scheme
https
:path
/?rt=y&utm_source=zp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://usa.odysseus-nua.com/zcredirect?visitid=11a3d400-e0e6-11e9-a749-0a223b75d50c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
navigate
Referer
http://usa.odysseus-nua.com/zcredirect?visitid=11a3d400-e0e6-11e9-a749-0a223b75d50c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status
200
server
nginx
date
Fri, 27 Sep 2019 05:17:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
AUSKUNFT_SESSION=dcgj1lq6cg27o9aan18agjmfa6; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=2592000
content-encoding
gzip
main.6e791fbc76443f35145a.css
www.auskunft.de/assets/bundles/ 		332 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main.6e791fbc76443f35145a.css
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
bc474c535f684c34bb25cc55c44cfd62eb3cbc8070e043938176cf1043ca70a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Sep 2019 13:51:18 GMT
server
nginx
etag
W/"5d8cc256-53133"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sun, 27 Oct 2019 05:17:16 GMT
yieldlove-bidder.js
cdn-a.yieldlove.com/ 		264 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.20 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-20.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
c82e26200cec13c89b0a9a6461215cd2032279e4b30568b5d9c0f9c11200c839

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 03:11:40 GMT
content-encoding
gzip
age
7536
status
200
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
FRA56
x-amz-cf-id
PzyK2WZDzG7GfvWdHQjCIGLspgdIW21danvM2RFvxRuD3zS40emJtg==
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d80e5839d198279a97915c6ca1069c537210b27ab7327b12aca428639134e0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"291 / 803 of 1000 / last-modified: 1569527018"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14244
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:16 GMT
auskunft_de_logo.webp
www.auskunft.de/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
last-modified
Fri, 21 Jul 2017 08:52:49 GMT
server
nginx
etag
"5971c0e1-4ee"
strict-transport-security
max-age=2592000
content-type
image/webp
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1262
expires
Sun, 27 Oct 2019 05:17:16 GMT
jquery.min.js
www.auskunft.de/assets/static/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/static/jquery.min.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Sep 2019 13:51:18 GMT
server
nginx
etag
W/"5d8cc256-15851"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sun, 27 Oct 2019 05:17:16 GMT
main.a5ffcc249b448f21a8e4.js
www.auskunft.de/assets/bundles/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
49ea213d385910b82b142d6ca89c165f9780c1e25e14c4bc8171dbd19bbaf03b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Sep 2019 13:51:18 GMT
server
nginx
etag
W/"5d8cc256-17060"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sun, 27 Oct 2019 05:17:16 GMT
prebid
ib.adnxs.com/ut/v3/ 		254 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.218 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
31663e2e12e7b3de0fe0c9974fb4d269d7409ffc35ed86ac09906ea9a1f69632
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 05:17:18 GMT
X-Proxy-Origin
185.151.58.113; 185.151.58.113; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid
80c9b4e1-0b08-462f-b829-f764900baad8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
254
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
0
v1
prg.smartadserver.com/prebid/ 		0
0
arj
yieldlove-d.openx.net/w/1.0/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&jr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D11a3d400-e0e6-11e9-a749-0a223b75d50c%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=59aeffe5-9d45-478d-a6fc-61d513f58932%2C38bef2c6-f388-44ee-9def-b6fa1ad62041&nocache=1569561436453&aus=300x250%7C728x90&divIds=%252F53015287%252Fauskunft.de_d_300x250_1%2C%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797124%2C540797111&
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
d8567dfa584b123e175fe508fbe9a7c39cbc59529db99a7ecf44a7da36259a6c

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 05:17:16 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.auskunft.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
9275
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		10 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY4ODY0OCZ0cmFuc2FjdGlvbklkPTU5YWVmZmU1LTlkNDUtNDc4ZC1hNmZjLTYxZDUxM2Y1ODkzMg%3D%3D&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPTM4YmVmMmM2LWYzODgtNDRlZS05ZGVmLWI2ZmExYWQ2MjA0MQ%3D%3D&pt=gross&stid=dbc0c0ae-4ddd-4577-9b72-8849d862f344&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 05:17:16 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
10
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348702&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&tk_flint=pbjs_lite_v2.24.0&x_source.tid=59aeffe5-9d45-478d-a6fc-61d513f58932&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.645627317369041
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
55328368fb6c098a2d17a1b6d6b3ad0463dc6776d91263a89b2fc612d3c0a92f

