www.gebuhrenfrei.com Open in urlscan Pro
194.25.167.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gebuhrenfrei.com/
Effective URL:
https://www.gebuhrenfrei.com/Home/
Submission: On January 27 via manual (January 27th 2022, 5:40:22 pm UTC) from CA — Scanned from CA

Summary HTTP 139 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 48 domains to perform 139 HTTP transactions. The main IP is 194.25.167.195, located in Sassenberg, Germany and belongs to DTAG Internet service provider operations, DE. The main domain is www.gebuhrenfrei.com.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on August 12th 2020. Valid for: 2 years.

This is the only time www.gebuhrenfrei.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	194.25.167.195 194.25.167.195	3320 (DTAG Inte...) (DTAG Internet service provider operations)
3	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
8	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
2	178.32.75.217 178.32.75.217	16276 (OVH) (OVH)
2	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
2 2	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	116.202.122.87 116.202.122.87	24940 (HETZNER-AS) (HETZNER-AS)
1	62.201.164.113 62.201.164.113	12731 (IPHH IPHH...) (IPHH IPHH Internet Port Hamburg GmbH)
1 1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:2... 2600:1901:0:256b::	15169 (GOOGLE) (GOOGLE)
3	62.201.164.117 62.201.164.117	12731 (IPHH IPHH...) (IPHH IPHH Internet Port Hamburg GmbH)
2	99.84.42.23 99.84.42.23	16509 (AMAZON-02) (AMAZON-02)
3	52.28.58.4 52.28.58.4	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7903::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:459c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.251.41.192 34.251.41.192	16509 (AMAZON-02) (AMAZON-02)
1 2	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1	35.157.229.86 35.157.229.86	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.243.227 18.185.243.227	16509 (AMAZON-02) (AMAZON-02)
2 3	18.197.236.215 18.197.236.215	16509 (AMAZON-02) (AMAZON-02)
2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	213.95.181.109 213.95.181.109	12337 (NORIS-NET...) (NORIS-NETWORK IT Service Provider located in Nuernberg)
1	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6 11	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	62.216.176.7 62.216.176.7	25560 (RHTEC-AS ...) (RHTEC-AS www.rh-tec.de)
1	152.199.5.1 152.199.5.1	15133 (EDGECAST) (EDGECAST)
6 6	142.250.65.230 142.250.65.230	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1 1	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	217.79.188.8 217.79.188.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
3 4	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 3	52.203.72.187 52.203.72.187	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	23.208.216.126 23.208.216.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.166.132 34.102.166.132	15169 (GOOGLE) (GOOGLE)
1	124.146.215.48 124.146.215.48	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	124.146.215.5 124.146.215.5	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.23.105.100 23.23.105.100	14618 (AMAZON-AES) (AMAZON-AES)
1	34.205.163.198 34.205.163.198	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1	23.52.167.93 23.52.167.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.180.85.76 18.180.85.76	16509 (AMAZON-02) (AMAZON-02)
1 2	23.201.213.31 23.201.213.31	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.79.202.62 52.79.202.62	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20aa:4a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.84.125.75 99.84.125.75	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
139	57

29 194.25.167.195 (Sassenberg, Germany) 1 redirects

ASN3320 (DTAG Internet service provider operations, DE)

www.gebuhrenfrei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.32.75.217 (France)

ASN16276 (OVH, FR)

cdn.adtelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2008 (United States) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9b (Columbus, United States) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2004 (United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.122.87 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.87.122.202.116.clients.your-server.de

advanzia2-service.adtelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
advanzia2-tracking.adtelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.201.164.113 (Hamburg, Germany)

ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE)

code.etracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:256b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

aggregator.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.201.164.117 (Hamburg, Germany)

ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE)

www.etracker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.42.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-23.ewr52.r.cloudfront.net

d31bfnnwekbny6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.58.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-58-4.eu-central-1.compute.amazonaws.com

opt.kuponacdn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7903:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

graphql.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:459c (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.41.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-41-192.eu-west-1.compute.amazonaws.com

mastertag.kpcustomer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.229.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-229-86.eu-central-1.compute.amazonaws.com

retrack-kupona.kuponacdn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.243.227 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-243-227.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.236.215 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-236-215.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.95.181.109 (Schwanstetten, Germany)

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)
PTR: webportal-adspirit.de

ads.adtiger.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 68.67.160.75 (New York, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.216.176.7 (Nidderau, Germany)

ASN25560 (RHTEC-AS www.rh-tec.de, DE)

www1.mpnrs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.5.1 (United States)

ASN15133 (EDGECAST, US)

adserver.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.65.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.54 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.8 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: adfarm1.adition.com

adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::c (United States) 3 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.72.187 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-72-187.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.208.216.126 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.48 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.5 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

adgen.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.105.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-105-100.compute-1.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.163.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-163-198.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.180.85.76 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-85-76.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.201.213.31 (Atlanta, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-213-31.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.79.202.62 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-79-202-62.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20aa:4a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.125.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-75.ewr52.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	gebuhrenfrei.com 1 redirects www.gebuhrenfrei.com	700 KB
15	doubleclick.net 9 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 pubads.g.doubleclick.net — Cisco Umbrella Rank: 462 ad.doubleclick.net — Cisco Umbrella Rank: 195 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	4 KB
11	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 404	10 KB
9	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864 sslwidget.criteo.com — Cisco Umbrella Rank: 1760 dis.criteo.com — Cisco Umbrella Rank: 691	16 KB
7	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 13605 api.usercentrics.eu — Cisco Umbrella Rank: 13023 aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 16060 graphql.usercentrics.eu — Cisco Umbrella Rank: 15621	254 KB
5	adition.com 2 redirects ad2.adfarm1.adition.com — Cisco Umbrella Rank: 44768 ad13.adfarm1.adition.com — Cisco Umbrella Rank: 42540 imagesrv.adition.com — Cisco Umbrella Rank: 17629 adfarm1.adition.com — Cisco Umbrella Rank: 1650	1 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	2 KB
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 913 sp.analytics.yahoo.com — Cisco Umbrella Rank: 818 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	1 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	2 KB
4	kuponacdn.de opt.kuponacdn.de — Cisco Umbrella Rank: 199822 retrack-kupona.kuponacdn.de — Cisco Umbrella Rank: 152459	21 KB
4	adtelligence.de cdn.adtelligence.de — Cisco Umbrella Rank: 960087 advanzia2-service.adtelligence.de advanzia2-tracking.adtelligence.de	34 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	1 KB
3	mediawallahscript.com 2 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 2306	2 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
3	etracker.de www.etracker.de — Cisco Umbrella Rank: 56743	945 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1974	2 KB
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 3286	674 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	738 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 552	785 B
2	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1948 adgen.socdm.com — Cisco Umbrella Rank: 7393	2 KB
2	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1338	852 B
2	turn.com 1 redirects r.turn.com — Cisco Umbrella Rank: 3243 d.turn.com — Cisco Umbrella Rank: 880	825 B
2	adtiger.de ads.adtiger.de — Cisco Umbrella Rank: 229684	994 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 312	2 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3972	1 KB
2	ad-srv.net 1 redirects ad.ad-srv.net — Cisco Umbrella Rank: 30986	1 KB
2	cloudfront.net d31bfnnwekbny6.cloudfront.net	14 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 7861	655 B
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 279	17 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5205	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	19 KB
1	adtdp.com ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 2028	884 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 707	242 B
1	dable.io adx.dable.io — Cisco Umbrella Rank: 13782	141 B
1	ad-stir.com sync.ad-stir.com — Cisco Umbrella Rank: 2696	456 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 516	782 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1519	504 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 3239	412 B
1	tpmn.co.kr ad.tpmn.co.kr — Cisco Umbrella Rank: 3546	600 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 758	476 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316	450 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	13 KB
1	adtech.de adserver.adtech.de — Cisco Umbrella Rank: 37705	46 B
1	mpnrs.com www1.mpnrs.com — Cisco Umbrella Rank: 90449	537 B
1	kpcustomer.de mastertag.kpcustomer.de — Cisco Umbrella Rank: 200957	615 B
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 6002	5 KB
1	etracker.com code.etracker.com — Cisco Umbrella Rank: 65590	27 KB
0	yieldmanager.com Failed ad.yieldmanager.com Failed
139	48

	Domain	Requested by
29	www.gebuhrenfrei.com	1 redirects www.gebuhrenfrei.com
11	secure.adnxs.com	6 redirects srcdoc d31bfnnwekbny6.cloudfront.net
6	ad.doubleclick.net	6 redirects
6	pubads.g.doubleclick.net	srcdoc
4	match.adsrvr.org	4 redirects
4	gum.criteo.com	3 redirects static.criteo.net
3	pixel.tapad.com	2 redirects d31bfnnwekbny6.cloudfront.net
3	partner.mediawallahscript.com	2 redirects d31bfnnwekbny6.cloudfront.net
3	dis.criteo.com	d31bfnnwekbny6.cloudfront.net
3	adservice.google.com	srcdoc
3	x.bidswitch.net	2 redirects d31bfnnwekbny6.cloudfront.net
3	opt.kuponacdn.de	d31bfnnwekbny6.cloudfront.net opt.kuponacdn.de
3	www.etracker.de	code.etracker.com
3	app.usercentrics.eu	www.gebuhrenfrei.com app.usercentrics.eu
2	r.casalemedia.com	1 redirects d31bfnnwekbny6.cloudfront.net
2	an.yandex.ru	1 redirects d31bfnnwekbny6.cloudfront.net
2	eb2.3lift.com	1 redirects d31bfnnwekbny6.cloudfront.net
2	simage2.pubmatic.com	d31bfnnwekbny6.cloudfront.net
2	cw.addthis.com	d31bfnnwekbny6.cloudfront.net
2	ups.analytics.yahoo.com	1 redirects d31bfnnwekbny6.cloudfront.net
2	imagesrv.adition.com	srcdoc
2	ads.adtiger.de	srcdoc
2	pixel.rubiconproject.com	srcdoc d31bfnnwekbny6.cloudfront.net
2	ads.creative-serving.com	2 redirects
2	ad.ad-srv.net	1 redirects d31bfnnwekbny6.cloudfront.net
2	graphql.usercentrics.eu	app.usercentrics.eu
2	d31bfnnwekbny6.cloudfront.net	www.gebuhrenfrei.com d31bfnnwekbny6.cloudfront.net
2	www.google.ca	www.gebuhrenfrei.com
2	www.google.com	2 redirects
2	ssl.google-analytics.com	1 redirects www.gebuhrenfrei.com
2	dev.visualwebsiteoptimizer.com	www.gebuhrenfrei.com
2	cdn.adtelligence.de	www.gebuhrenfrei.com
2	www.googleadservices.com	www.gebuhrenfrei.com www.googleadservices.com
1	d.turn.com	1 redirects
1	ad.as.amanad.adtdp.com	d31bfnnwekbny6.cloudfront.net
1	s.ad.smaato.net	d31bfnnwekbny6.cloudfront.net
1	adx.dable.io	d31bfnnwekbny6.cloudfront.net
1	sync.ad-stir.com	d31bfnnwekbny6.cloudfront.net
1	contextual.media.net	d31bfnnwekbny6.cloudfront.net
1	crb.kargo.com	d31bfnnwekbny6.cloudfront.net
1	cs.adingo.jp	d31bfnnwekbny6.cloudfront.net
1	adgen.socdm.com	d31bfnnwekbny6.cloudfront.net
1	tg.socdm.com	d31bfnnwekbny6.cloudfront.net
1	ad.tpmn.co.kr	d31bfnnwekbny6.cloudfront.net
1	sync.outbrain.com	d31bfnnwekbny6.cloudfront.net
1	sp.analytics.yahoo.com	d31bfnnwekbny6.cloudfront.net
1	ads.yahoo.com	d31bfnnwekbny6.cloudfront.net
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com	d31bfnnwekbny6.cloudfront.net
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com	d31bfnnwekbny6.cloudfront.net
1	static.criteo.net	retrack-kupona.kuponacdn.de
1	adfarm1.adition.com	1 redirects
1	r.turn.com	srcdoc
1	ad13.adfarm1.adition.com	1 redirects
1	adserver.adtech.de	srcdoc
1	www1.mpnrs.com	srcdoc
1	ad2.adfarm1.adition.com	srcdoc
1	retrack-kupona.kuponacdn.de	d31bfnnwekbny6.cloudfront.net
1	mastertag.kpcustomer.de	d31bfnnwekbny6.cloudfront.net
1	browser-update.org	www.gebuhrenfrei.com
1	advanzia2-tracking.adtelligence.de	cdn.adtelligence.de
1	aggregator.service.usercentrics.eu	app.usercentrics.eu
1	api.usercentrics.eu	app.usercentrics.eu
1	googleads.g.doubleclick.net	1 redirects
1	code.etracker.com	www.gebuhrenfrei.com
1	advanzia2-service.adtelligence.de	cdn.adtelligence.de
1	stats.g.doubleclick.net	1 redirects
0	ad.yieldmanager.com Failed	www.gebuhrenfrei.com
139	69

This site contains links to these domains. Also see Links.

Domain
mein.gebuhrenfrei.com
www.urlaubsplus.com
www.mietwagen.de
www.mastercardwelt.de
www.travelprepaid.mastercard.com
usercentrics.com

Subject Issuer	Validity	Valid
www.gebuhrenfrei.com GlobalSign Extended Validation CA - SHA256 - G3	`2020-08-12` - `2022-09-16`	2 years	crt.sh
app.usercentrics.eu GTS CA 1D4	`2021-12-24` - `2022-03-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cdn.adtelligence.de Sectigo RSA Domain Validation Secure Server CA	`2020-02-24` - `2022-05-24`	2 years	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
adtelligence.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-14` - `2022-10-14`	a year	crt.sh
www.etracker.com GlobalSign RSA OV SSL CA 2018	`2021-04-08` - `2022-05-10`	a year	crt.sh
api.usercentrics.eu GTS CA 1D4	`2021-12-24` - `2022-03-24`	3 months	crt.sh
aggregator.service.usercentrics.eu GTS CA 1D4	`2021-12-15` - `2022-03-15`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
kuponacdn.de Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
graphql.usercentrics.eu GTS CA 1D4	`2021-12-22` - `2022-03-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
*.kpcustomer.de Thawte TLS RSA CA G1	`2020-04-15` - `2022-04-15`	2 years	crt.sh
ad-srv.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.adtiger.de Thawte TLS RSA CA G1	`2022-01-12` - `2023-01-15`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.mpnrs.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.adtech.de GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-12` - `2022-08-12`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-07` - `2022-02-23`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2021-12-30` - `2022-03-30`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2020-04-24` - `2022-06-02`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
*.app.kargo.com Amazon	`2022-01-06` - `2023-02-03`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.ad-stir.com AlphaSSL CA - SHA256 - G2	`2021-11-10` - `2022-12-12`	a year	crt.sh
*.dable.io Amazon	`2021-07-11` - `2022-08-09`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.as.amanad.adtdp.com Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.gebuhrenfrei.com/Home/
Frame ID: 662C1C217142B7BA68638E4F00F557D0
Requests: 50 HTTP requests in this frame

Frame: https://d31bfnnwekbny6.cloudfront.net/customers/9558.html
Frame ID: DB5594A3681FA7D8549DF608880886B6
Requests: 2 HTTP requests in this frame

Frame: https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/03D0761FAC68F96E63A9CDBFDFAC2C61.cache.html
Frame ID: C2C1A0458AF139A649B82C284B7E923A
Requests: 1 HTTP requests in this frame

Frame: https://opt.kuponacdn.de/mastertag_opt.html?kp_customer_id=9558&kp_ref=https%3A%2F%2Fwww.gebuhrenfrei.com%2F
Frame ID: 13F235A38C32B5FFED8150DA2D586A69
Requests: 2 HTTP requests in this frame

Frame: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Frame ID: 1F2604085388F6EFD3C8AFFE74B78CF0
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=36288&version=1&event=view&cat=0&segment=&items=&redirected=1
Frame ID: B82E074E972FCC2F8C5AEB74049F264F
Requests: 1 HTTP requests in this frame

Frame: https://retrack-kupona.kuponacdn.de/dynmarker/9558/criteo.html
Frame ID: E29F7E0A2C9EAE2C7EE3C5CB0C9C28C0
Requests: 3 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=2b2df252-2b70-4161-b591-012b05b7c835&expires=30
Frame ID: 03E9CD58F748379DB28B53D0F4074247
Requests: 1 HTTP requests in this frame

Frame: https://ads.adtiger.de/adretargeting.php?value=Retar_pxl
Frame ID: B8CDBF94086E42E3443D11DB43E40E4F
Requests: 1 HTTP requests in this frame

Frame: https://ads.adtiger.de/adretargeting.php?value=Retar_pxl_48h
Frame ID: AA735C26D8D787F371CE44A2173EAB24
Requests: 1 HTTP requests in this frame