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 05:17:16 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=411
Content-Length
2197
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348688&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&tk_flint=pbjs_lite_v2.24.0&x_source.tid=38bef2c6-f388-44ee-9def-b6fa1ad62041&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.12386872265979654
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ef131e601e15b443c425ec8c1ad69ca2cc7eb6161606a6ba0924f601842edf92

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 05:17:16 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=59
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
dmx.districtm.io/b/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
application/json

Response headers

date
Fri, 27 Sep 2019 05:17:16 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.auskunft.de
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
51cb02a2dd9c6419-FRA
access-control-allow-headers
origin, content-type
cygnus
as-sec.casalemedia.com/ 		25 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=392699&v=7.2&r=%7B%22id%22%3A%221938b9a859b1c3f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2220b001f57cffe5b%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%7D%2C%7B%22id%22%3A%22214f68218fa071b%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D11a3d400-e0e6-11e9-a749-0a223b75d50c%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b8ce9706dc996c6de2e9d54a1c5191e83f7d83b29d61073de53c2fe28fe7806f

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 05:17:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Fri, 27 Sep 2019 05:17:16 GMT
prebid
ib.adnxs.com/ut/v3/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.218 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
f3b3e85bbc35e40a03debdb4e2131db37bc706ebab2528181bffa2329533a02c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type
text/plain

Response headers

Date
Fri, 27 Sep 2019 05:17:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.151.58.113; 185.151.58.113; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
510830f5-22f5-42eb-adde-fe05b4d24150
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3078
date
Fri, 27 Sep 2019 04:25:58 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 27 Sep 2019 06:25:58 GMT
background
www.auskunft.de/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.auskunft.de/background
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 05:17:16 GMT
server
nginx
strict-transport-security
max-age=2592000
content-type
image/jpeg
status
200
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Content-Type
image/jpeg
auskunft.52a08a88453921abda3fac6930b20ccd.woff2
www.auskunft.de/assets/bundles/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/auskunft.52a08a88453921abda3fac6930b20ccd.woff2
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
8b8387f49828cc88bae916ee99f4e2a8cf97782645940cf408bd2c7943784b28
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.auskunft.de/assets/bundles/main.6e791fbc76443f35145a.css
Origin
https://www.auskunft.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
last-modified
Thu, 26 Sep 2019 13:51:18 GMT
server
nginx
etag
"5d8cc256-335c"
strict-transport-security
max-age=2592000
content-type
application/octet-stream
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
13148
expires
Sun, 27 Oct 2019 05:17:16 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

timing-allow-origin
*
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

timing-allow-origin
*
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019091901.js
securepubads.g.doubleclick.net/gpt/ 		156 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js?21064578
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
c77635c1d346c5471d294f59d0c4ef11f71c21f94e82087cbd99984c9aaa3cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 13:07:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
58568
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:16 GMT
iam.js
script.ioam.de/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script4.ioam.de
Software
nginx / BLACKBIRD-SRC v0.10 0010
Resource Hash
9a31ebe53e43ff18fb151d010e3d4ddd052e2f84e8945b649291cec97a84cd43