Frame: https://ad2.adfarm1.adition.com/tagging?type=js&network=533&tag[KupoRet.mark]
Frame ID: 3330DA163EBEED769BBA192F30D43EDC
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;dc_iu=/3837/DFPAudiencePixel;dc_seg=463272621;ord=1
Frame ID: 917B168FDC8C441A1D9B4681E839ABD7
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;dc_iu=/3837/DFPAudiencePixel;dc_seg=463272216;ord=1
Frame ID: DC82DCA3149E16B60FC1FC958F0E9902
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D7999311%26t%3D2
Frame ID: 44978787BB668D4B652559303B25E907
Requests: 1 HTTP requests in this frame

Frame: https://www1.mpnrs.com/deliver2/trg/trg.gif?lv=11&tad=13f0kjf8mps0
Frame ID: DF4EF4FC7F220A9C784EE64D4D3C781B
Requests: 1 HTTP requests in this frame

Frame: https://adserver.adtech.de/bind?ckey1=retargeting;cvalue1=kupona2017;expiresdays=2;adct=image/gif;misc=123
Frame ID: E9E70E8294CB0949940AAD387BB8EE1E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: 1E69BDD1333FB7BBE5668D28240868EC
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/1x1.gif
Frame ID: 0F88622596F163E7C20446FBBADDF500
Requests: 1 HTTP requests in this frame

Frame: https://r.turn.com/r/beacon?b2=aX4P27N7V3QBEJmaeKwFCdMSC9-GQcpigPvVunmcOEQXn3kTCEjIyWH-IAH0irbPHv5QqJzbouwTVPIBCrPjog&cid=
Frame ID: 4A25B95FC351692A82B668DF7A8EF5F3
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/1x1.gif
Frame ID: 77E9DF54F03078A68F209CB179D8A88E
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018835%26t%3D1
Frame ID: 8C02FB4038571D36D633DD9A75B4EB6A
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018849%26t%3D1
Frame ID: 3F234E630F9CBF8DF464B8EFD7CC8689
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018857%26t%3D1
Frame ID: 9B36B61D8F81AEA47436BB5D6F1A7A2A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/z/src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363
Frame ID: C13307601886BB2D1257640851D94ECD
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;dc_iu=/6032/DFPAudiencePixel;ord=2324711069441.27;dc_seg=458240354
Frame ID: 18DF10ECCA24E476ECE5A002D024EA79
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;dc_iu=/6032/DFPAudiencePixel;ord=3555210490133.3203;dc_seg=460824336
Frame ID: 0D82AFC08793F7D3FD3B540A9474852D
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;dc_iu=/490/DFPAudiencePixel;ord=557580362115.3619;dc_seg=469427272
Frame ID: 44C19C2C86460B20B72EE2B83D5F1D25
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125
Frame ID: 0E63C14450F78BB54D252B8CD2A981DA
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;dc_iu=/4467/DFPAudiencePixel;ord=4293494740778.0435;dc_seg=144260290
Frame ID: E1CBDC00A8627134A5D982BDE7F5E64F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.gebuhrenfrei.com&origin=onetag
Frame ID: 596C756EFC390688C4788F442F68ECC0
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=m-TkYlC_BPNcOZEj8UNVK7cesgGJYqG3
Frame ID: 1E7D3735A4F443C33E30159CC35C41C4
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gebührenfrei Mastercard GOLD - www.gebuhrenfrei.com | HomeUsercentrics Consent Management Platform Logo

Page URL History Show full URLs

https://www.gebuhrenfrei.com/ HTTP 302
https://www.gebuhrenfrei.com/Home/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

139
Requests

66 %
HTTPS

27 %
IPv6

48
Domains

69
Subdomains

57
IPs

7
Countries

1147 kB
Transfer

3061 kB
Size

73
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://mein.gebuhrenfrei.com/
Title: meine.karte Login

Search URL Search Domain Scan URL

URL: http://www.urlaubsplus.com/advanzia/?refer=adv2
Title: 5% Reisegutschrift mit Bestpreisgarantie

Search URL Search Domain Scan URL

URL: http://www.mietwagen.de/advanzia/
Title: 5% Rückvergütung bei Mietwagen

Search URL Search Domain Scan URL

URL: http://www.mastercardwelt.de/

Search URL Search Domain Scan URL

URL: https://www.travelprepaid.mastercard.com/
Title: https://www.travelprepaid.mastercard.com

Search URL Search Domain Scan URL

URL: https://usercentrics.com/?utm_source=cmp&utm_medium=powered_by
Title: Usercentrics Consent Management Platform Logo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gebuhrenfrei.com/ HTTP 302
https://www.gebuhrenfrei.com/Home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=119716459&utmhn=www.gebuhrenfrei.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&utmhid=842323358&utmr=-&utmp=%2FHome%2F&utmht=1643305215734&utmac=UA-11523943-1&utmcc=__utma%3D34273079.386242502.1643305216.1643305216.1643305216.1%3B%2B__utmz%3D34273079.1643305216.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=11429978&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459 HTTP 302
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459&slf_rd=1&random=1214415085

Request Chain 34

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1037050849/?random=2065102328&cv=9&fst=1643305215638&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&tiba=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ANnyYYCgEJW0NZnJjcAP&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-user-list/1037050849/?random=2065102328&cv=9&fst=1643302800000&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&tiba=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CNPgGw&is_vtc=1&random=1893128889&resp=GooglemKTybQhCsO HTTP 302
https://www.google.ca/pagead/1p-user-list/1037050849/?random=2065102328&cv=9&fst=1643302800000&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&tiba=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CNPgGw&is_vtc=1&random=1893128889&resp=GooglemKTybQhCsO&ipr=y

Request Chain 57

https://ad.ad-srv.net/retarget?a=36288&version=1&event=view&cat=0&segment=&items= HTTP 302
https://ad.ad-srv.net/retarget?a=36288&version=1&event=view&cat=0&segment=&items=&redirected=1

Request Chain 59

https://ads.creative-serving.com/pixel?id=3149791 HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3149791 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=33004320-ead8-4af5-ac05-7fb98099c4a9&ssp=&expires=30&user_group=2&cb=667 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=33004320-ead8-4af5-ac05-7fb98099c4a9&ssp=&expires=30&user_group=2&cb=667 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=2b2df252-2b70-4161-b591-012b05b7c835&expires=30

Request Chain 65

https://secure.adnxs.com/seg?add=7999311&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D7999311%26t%3D2

Request Chain 68

https://ad.doubleclick.net/ddm/activity/src=8059118;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 69

https://ad13.adfarm1.adition.com/tagging?type=image&network=3234&tag[KP.KP_75] HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 71

https://adfarm1.adition.com/track?tid=4346&sid=36427&type=image&data[kupona2017]=1 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 72

https://secure.adnxs.com/seg?add=8018835&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018835%26t%3D1

Request Chain 73

https://secure.adnxs.com/seg?add=8018849&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018849%26t%3D1

Request Chain 74

https://secure.adnxs.com/seg?add=8018857&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018857%26t%3D1

Request Chain 75

https://ad.doubleclick.net/ddm/activity/src=4816229;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363 HTTP 302
https://adservice.google.com/ddm/fls/z/src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363

Request Chain 79

https://ad.doubleclick.net/ddm/activity/src=8059118;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125

Request Chain 83

https://gum.criteo.com/sid/json?origin=onetag&domain=retrack-kupona.kuponacdn.de&sn=ChromeSyncframe&so=0&topUrl=www.gebuhrenfrei.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=5vAcCHxwZWRTMzdhOHhRRFdWYzdMZ2xkdUVCMnFQdFJINzdVTkpPaVNqTjBEZ2k0RnRLTHJjZUNjK1U1ZUE2T2FUSFVobTF1OHNOV0ZLMGp6R1QvbFppc3Z1cHlzUXUwZko4RUorR2w2eG5jU1Vpc28zRTE5YmN1Z2JLZTRjRG5hampGM3pZT3Fqcnc2RWhVZThwbGM0TnZGamMyTmNMRDJsdWh5VTcxSjdCckY4OVFjSDNhYnNiQ0dvR2VxbmtZSWJ1dlhobGNXd1NaMWxrbkFuM29QTmllZmxKcGlWVnpBWXdJenB3NzhnZitIMnkvVTcyRXh4SzdiMUExMDNqUUN6bjRidmxrREU1dVAxcWU3WFRVL0wzWktEeFFyeEhBT2pRT21HTmFzY3pKekNLODkvdTBZUGNLblZzd3hPbWpOV00rZHw&cppv=2

Request Chain 85

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=m-TkYlC_BPNcOZEj8UNVK7cesgGJYqG3

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay02LVg0WjBXZ2xZVDZUM2ZHVmFCaDVOS3JSY29OOHV3Y29xRDlOUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 87

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ&custom=&tag_format=img&tag_action=sync&custom=&cb=e18468a0-8c5d-43f2-8524-22baf555e341 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=e18468a0-8c5d-43f2-8524-22baf555e341&final=true&reqid=31edd730-7f98-11ec-827e-ddad53a90255&timestamp=2022-01-27T17%3A40%3A19.107Z HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=dc934915-5234-4cdb-b86c-a4d4c0402a77&tag_format=img&tag_action=sync&cb=

Request Chain 88

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=dc934915-5234-4cdb-b86c-a4d4c0402a77&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%2C

Request Chain 91

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-cB5Ef0WglYT6T3fGVaBh5NKrRcrVALDcrmOAeg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-cB5Ef0WglYT6T3fGVaBh5NKrRcrVALDcrmOAeg&verify=true

Request Chain 102

https://eb2.3lift.com/xuid?mid=2711&xuid=k-ZP75GkWglYT6T3fGVaBh5NKrRcpKI8F5nCiO4Q&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ZP75GkWglYT6T3fGVaBh5NKrRcpKI8F5nCiO4Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 103

https://an.yandex.ru/mapuid/criteois/k-lSPPY0WglYT6T3fGVaBh5NKrRcroSoGzPw5VsQ HTTP 302
https://an.yandex.ru/mapuid/criteois/k-lSPPY0WglYT6T3fGVaBh5NKrRcroSoGzPw5VsQ?redir-setuniq=1

Request Chain 106

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YQjQQkWglYT6T3fGVaBh5NKrRcog8kQS05Itvw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YQjQQkWglYT6T3fGVaBh5NKrRcog8kQS05Itvw&C=1

Request Chain 111

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=525806914916947629

Request Chain 112

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/aEXztpCw_q8DIxyP-wn80jjR6IHbXfI_/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4553705166977748109

139 HTTP transactions
-23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.gebuhrenfrei.com/Home/
Redirect Chain

https://www.gebuhrenfrei.com/
https://www.gebuhrenfrei.com/Home/

44 KB
10 KB

115ms
114ms

Document
text/html

194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

d53ecad56103d729cf92be4faf5203c238c781202a0774ccc6fbb6a9ecd15e97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Date: Thu, 27 Jan 2022 17:40:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31556926; preload
Cache-Control: no-store
suspect
CMS: OK
Last-Modified: Thu, 27 Jan 2022 17:24:02 GMT
Content-Type: text/html;charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

Redirect headers

Date: Thu, 27 Jan 2022 17:40:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31556926; preload
Location: https://www.gebuhrenfrei.com/Home/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 191
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

GET
H2 200 main.js Show response
app.usercentrics.eu/latest/ 25 KB
8 KB 45ms
12ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/latest/main.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 07:25:34 GMT
content-encoding: gzip
x-goog-meta-version: 2.14.1
age: 36881
x-guploader-uploadid: ADPycdvW9ah3uJ3e7LWxoEsmZkmUfom-lDtjxcbOwxa57vTKaXGiAFp8eGquy-7D5j8-4-69_SJpQgJciePy6nh6vXM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7809
last-modified: Fri, 17 Dec 2021 08:54:47 GMT
server: UploadServer
etag: "e5b21beaf0bc7c7a8e430e9259660ab1"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=QxptWg==, md5=5bIb6vC8fHqOQw6SWWYKsQ==
x-goog-generation: 1639731287364157
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400, no-transform
x-goog-stored-content-length: 7809
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Jan 2022 07:25:34 GMT

GET
H/1.1 200
OK main.css
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/css/ 164 KB
28 KB 107ms
106ms Stylesheet
text/css 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/css/main.css

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

27c0f136d57f47b9486fdca200e5cd526870de786286afcbff2c3e3f3de3f4b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jun 2019 11:49:56 GMT
Server: Apache
ETag: W/"168269-1560944996315"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=98
Content-Length: 28439

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 99ms
52ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

7706dd45386901420f8ce918f7775dc59a8e96fb88d8ba67bfa6d5607a74ef0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17574
x-xss-protection: 0
server: cafe
etag: 17704712878824611454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 17:40:15 GMT

GET
H/1.1 200
OK custom.js Show response
cdn.adtelligence.de/a726ae6ad1054dbf8a5c224120fbf666/epc/ 21 KB
7 KB 710ms
87ms Script
application/javascript 178.32.75.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtelligence.de/a726ae6ad1054dbf8a5c224120fbf666/epc/custom.js
Requested by: Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.32.75.217 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2d2800cf150e2d9534b12c7a35c39ba3dd7e895d19556c322bf5ffac9e66d58d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Nov 2021 09:37:00 GMT
Age: 365861
ETag: W/"6188efbc-53e4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public,must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6313
Expires: Sun, 30 Jan 2022 12:02:34 GMT

GET
H/1.1 200
OK epcd.min.js Show response
cdn.adtelligence.de/a726ae6ad1054dbf8a5c224120fbf666/epc/ 66 KB
23 KB 814ms
182ms Script
application/javascript 178.32.75.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtelligence.de/a726ae6ad1054dbf8a5c224120fbf666/epc/epcd.min.js
Requested by: Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.32.75.217 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d149e1f7026c53081c7813668244b77b0c937fa06cde8131e780ca9848b5f0b2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Nov 2021 09:37:00 GMT
Age: 365861
ETag: W/"6188efbc-109a4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public,must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22856
Expires: Sun, 30 Jan 2022 12:02:34 GMT

GET
H/1.1 200
OK Banner_1.jpg
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/images/ 13 KB
13 KB 332ms
143ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/images/Banner_1.jpg

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

c2f00fd0eb51feee8ae5b9123111ebcb9b2db02abfe05bd2adb80af52b7219ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 12:50:44 GMT
Server: Apache
ETag: W/"13587-1632401444000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=100
Content-Length: 12757

GET
H/1.1 200
OK Banner_1.png
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/images/ 4 KB
5 KB 107ms
107ms Image
image/png 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/images/Banner_1.png

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

6cc82230d6fb5dc5b8ee08815da6de6997dd9ff5754b6537f4f052c745d48a4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jul 2015 07:19:54 GMT
Server: Apache
ETag: W/"4058-1437635994000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=97
Content-Length: 4081

GET
H/1.1 200
OK binarywriterservlet
www.gebuhrenfrei.com/Home/ 18 KB
17 KB 337ms
147ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/Home/binarywriterservlet?size=1&imgUid=06509d52-de62-d716-c027-1860509045bd&uBasVariant=11111111-1111-1111-1111-111111111111

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

09f43c0d176c12ea2bceb81986be2a9e70a8544f93b0cac680a45ac89f9f6e91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:38:31 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/jpeg
Content-Disposition: inline; filename="Startseite-links.jpg"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=100
Content-Length: 17072
Server: Apache
Expires: -1

GET
H/1.1 200
OK binarywriterservlet
www.gebuhrenfrei.com/Home/ 62 KB
58 KB 324ms
139ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/Home/binarywriterservlet?size=1&imgUid=82c554dd-e5f8-141e-ab39-d01a55617235&uBasVariant=11111111-1111-1111-1111-111111111111

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

a8ba6bf999f48d6576cf1ec5ea2680d722306c49821d614e30f293c68b89d536

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:38:47 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/jpeg
Content-Disposition: inline; filename="3hb_fmh_auslandskreditkarte_sehrgut2019_advanzia_bank.jpg"
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=100
Server: Apache
Expires: -1

GET
H/1.1 200
OK binarywriterservlet
www.gebuhrenfrei.com/Home/ 128 KB
72 KB 317ms
142ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/Home/binarywriterservlet?size=1&imgUid=eb31047b-432e-d351-08e8-5e6775809969&uBasVariant=11111111-1111-1111-1111-111111111111

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

4bd7092c426ccdbacb68b9bb754e7383457d37cc922f37f10f1960612ce1b924

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:38:47 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/jpeg
Content-Disposition: inline; filename="20200415_402x525_ntvSiegel_advanzia_Web-RGB_v2.jpg"
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=100
Server: Apache
Expires: -1

GET
H/1.1 200
OK 5cd1bc6c-ca52-151a-7756-032075809969,11111111-1111-1111-1111-111111111111.jpg
www.gebuhrenfrei.com/icc/assisto/med/5cd/ 128 KB
128 KB 103ms
103ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/icc/assisto/med/5cd/5cd1bc6c-ca52-151a-7756-032075809969,11111111-1111-1111-1111-111111111111.jpg