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date
Fri, 27 Sep 2019 05:17:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Sep 2019 05:17:16 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.10 0010
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Fri, 27 Sep 2019 07:17:16 GMT
vendors~app.5dadbffd24878eaa2672.js
www.auskunft.de/assets/bundles/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/vendors~app.5dadbffd24878eaa2672.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9510eeed248c028151703400aff73bb224892eba4d3bf27306d1e448b84e71ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Sep 2019 13:51:18 GMT
server
nginx
etag
W/"5d8cc256-a8be"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sun, 27 Oct 2019 05:17:16 GMT
app.aa45d96f51fcc5a715ec.js
www.auskunft.de/assets/bundles/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/app.aa45d96f51fcc5a715ec.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
024ef2c11a940963d0b67c31b3b4fa17c6ad752b3207816af03743672ba6163a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Sep 2019 13:51:18 GMT
server
nginx
etag
W/"5d8cc256-bb97"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sun, 27 Oct 2019 05:17:16 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1600698981&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredi...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=515565195&_gid=240772760.1569561437&gjid=623536330&_v=j79&z=1991596568
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=515565195&_gid=240772760.1569561437&gjid=623536330&_v=j79&z=1991596568
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 27 Sep 2019 05:17:16 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Sep 2019 05:17:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=515565195&_gid=240772760.1569561437&gjid=623536330&_v=j79&z=1991596568
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
searchbar-handle-sort.d8cfdeddddc61e006bd4.js
www.auskunft.de/assets/bundles/ 		963 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/assets/bundles/searchbar-handle-sort.d8cfdeddddc61e006bd4.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
4d1fbe218f21ccf7853376fe4bb57c16bf3acfd78b1954c32d5e41e7c8a4c74d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
public
date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Sep 2019 13:51:18 GMT
server
nginx
etag
W/"5d8cc256-3c3"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Sun, 27 Oct 2019 05:17:16 GMT
tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.11a3d400-...
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.11a3d400-...
0
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.11a3d400-e0e6-11e9-a749-0a223b75d50c.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0010&i2=001008b58f54642e85d8d9b5c&ep=1599818669&vr=415&id=i7wp09&i3=001008b58f54642e85d8d9b5c%3A1596172636656%3A1569561436656%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569561436656&n1=4&dntt=0&lt=1569561436657&ev=&cs=f92adk&mo=1&sr=71
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
de3.ioam.de
Software
nginx / BLACKBIRD-RCV v1.05.0 001f
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date
Fri, 27 Sep 2019 05:17:16 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.05.0 001f
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Fri, 27 Sep 2019 05:17:16 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.05.0 001f
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Fri, 27 Sep 2019 05:17:16 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.11a3d400-e0e6-11e9-a749-0a223b75d50c.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0010&i2=001008b58f54642e85d8d9b5c&ep=1599818669&vr=415&id=i7wp09&i3=001008b58f54642e85d8d9b5c%3A1596172636656%3A1569561436656%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569561436656&n1=4&dntt=0&lt=1569561436657&ev=&cs=f92adk&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Thu, 27 Sep 2018 05:17:16 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3540135595463184&correlator=284844216094555&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&eid=21064578%2C21062819%2C21064365%2C21064569%2C21064580&vrg=2019091901&guci=1.2.0.0.2.2.0.0&plat=1%3A1081352%2C2%3A1081352%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190927&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=yieldlove_scenario%3Ddefault%26yieldlove_scenario_pid%3Dpid%253A19965.default%26yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1569561436&dt=1569561436679&dlt=1569561436383&idt=280&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=728&adks=3358614790&ucis=1&ifi=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&ref=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D11a3d400-e0e6-11e9-a749-0a223b75d50c%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&dssz=24&icsg=700367&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1676087253.1569561437&ga_sid=1569561437&ga_hid=1600698981&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js?21064578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4e30b644f9ce9f7c3eecec3a883d58f3a3fc95387818b9c402a555e48fed5f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2053
x-xss-protection
0
google-lineitem-id
5111110714
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275073032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019091901.js
securepubads.g.doubleclick.net/gpt/ 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js?21064578
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js?21064578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
a29b20518a3bb583278ebb330cba43e072795b7009b39f3479819d00f0833064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 13:07:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24151
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:16 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js?21064578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers
gpt.js
www.googletagservices.com/tag/js/ Frame E95C 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js?21064578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d80e5839d198279a97915c6ca1069c537210b27ab7327b12aca428639134e0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"291 / 672 of 1000 / last-modified: 1569527018"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14244
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:16 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame E95C 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js?21064578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6182dfae0694d2f06ce0ba9e18b21af30bdc62b4878767761059e6f03cba08e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1569237451959804"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29692
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:16 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js?21064578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
218087ed3854e672a6627b47c86b3a97e1dad722daa9f509fe522b33b01302a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1569237451959804"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29169
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E95C 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVSxnKT8OGsircpgPOj23VKg6501UC252FvHTHw7MdDbYNPDzAAAhzLIrPEgfUeD3r6iMJ-6ZOIjUoPoGlxRHK2VcyoFji6u0Ya5u8593fZys43t2C02r-NNgyBx1McewsIRyIErsA2Iad1SFrc972H_YH0MKX-2Hnk4CfoFPdTPsBzJ5oUg35KB_uA9XEa0iUaT4KES_ZdbcrYWWtBG72_7YceNlKJTPb4N1dxDDni5R3mF0AD0ke_xsQlLCu-DyNMe5XnJF68_tu0SI_QNWgI3A&sai=AMfl-YS1edNOUbrDNXtTr46W2-xUsBcwLiOHO4IX5AEItNL7oMyLG8ZPRMRk4091TSobjWuBTfqKmRkuKqu5KXM9ByyA-SjGP12-0coKZjHaiA&sig=Cg0ArKJSzGkoV6K3ZIRgEAE&urlfix=1&adurl=
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