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

0a1e99d351fb5d01bd2648d0330a060d9ebefc8de51184c102904f0b707f2c6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:39:16 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/jpeg
Content-Disposition: inline; filename="Startseite_Grafik.jpg"
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=93
Server: Apache
Expires: -1

GET
H/1.1 200
OK binarywriterservlet
www.gebuhrenfrei.com/Home/ 128 KB
128 KB 323ms
137ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/Home/binarywriterservlet?size=1&imgUid=5cd1bc6c-ca52-151a-7756-032075809969&uBasVariant=11111111-1111-1111-1111-111111111111

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

0a1e99d351fb5d01bd2648d0330a060d9ebefc8de51184c102904f0b707f2c6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:38:31 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/jpeg
Content-Disposition: inline; filename="Startseite_Grafik.jpg"
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=100
Server: Apache
Expires: -1

GET
H/1.1 200
OK gebuhrenfrei_de.nocache.js Show response
www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/ 6 KB
3 KB 103ms
102ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/gebuhrenfrei_de.nocache.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

e738413d5e8e74f14ef6bf92098d1a18e71413d0605f536048beb6c80fdf65b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2019 09:45:52 GMT
Server: Apache
ETag: W/"5954-1565084752000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-control: no-cache, no-store, must-revalidate
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=97
Content-Length: 2575
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK binarywriterservlet
www.gebuhrenfrei.com/Home/ 75 KB
71 KB 367ms
107ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/Home/binarywriterservlet?size=1&imgUid=52609d52-de62-d716-c027-1860509045bd&uBasVariant=11111111-1111-1111-1111-111111111111

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

7292713d20be98a27619d610da630ad57ada4cef26a4a8913647d8fe6a93ef00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:38:31 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/jpeg
Content-Disposition: inline; filename="Aktionsseite_gebuhrenfrei.jpg"
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=95
Server: Apache
Expires: -1

GET
H/1.1 200
OK binarywriterservlet
www.gebuhrenfrei.com/Home/ 2 KB
2 KB 104ms
104ms Image
image/gif 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/Home/binarywriterservlet?size=1&imgUid=3301853d-6f9d-4410-e5c4-6a5a55617235&uBasVariant=11111111-1111-1111-1111-111111111111

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

2d9e0408709535c2d40cd1e7d0d80418e5bae73a16dc0644bc5aca4c728e2ea7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:39:11 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/gif
Content-Disposition: inline; filename="button_zum_kartenantrag.gif"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=98
Content-Length: 1763
Server: Apache
Expires: -1

GET
H/1.1 200
OK binarywriterservlet
www.gebuhrenfrei.com/Home/ 3 KB
3 KB 108ms
108ms Image
image/png 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/Home/binarywriterservlet?size=2&imgUid=51430727-dcbb-0b21-de0e-ba6604456eba&uBasVariant=11111111-1111-1111-1111-111111111111

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

7c06606db196ea56e061f267fd830864969228cedfbb3306cd48cf54aca85fbf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 17:38:59 GMT
CMS: OK
Vary: Accept-Encoding
Content-Type: image/png
Content-Disposition: inline; filename="binarywriterservlet.png"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=99
Content-Length: 2761
Server: Apache
Expires: -1

GET pixel
ad.yieldmanager.com/ 0
0

GET
H/1.1 200
OK jquery-1.10.1.min.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/ 91 KB
33 KB 107ms
106ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/jquery-1.10.1.min.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2013 12:25:10 GMT
Server: Apache
ETag: W/"93064-1370435110000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=96
Content-Length: 32837

GET
H/1.1 200
OK jquery-ui-1.10.3.custom.min.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/ 21 KB
8 KB 562ms
107ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/jquery-ui-1.10.3.custom.min.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

71c183da45e4a98fc3447c90ee822c2a6a87bb672f70a2f3e5ea037d41c0813f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 06:05:10 GMT
Server: Apache
ETag: W/"21399-1438063510000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=99
Content-Length: 7281

GET
H/1.1 200
OK jquery.mobile.custom.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/ 11 KB
4 KB 571ms
108ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/jquery.mobile.custom.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

07106d012f8bdee0bcca07062ca888dd5ba47ae8a1ccafcb42694eb69897e9cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 05:32:08 GMT
Server: Apache
ETag: W/"11656-1438061528000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=99
Content-Length: 3185

GET
H/1.1 200
OK jquery.cookie.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/ 3 KB
2 KB 649ms
102ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/jquery.cookie.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

1dc9184197d58ad84693cfdf5b0e80f45eed17dfde63e4020c2060bfc53f31ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jan 2014 10:27:26 GMT
Server: Apache
ETag: W/"3224-1391164046000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=99
Content-Length: 1370

GET
H/1.1 200
OK bootstrap.min.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/ 35 KB
10 KB 669ms
107ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/bootstrap.min.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

670ffee907a50644eab875c2378790d98f4da98c8f1b2a67ba7b6903e33dbc98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 05:32:08 GMT
Server: Apache
ETag: W/"35781-1438061528000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=98
Content-Length: 9387

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/fancybox/ 7 KB
3 KB 678ms
107ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/fancybox/jquery-migrate-1.2.1.min.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

59b58cbc7a6cdcbd308cce1321a938025bb66f7de0fd34ffea8431b9e4eed8f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 06:05:10 GMT
Server: Apache
ETag: W/"7085-1438063510000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=98
Content-Length: 2989

GET
H/1.1 200
OK jquery.mousewheel-3.0.4.pack.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/fancybox/ 917 B
1 KB 101ms
101ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/fancybox/jquery.mousewheel-3.0.4.pack.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

1faf7ba5e26a1ee6f0f83f3fdb1d60afff3e171a75ab40df4337a333460f2bcb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 05:32:08 GMT
Server: Apache
ETag: W/"917-1438061528000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=94
Content-Length: 456

GET
H/1.1 200
OK jquery.fancybox-1.3.4.pack.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/fancybox/ 15 KB
6 KB 99ms
99ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/fancybox/jquery.fancybox-1.3.4.pack.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

3308e8d744bf41f83c548a50fe68377e7098036ac4b5845b53373483f0ecc5d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 06:05:10 GMT
Server: Apache
ETag: W/"15034-1438063510000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=99
Content-Length: 5205

GET
H/1.1 200
OK system.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/ 1 KB
1 KB 103ms
102ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/system.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

065a5d7bc73b758fba6faa99cc06d218c9994e4d740c13556210d297c597047b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Sep 2019 11:33:46 GMT
Server: Apache
ETag: W/"1213-1567596826876"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=98
Content-Length: 540

GET
H/1.1 200
OK nav.js Show response
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/ 1 KB
1 KB 106ms
106ms Script
text/javascript 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/nav.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

42d7c779eac081dac5e721ee4d7cf7ec5abb631f6512a0d3758e9386ad0add64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Feb 2017 13:45:04 GMT
Server: Apache
ETag: W/"1278-1486734304000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/javascript
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=97
Content-Length: 491

GET
H2 200 bundle.js Show response
app.usercentrics.eu/latest/ 1 MB
224 KB 17ms
13ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/latest/bundle.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

daf78cee0a32d6962c0649e533352e4b4200bda197bf73c1b16e0c444e21bc40

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 07:31:32 GMT
content-encoding: gzip
x-goog-meta-version: 2.14.1
age: 36524
x-guploader-uploadid: ADPycdsSjT0HEdzanuMuK9z8pC-pRreXdZsbefx1jlo313M2BLHlG5PW6_UhViWHSY57N34qS-_SWuA2dx5SILJ2h84
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228794
last-modified: Fri, 17 Dec 2021 08:54:47 GMT
server: UploadServer
etag: "90497ed7ac200ea0f4e3826263f8e269"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=2sVaUg==, md5=kEl+16wgDqD044JiY/jiaQ==
x-goog-generation: 1639731287347513
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400, no-transform
x-goog-stored-content-length: 228794
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Jan 2022 07:31:32 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 57ms
28ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=131416&u=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&r=0.6262877784349317
Requested by: Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: a6aad3abd7921f4c78a37e8a035e859baadb7799568796014619abf8149fe643

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 17:40:16 GMT
via: 1.1 google
server: gnv1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1037050849/ 2 KB
1 KB 40ms
36ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1037050849/?random=1643305215638&cv=9&fst=1643305215638&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&tiba=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

dea0074098ec5611ef2f4c67f5c9e7bec9a42897fffacd5433dce9ecd08af120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 66ms
19ms Script
text/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gebuhrenfrei.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5604
date: Thu, 27 Jan 2022 16:06:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 27 Jan 2022 18:06:51 GMT

GET
H2

200

ga-audiences
www.google.ca/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=119716459&utmhn=www.gebuhrenfrei.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459&slf_rd=1&random=1214415085

42 B
501 B

90ms
37ms

Image
image/gif

2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459&slf_rd=1&random=1214415085

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11523943-1&cid=386242502.1643305216&jid=11429978&_v=5.7.2&z=119716459&slf_rd=1&random=1214415085
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK plain Show response
advanzia2-service.adtelligence.de//convertplus-web-rest/rest/epc/delivery/2/1/ 957 B
2 KB 490ms
117ms Script
application/javascript 116.202.122.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://advanzia2-service.adtelligence.de//convertplus-web-rest/rest/epc/delivery/2/1/plain?time=17%3A40%3A16&ref=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F%3F_adt_device%3Ddesktop%26_adt_day%3Dweekday%26_adt_time%3Dafternoon%26baseUrl%3Dwww.gebuhrenfrei.com%252FHome%252F%26recurring%3D0%26TIME_ZONE_OFFSET%3D0%26DAY_OF_WEEK%3DThursday%26TIME_OF_DAY%3D17%26browserGroup%3Dblink%26os%3DWindows

Requested by

Host: cdn.adtelligence.de
URL: https://cdn.adtelligence.de/a726ae6ad1054dbf8a5c224120fbf666/epc/custom.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.202.122.87 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.87.122.202.116.clients.your-server.de

Software

nginx /

Resource Hash

ac5817b3d269f20b4ede2237fa09cb5e285bb1f69e01529a1852a33497e2e758

Security Headers

Name	Value
Content-Security-Policy	default-src https://.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://.adtelligence.de; object-src https://.adtelligence.de; style-src 'unsafe-inline' https://.adtelligence.de; img-src data: https://.adtelligence.de; media-src https://.adtelligence.de; frame-src https://preview.adtelligence.de https://editorproxy.adtelligence.de; font-src data: https://.adtelligence.de; connect-src https://.adtelligence.de; frame-ancestors 'none'; child-src https://.adtelligence.de; form-action https://.adtelligence.de;
X-Content-Security-Policy	default-src https://.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://.adtelligence.de; object-src https://.adtelligence.de; style-src 'unsafe-inline' https://.adtelligence.de; img-src data: https://.adtelligence.de; media-src https://.adtelligence.de; frame-src https://preview.adtelligence.de https://editorproxy.adtelligence.de;font-src data: https://.adtelligence.de; connect-src https://.adtelligence.de; frame-ancestors 'none'; child-src https://.adtelligence.de; form-action https://.adtelligence.de;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Content-Encoding: gzip
X-Content-Security-Policy: default-src https://*.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://*.adtelligence.de; object-src https://*.adtelligence.de; style-src 'unsafe-inline' https://*.adtelligence.de; img-src data: https://*.adtelligence.de; media-src https://*.adtelligence.de; frame-src https://preview.adtelligence.de https://editorproxy.adtelligence.de;font-src data: https://*.adtelligence.de; connect-src https://*.adtelligence.de; frame-ancestors 'none'; child-src https://*.adtelligence.de; form-action https://*.adtelligence.de;
P3P: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
X-WebKit-CSP: default-src https://*.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://*.adtelligence.de; object-src https://*.adtelligence.de; style-src 'unsafe-inline' https://*.adtelligence.de; img-src data: https://*.adtelligence.de; media-src https://*.adtelligence.de; frame-src https://preview.adtelligence.de https://editorproxy.adtelligence.de; font-src data: https://*.adtelligence.de; connect-src https://*.adtelligence.de; frame-ancestors 'none'; child-src https://*.adtelligence.de; form-action https://*.adtelligence.de;
Connection: keep-alive
Content-Length: 353
X-XSS-Protection: 1
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-cache
Content-Security-Policy: default-src https://*.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://*.adtelligence.de; object-src https://*.adtelligence.de; style-src 'unsafe-inline' https://*.adtelligence.de; img-src data: https://*.adtelligence.de; media-src https://*.adtelligence.de; frame-src https://preview.adtelligence.de https://editorproxy.adtelligence.de; font-src data: https://*.adtelligence.de; connect-src https://*.adtelligence.de; frame-ancestors 'none'; child-src https://*.adtelligence.de; form-action https://*.adtelligence.de;
Front-End-Https: on
Expires: Thu, 27 Jan 2022 17:40:15 GMT

GET
H2 200 t.js Show response
code.etracker.com/ 83 KB
27 KB 434ms
108ms Script
text/javascript 62.201.164.113
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://code.etracker.com/t.js?et=Y83BYV

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.113 Hamburg, Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Apache /

Resource Hash

17ee03e58e82df27e8238b21433b9b7437889f93ab2225232b373fc56b6f62b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.gebuhrenfrei.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
strict-transport-security: max-age=15768000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Jan 2022 17:40:16 GMT
server: Apache
date: Thu, 27 Jan 2022 17:40:16 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-store, no-cache, max-age=-3600, must-revalidate, post-check=0, pre-check=0
x-xss-protection: 1
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

/
www.google.ca/pagead/1p-user-list/1037050849/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1037050849/?random=2065102328&cv=9&fst=1643305215638&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&resp=GooglemKTy...
https://www.google.com/pagead/1p-user-list/1037050849/?random=2065102328&cv=9&fst=1643302800000&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=...
https://www.google.ca/pagead/1p-user-list/1037050849/?random=2065102328&cv=9&fst=1643302800000&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1...

42 B
154 B

90ms
40ms

Image
image/gif

2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1037050849/?random=2065102328&cv=9&fst=1643302800000&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&tiba=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CNPgGw&is_vtc=1&random=1893128889&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ca/pagead/1p-user-list/1037050849/?random=2065102328&cv=9&fst=1643302800000&num=1&value=0&label=loxMCN3p3gEQ4cfA7gM&bg=666666&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&tiba=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CNPgGw&is_vtc=1&random=1893128889&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 41ms
26ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=131416&d=gebuhrenfrei.com&u=DCCB1507236759777195FB80C0DF59082&h=d38e41f1543e68663464365e51618112&t=false&r=0.7373293283603639

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:16 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 de.json Show response
api.usercentrics.eu/settings/nMY9OCPRX/latest/ 31 KB
10 KB 283ms
162ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/nMY9OCPRX/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a6320f420e1678128868e2919fe5893cc6169ce2162e24ce8f0d77759786a2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:16 GMT
content-encoding: gzip
x-client-geo-location: CA,CAQC
x-guploader-uploadid: ADPycdtLTAheoDMrnpPXpFU-hZN_6r66mnQTmlduX0RSsQEahJJ_JlvPgYMenQUa63lXIUKEUv9BZCz8E_EhWC1XBnU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9152
last-modified: Thu, 27 Jan 2022 16:44:56 GMT
server: UploadServer
etag: "1662d26742130af79964379b7b42e456"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=50TAXA==, md5=FmLSZ0ITCveZZDebe0LkVg==
x-goog-generation: 1643301895967321
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 9152
accept-ranges: bytes
content-type: application/json
expires: Thu, 27 Jan 2022 17:40:26 GMT

GET
H3 200 1px.png
app.usercentrics.eu/session/ 489 B
551 B 13ms
12ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=nMY9OCPRX

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:31:45 GMT
content-encoding: gzip
age: 511
x-guploader-uploadid: ADPycds67H7hfzJOjfBBMZXgmoBsU2ZBj4Ue_0almRGFMMxmc8wW-pVRyzrb_5nZvXEmFdgLLNVno5mAkY-e8AU9I0w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation: 1588928773413784
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
content-type: image/png
expires: Thu, 27 Jan 2022 18:01:45 GMT