timing-allow-origin
*
date
Fri, 27 Sep 2019 05:17:17 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:17 GMT
pubads_impl_2019091901.js
securepubads.g.doubleclick.net/gpt/ Frame E95C 		156 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
c77635c1d346c5471d294f59d0c4ef11f71c21f94e82087cbd99984c9aaa3cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 13:07:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
58568
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:17 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame E95C 		113 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

timing-allow-origin
*
date
Fri, 27 Sep 2019 05:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
108
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E95C 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3357199776511402&correlator=3128155366562603&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062819%2C21064170&vrg=2019091901&guci=1.2.0.0.2.2.0.0&plat=1%3A1081352%2C2%3A1081352%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190927&iu=%2F53015287%2Fauskunft.de_d_728x90_1_dc&sz=728x90&eri=2&cookie=ID%3Df6ea923f4928024a%3AT%3D1569561436%3AS%3DALNI_MaTIv3qKJnqFfABV38n66r1wjmd-A&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1569561437&dt=1569561437100&dlt=1569561436971&idt=116&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=728&adk=3040953405&uci=whhqedgsfuci&ifi=1&ifk=2918664091&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1676087253.1569561437&ga_sid=1569561437&ga_hid=113679752&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e704ae88fe4122833180a9d9a1adde9d021f4dfb45dc1980877db67bb80984a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8104
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019091901.js
securepubads.g.doubleclick.net/gpt/ Frame E95C 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
a29b20518a3bb583278ebb330cba43e072795b7009b39f3479819d00f0833064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 13:07:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24151
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:17 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame E95C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers
truncated
/ Frame E95C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dee74814975e44bd4f8156045c05169e9f47c5d890a53acccff9191f6c2e3f36

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Content-Type
image/png
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 3591 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-35/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3491
date
Thu, 26 Sep 2019 11:47:29 GMT
expires
Fri, 25 Sep 2020 11:47:29 GMT
last-modified
Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
62988
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ Frame E95C 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
218087ed3854e672a6627b47c86b3a97e1dad722daa9f509fe522b33b01302a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date
Fri, 27 Sep 2019 05:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1569237451959804"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29169
x-xss-protection
0
expires
Fri, 27 Sep 2019 05:17:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E95C 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1gVCFLSE5pCU3JuYdSupSH7dg1FnX05Y7gvdJXmUB3OMCbZGJ8ura9CJQ0hpZMuZNcaVya-aIW4k_Pwb9_v1hAkEEo2e1pucwKY4zfzc&sig=Cg0ArKJSzDlZe1t5ITrGEAE&adk=3358614790&tt=1108&bs=1585%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=728,429,818,1157&mcvt=1008&rs=3&ht=0&tfs=110&tls=1118&mc=1&lte=1&bas=0&bac=0&met=no&avms=nio&niot_obs=7&niot_cbk=21&md=2&lm=2&rst=1569561436974&rpt=156&isd=0&msd=0&oseid=3&xdi=0&ps=1585%2C1813&ss=1600%2C1200&pt=10&bin=1&deb=1-1-1-4-12-11-15-11-0-0-0&tvt=1111&r=v&id=osdim&vs=4&za&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 05:17:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame 01B4
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
cookie
i=63f14b57-84a7-0b58-39cb-b7bf63fd8744|1569561440
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate

Response headers

status
200
vary
Accept
set-cookie
i=63f14b57-84a7-0b58-39cb-b7bf63fd8744|1569561440; Version=1; Expires=Sat, 26-Sep-2020 05:17:20 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1569561440|mOgikimWiygu; Version=1; Expires=Sat, 12-Oct-2019 05:17:20 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 27 Sep 2019 05:17:20 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=63f14b57-84a7-0b58-39cb-b7bf63fd8744|1569561440; Version=1; Expires=Sat, 26-Sep-2020 05:17:20 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
date
Fri, 27 Sep 2019 05:17:20 GMT
content-length
0
via
1.1 google
alt-svc
clear
index.html
cdn.districtm.io/ids/ Frame A963 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate

Response headers

status
200
date
Fri, 27 Sep 2019 05:17:20 GMT
content-type
text/html
set-cookie
__cfduid=d169a5598b816cb57a701a77cf6e09ffb1569561440; expires=Sat, 26-Sep-20 05:17:20 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51cb02badbaa6419-FRA
content-encoding
br
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5AD6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 27 Sep 2019 05:17:20 GMT
Age
4476924
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19123-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 393695
X-Timer
S1569561440.479630,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 87F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 25 Sep 2019 17:59:19 GMT
Content-Encoding
gzip
Content-Length
7694
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=37241
Expires
Fri, 27 Sep 2019 15:38:01 GMT
Date
Fri, 27 Sep 2019 05:17:20 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 143F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode
nested-navigate

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 27 Sep 2019 05:17:20 GMT
Age
4476925
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19133-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1612866
X-Timer
S1569561440.481997,VS0,VE0
Vary
Accept-Encoding
bo
ox-delivery-prod-1-europe-west1.openx.net/w/1.0/ 		43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-delivery-prod-1-europe-west1.openx.net/w/1.0/bo?bd=241&bp=1379&br=p&bs=www.auskunft.de&bt=3000&ts=2DAABBgABAAECAAIBAAsAAgAAAYwcGApncWtXTDZPaXFxHBa3zIXTv72pitQBFreewsz1nIbFkAEAHBaD-vXLgJz1qnAWydOd_qqO56LqAQAWuO3s2AsVBBEALBwVBAAcFQIAHBUIAHwcFQQAHBUCABgLMS4wOTQwODk1MDkAHBwVCAAcFQIAGAwxLjIzNDY2NTQ1NTAAABwmiKPfgwQVBBUEJuyi34MEFuSxoIAE1sYVFowTFsoXFqAGFsQFFqAGFsQFFvAaABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFu7bmIAEFs6wnoAEFqTgpoAEFoK1oYAEFRgcFPQDFNgEABUEJrQdFrQdFvAaETUOACwsFpy_2qzqoLWQMRanwom4op_419sBABa47ezYCwYo7tuYgAQWzrCegAQWgrWhgAQWpOCmgAQYBzcyMDg4ODkW4jIW8BolBBbqBRgGMTAwMDUxFQKWrMCFAxERGAVPWC1HQgx6FPgDFNoEACgDcnRigQAMPDgVbXlsYW4uY29tQG1hdGh0YWcuY29tAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.84.165 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
165.84.98.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 05:17:20 GMT
via
1.1 google
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1600698981&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirec...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=330024870&_gid=240772760.1569561437&gjid=718061158&_v=j79&z=1817708300
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=330024870&_gid=240772760.1569561437&gjid=718061158&_v=j79&z=1817708300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 27 Sep 2019 05:17:26 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Sep 2019 05:17:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1676087253.1569561437&jid=330024870&_gid=240772760.1569561437&gjid=718061158&_v=j79&z=1817708300
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| yieldlove_site_id object| yieldlove_site_settings object| YLHH object| googletag object| __core-js_shared__ object| core object| yieldlove_cmd object| pbjsYLHH function| pbjsYLHHChunk object| stroeerCore object| body string| highresImage object| highresImageLoader string| gaProperty string| disableStr function| gaOptout function| bgLoadSuccess function| bgLoadFailed string| GoogleAnalyticsObject function| ga object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| $ function| jQuery object| webpackJsonp object| regeneratorRuntime object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| auskunft string| szmvars object| iom undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