GET
H2 200 de Show response
aggregator.service.usercentrics.eu/aggregate/ 72 KB
11 KB 436ms
288ms Fetch
application/json 2600:1901:0:256b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aggregator.service.usercentrics.eu/aggregate/de?templates=HJI5SmLm7@4.0.18,HyiV94juoW7@8.3.2,2wlDEfon@2.2.0,BkjG6N1EQ@7.3.0,cg4DF2Tf3@15.3.0,Hysgc4odiZ7@13.6.5,v6tSxbOVH@3.1.0,MlmXX71g2@2.4.0,t91zsmgUO@6.2.3,PPkCxv14a@11.7.8,zqWojrT0P@15.7.6,HkocEodjb7@52.11.31,H1Vl5NidjWX@39.14.30,twMyStLkn@15.6.11,S1_9Vsuj-Q@15.7.10,SyfKc4oOjWQ@10.3.1,GhEP43eax@2.0.0,BJRdcNsuibm@6.0.0,g4cu7oq5C@6.3.1,SJoW5NiOiZX@7.3.3,ko1w5PpFl@23.12.17,-kU4dND5@3.2.0,HJSPc4ids-Q@4.1.0,N2spyFPL@3.2.0
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 821e2128eb5f6ac67b022235c8362dde2fcd437b6240d29fc068b38e50e0fff7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
content-encoding: br
server: Google Frontend
etag: "johyig"
vary: Accept-Encoding, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 204
No Response piwik.php
advanzia2-tracking.adtelligence.de// 0
2 KB 597ms
163ms Ping
text/html 116.202.122.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://advanzia2-tracking.adtelligence.de//piwik.php?action_name=Geb%C3%BChrenfrei%20Mastercard%20GOLD%20-%20www.gebuhrenfrei.com%20%7C%20Home&idsite=2&rec=1&r=047287&h=17&m=40&s=16&url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F%3F_adt_device%3Ddesktop%26_adt_day%3Dweekday%26_adt_time%3Dafternoon%26baseUrl%3Dwww.gebuhrenfrei.com%252FHome%252F%26recurring%3D0%26TIME_ZONE_OFFSET%3D0%26DAY_OF_WEEK%3DThursday%26TIME_OF_DAY%3D17%26browserGroup%3Dblink%26os%3DWindows&_id=5877eb905a8fe46f&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=KbfBHq&pf_net=0&pf_srv=114&pf_tfr=1

Requested by

Host: cdn.adtelligence.de
URL: https://cdn.adtelligence.de/a726ae6ad1054dbf8a5c224120fbf666/epc/epcd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.202.122.87 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.87.122.202.116.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https://.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://.adtelligence.de; object-src https://.adtelligence.de; style-src 'unsafe-inline' https://.adtelligence.de; img-src data: https://.adtelligence.de; media-src https://.adtelligence.de; frame-src 'self'; font-src data: https://.adtelligence.de; connect-src https://.adtelligence.de; frame-ancestors https://.adtelligence.de https://.adtelligence.com; child-src https://.adtelligence.de; form-action https://.adtelligence.de;
X-Content-Security-Policy	default-src https://.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://.adtelligence.de; object-src https://.adtelligence.de; style-src 'unsafe-inline' https://.adtelligence.de; img-src data: https://.adtelligence.de; media-src https://.adtelligence.de; frame-src 'self; font-src data: https://.adtelligence.de; connect-src https://.adtelligence.de; frame-ancestors https://.adtelligence.de https://.adtelligence.com; child-src https://.adtelligence.de; form-action https://.adtelligence.de;
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Referer: https://www.gebuhrenfrei.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Thu, 27 Jan 2022 17:40:17 GMT
Server: nginx
X-Frame-Options: DENY
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.gebuhrenfrei.com
Expires: Thu, 27 Jan 2022 17:40:16 GMT
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src https://*.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://*.adtelligence.de; object-src https://*.adtelligence.de; style-src 'unsafe-inline' https://*.adtelligence.de; img-src data: https://*.adtelligence.de; media-src https://*.adtelligence.de; frame-src 'self'; font-src data: https://*.adtelligence.de; connect-src https://*.adtelligence.de; frame-ancestors https://*.adtelligence.de https://*.adtelligence.com; child-src https://*.adtelligence.de; form-action https://*.adtelligence.de;
Connection: keep-alive
X-WebKit-CSP: default-src https://*.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://*.adtelligence.de; object-src https://*.adtelligence.de; style-src 'unsafe-inline' https://*.adtelligence.de; img-src data: https://*.adtelligence.de; media-src https://*.adtelligence.de; frame-src 'self'; font-src data: https://*.adtelligence.de; connect-src https://*.adtelligence.de; frame-ancestors https://*.adtelligence.de https://*.adtelligence.com; child-src https://*.adtelligence.de; form-action https://*.adtelligence.de;
X-XSS-Protection: 1
X-Content-Security-Policy: default-src https://*.adtelligence.de; script-src 'unsafe-inline' 'unsafe-eval' https://*.adtelligence.de; object-src https://*.adtelligence.de; style-src 'unsafe-inline' https://*.adtelligence.de; img-src data: https://*.adtelligence.de; media-src https://*.adtelligence.de; frame-src 'self; font-src data: https://*.adtelligence.de; connect-src https://*.adtelligence.de; frame-ancestors https://*.adtelligence.de https://*.adtelligence.com; child-src https://*.adtelligence.de; form-action https://*.adtelligence.de;

GET
H2 200 cntcc Show response
www.etracker.de/ 72 B
217 B 533ms
108ms Script
application/javascript 62.201.164.117
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.etracker.de/cntcc?&&et=Y83BYV&v=5.0&tc=16433052167092&pagename=Home&ilevel=1&swidth=1600&sheight=1200&scolor=24&slang=en-US&et_se=6&cc_url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&et_source_url=https%3A%2F%2Fwww.gebuhrenfrei.com%2FHome%2F&cc_ordercurr=EUR&cc_ordertype=lead&cc_baskettype=basket&et_bs=1&et_sbscr=0&coid=55fc9396460303a7481f82948b31342d&et_cd=www.gebuhrenfrei.com&dh=tjkomGMPW%2B1yJHacTEas7ufrv1N0WZ3M
Requested by: Host: code.etracker.com
URL: https://code.etracker.com/t.js?et=Y83BYV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.201.164.117 Hamburg, Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),
Reverse DNS
Software: /
Resource Hash: ca6a914031c36bd9f17a8dd27572f89016767fd5ae9a414bdf3e89cba4b8f0d0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
cache-control: post-check=0, pre-check=0, no-store, no-cache, must-revalidate
last-modified: Thu, 27 Jan 2022 17:40:17 GMT
content-length: 72
content-type: application/javascript

GET
H/1.1 200
OK 9558.html Show response
d31bfnnwekbny6.cloudfront.net/customers/ Frame DB55 4 KB
4 KB 217ms
18ms Document
text/html 99.84.42.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558.html
Requested by: Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/Home/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-23.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4969586b07d58ea6f448f3923227869353b3e644b0a5a65422d4e736ae4e720

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/

Response headers

Content-Type: text/html
Content-Length: 3942
Connection: keep-alive
Date: Thu, 27 Jan 2022 09:03:22 GMT
Last-Modified: Mon, 28 May 2018 09:36:15 GMT
ETag: "cfd59e307f8c9027a1c8e294ee165a7e"
x-amz-meta-cb-modifiedtime: Mon, 28 May 2018 09:35:51 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 075ecc80ea8e9352008139ab9fd7a592.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C4
X-Amz-Cf-Id: 8Xm_CxzS70Mkm-HqBnMf16BsTU40YWhqbTm3LqObJybqLuqaluaY4Q==
Age: 31016

GET
H/1.1 200
OK 03D0761FAC68F96E63A9CDBFDFAC2C61.cache.html Show response
www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/ Frame C2C1 276 KB
83 KB 114ms
114ms Document
text/html 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/03D0761FAC68F96E63A9CDBFDFAC2C61.cache.html

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/gebuhrenfrei_de.nocache.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

d2d3403e69d8bce76b594200c3ec44a682d20b0f7567def39519a4fe94ce5721

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/Home/

Response headers

Date: Thu, 27 Jan 2022 17:40:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31556926; preload
Expires: Fri, 28 Jan 2022 17:40:17 GMT
Pragma: cache
Cache-Control: public, max-age=86400000
ETag: W/"282127-1565084752000"
Last-Modified: Tue, 06 Aug 2019 09:45:52 GMT
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H2 200 mastertag_opt.js Show response
opt.kuponacdn.de/ Frame DB55 6 KB
2 KB 333ms
105ms Script
application/javascript 52.28.58.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://opt.kuponacdn.de/mastertag_opt.js
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.58.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-58-4.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: a39721ab63ff1ad4e3ef5bba08d1cbd10286aa307262fb58eb7e98f4670f446a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 16:01:58 GMT
server: nginx/1.14.2
x-amz-request-id: 00H2DWBZF9SBMBMT
etag: "c82db532f8c4e567f421c3f15efca0c5"
content-type: application/javascript
cache-control: public,max-age=7776000
accept-ranges: bytes
content-length: 1700
x-amz-id-2: 1RjgDbWm+TabfdzL7pLr1SuG0ToUWmPHzgOOD6zq57/QBpoJvVuIYIqHfkmwy0QayTc+hH+NAOM=