6 Cookies

Domain/Path Name / Value
www.auskunft.de/ Name: session_id
Value: 5263fa3b-059c-42e1-9b02-bcd74b4ec302
.auskunft.de/ Name: _gid
Value: GA1.2.240772760.1569561437
.auskunft.de/ Name: ioam2018
Value: 001008b58f54642e85d8d9b5c:1596172636656:1569561436656:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1569561436656:vrde3r
.auskunft.de/ Name: _ga
Value: GA1.2.1676087253.1569561437
.auskunft.de/ Name: _gat
Value: 1
www.auskunft.de/ Name: AUSKUNFT_SESSION
Value: dcgj1lq6cg27o9aan18agjmfa6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
applesucks.com
as-sec.casalemedia.com
cdn-a.yieldlove.com
cdn.districtm.io
de.ioam.de
dmx.districtm.io
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ox-delivery-prod-1-europe-west1.openx.net
pagead2.googlesyndication.com
prg.smartadserver.com
script.ioam.de
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
usa.odysseus-nua.com
www.auskunft.de
www.google-analytics.com
www.google.com
www.googletagservices.com
yieldlove-d.openx.net
prg.smartadserver.com
104.109.78.125
104.16.68.69
13.32.158.20
151.101.13.108
172.217.16.194
185.33.223.218
195.201.46.48
199.59.242.152
2.18.234.21
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:817::200a
2a00:1450:4001:81e::2001
2a00:1450:4001:821::2002
2a00:1450:400c:c00::9a
34.95.120.147
34.98.84.165
35.172.248.225
37.157.4.41
69.173.144.140
91.215.100.39
91.215.103.65
023ff0da6e315217a377112e4b191a4c0c4b7d9a19bed411d4fc1ebca7eb01be
024ef2c11a940963d0b67c31b3b4fa17c6ad752b3207816af03743672ba6163a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fdf55a8ee0469e6a2e788560edb4ba46022eac9ea0b05d2178bbe9f18128197
218087ed3854e672a6627b47c86b3a97e1dad722daa9f509fe522b33b01302a2
221ab0163748d4ca62f1a0c417d618644c0f7b414c1e91efbddbeb0faa43c6b4
30e356026512a770206af44675d8efc3514b17244c5d2ae53673a9aa2a949c97
31663e2e12e7b3de0fe0c9974fb4d269d7409ffc35ed86ac09906ea9a1f69632
49ea213d385910b82b142d6ca89c165f9780c1e25e14c4bc8171dbd19bbaf03b
4d1fbe218f21ccf7853376fe4bb57c16bf3acfd78b1954c32d5e41e7c8a4c74d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e30b644f9ce9f7c3eecec3a883d58f3a3fc95387818b9c402a555e48fed5f7c
55328368fb6c098a2d17a1b6d6b3ad0463dc6776d91263a89b2fc612d3c0a92f
6182dfae0694d2f06ce0ba9e18b21af30bdc62b4878767761059e6f03cba08e5
6cb9ded1e23611c9e4f9107efa1ff7cce4f6a7f43c133bf2635b4b4c387297f7
75bbdb8a97926fbe1b7f8a6cc2b648099e37149a55296342f5a4bff6a780f4ca
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4
8b8387f49828cc88bae916ee99f4e2a8cf97782645940cf408bd2c7943784b28
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
9510eeed248c028151703400aff73bb224892eba4d3bf27306d1e448b84e71ac
9a31ebe53e43ff18fb151d010e3d4ddd052e2f84e8945b649291cec97a84cd43
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c51eccb6de7d3279de74249251fca4119f3f144a33bebdb95e27624be8b0262
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
a29b20518a3bb583278ebb330cba43e072795b7009b39f3479819d00f0833064
b8ce9706dc996c6de2e9d54a1c5191e83f7d83b29d61073de53c2fe28fe7806f
bc474c535f684c34bb25cc55c44cfd62eb3cbc8070e043938176cf1043ca70a1
c77635c1d346c5471d294f59d0c4ef11f71c21f94e82087cbd99984c9aaa3cda
c82e26200cec13c89b0a9a6461215cd2032279e4b30568b5d9c0f9c11200c839
d80e5839d198279a97915c6ca1069c537210b27ab7327b12aca428639134e0c9
d8567dfa584b123e175fe508fbe9a7c39cbc59529db99a7ecf44a7da36259a6c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dee74814975e44bd4f8156045c05169e9f47c5d890a53acccff9191f6c2e3f36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e704ae88fe4122833180a9d9a1adde9d021f4dfb45dc1980877db67bb80984a2
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef131e601e15b443c425ec8c1ad69ca2cc7eb6161606a6ba0924f601842edf92
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b3e85bbc35e40a03debdb4e2131db37bc706ebab2528181bffa2329533a02c
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2