OPTIONS
H2 204 graphql
graphql.usercentrics.eu/ Frame 0
0 151ms
111ms Preflight 2600:1901:0:7903::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://www.gebuhrenfrei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 graphql Show response
graphql.usercentrics.eu/ 2 KB
1017 B 116ms
103ms Fetch
application/json 2600:1901:0:7903::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: 3469a022ec7dc28a6e642126b589477f4a8fb3b03fd0087b8efe17e1b4e5bbb8

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://www.gebuhrenfrei.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Request-ID: 6ef2786d-72ce-4f49-a01b-01b103ea5c86
Content-Type: application/json

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
content-encoding: gzip
etag: W/"7bd-sZEPiTdCLbhUhGtKBCCT2zfvlKA"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 mastertag_opt.html Show response
opt.kuponacdn.de/ Frame 13F2 93 KB
15 KB 199ms
199ms Document
text/html 52.28.58.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://opt.kuponacdn.de/mastertag_opt.html?kp_customer_id=9558&kp_ref=https%3A%2F%2Fwww.gebuhrenfrei.com%2F
Requested by: Host: opt.kuponacdn.de
URL: https://opt.kuponacdn.de/mastertag_opt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.58.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-58-4.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: d73461cf3a7236261edd84df7513279c790330522e814fee096607c7c59c4071

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
content-type: text/html
content-length: 14566
server: nginx/1.14.2
x-amz-id-2: 14zr9UsrcQYHhnwCKZTINFLMgifBck3NAbAaGtE7nKmcqtua9GCz/dkoKPSToxV+9h7+/YzTAYs=
x-amz-request-id: EPBY161ZXCVN974Z
last-modified: Thu, 18 Feb 2021 16:02:41 GMT
etag: "2ab35d3550ea9f9e372de92abd73e8ab"
cache-control: public,max-age=7776000
content-encoding: gzip
accept-ranges: bytes

POST
H/1.1 200
OK GebuhrenfreiGermanService Show response
www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/ 9 KB
4 KB 110ms
110ms XHR
application/json 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/GebuhrenfreiGermanService

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/03D0761FAC68F96E63A9CDBFDFAC2C61.cache.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

dea6017543dbdc36a39d8133e9c4b951f964b90d2587fb674a8b6b5f1ff14236

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

X-GWT-Module-Base: https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/
X-GWT-Permutation: 03D0761FAC68F96E63A9CDBFDFAC2C61
Referer: https://www.gebuhrenfrei.com/Home/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:17 GMT
Content-Encoding: gzip
Server: Apache
Strict-Transport-Security: max-age=31556926; preload
Content-Type: application/json;charset=utf-8
Content-Disposition: attachment
Cache-control: no-cache, no-store, must-revalidate
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Connection: Keep-Alive
Keep-Alive: timeout=15, max=95
Content-Length: 3947
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK GebuhrenfreiGermanService Show response
www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/ 875 B
1 KB 107ms
106ms XHR
application/json 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/GebuhrenfreiGermanService

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/03D0761FAC68F96E63A9CDBFDFAC2C61.cache.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

945b06b1892d3fc83b45b95bafbc9bcd283fd6fb68734c6bc5bcd1b8041a5c1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

X-GWT-Module-Base: https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/
X-GWT-Permutation: 03D0761FAC68F96E63A9CDBFDFAC2C61
Referer: https://www.gebuhrenfrei.com/Home/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:17 GMT
Content-Encoding: gzip
Server: Apache
Strict-Transport-Security: max-age=31556926; preload
Content-Type: application/json;charset=utf-8
Content-Disposition: attachment
Cache-control: no-cache, no-store, must-revalidate
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Connection: Keep-Alive
Keep-Alive: timeout=15, max=94
Content-Length: 434
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK broker Show response
www.gebuhrenfrei.com/ 7 KB
3 KB 112ms
112ms XHR
text/xml 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gebuhrenfrei.com/broker?xml=true&skipMenu=true&skipConfiguredContent=true&nocon=true&nocache=true

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/application_de/gebuhrenfrei_de/03D0761FAC68F96E63A9CDBFDFAC2C61.cache.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

cc351b1fc22ef1f507c8a7b9868cf76a6a21beaf1d8f05dc8141cc2cc8c99445

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Referer: https://www.gebuhrenfrei.com/Home/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

Date: Thu, 27 Jan 2022 17:40:17 GMT
Content-Encoding: gzip
suspect
Server: Apache
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/xml;charset=UTF-8
Cache-Control: no-store
Transfer-Encoding: chunked
Last-Modified: Thu, 27 Jan 2022 17:25:18 GMT
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=92
CMS: OK

GET
H2 200 mastertag_opt_conf.js Show response
opt.kuponacdn.de/ Frame 13F2 4 KB
2 KB 100ms
100ms Script
application/javascript 52.28.58.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://opt.kuponacdn.de/mastertag_opt_conf.js
Requested by: Host: opt.kuponacdn.de
URL: https://opt.kuponacdn.de/mastertag_opt.html?kp_customer_id=9558&kp_ref=https%3A%2F%2Fwww.gebuhrenfrei.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.58.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-58-4.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 079932d45c27391eb43949af1432714db00ac8c7385e01071a5e46bb06232171

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://opt.kuponacdn.de/mastertag_opt.html?kp_customer_id=9558&kp_ref=https%3A%2F%2Fwww.gebuhrenfrei.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 16:01:42 GMT
server: nginx/1.14.2
x-amz-request-id: 00HC76HGANM0EE0G
etag: "1cc6a922fcf3ad2884aa7b2c44c6c8a7"
content-type: application/javascript
cache-control: public,max-age=7776000
accept-ranges: bytes
content-length: 1229
x-amz-id-2: eUaAH5xkGPdgTshLjUgmWIjgNNgUC3NJ30CcnjMUAng0Zb6N5yWJ1T8c8VH4AEShAhjLge07cC0=

POST
H2 400 webEvents Show response
www.etracker.de/api/v6/tracking/ 281 B
413 B 112ms
111ms XHR
text/html 62.201.164.117
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.etracker.de/api/v6/tracking/webEvents
Requested by: Host: code.etracker.com
URL: https://code.etracker.com/t.js?et=Y83BYV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.201.164.117 Hamburg, Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),
Reverse DNS
Software: /
Resource Hash: e110618acb199e61cac3c156dae2603fead546548c0ade9dd1995c8cfd647e36

Request headers

Referer: https://www.gebuhrenfrei.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data; boundary=#####etrackerBoundary#####

Response headers

access-control-allow-origin: https://www.gebuhrenfrei.com
date: Thu, 27 Jan 2022 17:40:17 GMT
cache-control: must-revalidate,no-cache,no-store
access-control-allow-credentials: true
content-length: 281
content-type: text/html;charset=iso-8859-1

POST
H2 400 webEvents Show response
www.etracker.de/api/v6/tracking/ 281 B
315 B 111ms
111ms XHR
text/html 62.201.164.117
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.etracker.de/api/v6/tracking/webEvents
Requested by: Host: code.etracker.com
URL: https://code.etracker.com/t.js?et=Y83BYV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.201.164.117 Hamburg, Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),
Reverse DNS
Software: /
Resource Hash: e110618acb199e61cac3c156dae2603fead546548c0ade9dd1995c8cfd647e36

Request headers

Referer: https://www.gebuhrenfrei.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data; boundary=#####etrackerBoundary#####

Response headers

access-control-allow-origin: https://www.gebuhrenfrei.com
date: Thu, 27 Jan 2022 17:40:17 GMT
cache-control: must-revalidate,no-cache,no-store
access-control-allow-credentials: true
content-length: 281
content-type: text/html;charset=iso-8859-1

GET
H2 200 update.js Show response
browser-update.org/ 9 KB
5 KB 93ms
39ms Script
application/javascript 2606:4700:20::ac43:459c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.js?_=1643305216907
Requested by: Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/js/jquery-1.10.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d838b6fb9021a6a33b900e43215784f3464ced6e05978e7ad9c1eb0d176076

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 385127
cf-polished: origSize=13969
cf-bgj: minify
last-modified: Sun, 26 Dec 2021 06:41:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DN7rYzRujg2ZkkjKk8Npifh9AG4JNerkD3bu6D8zTerbdmo52nn8LpeH7gIYK8nvifLDOCNim%2FqscFlPBDt3c8%2BRAx3RziPHYZ82YD2mVukYlMRy4wlBGdb375M5McgrH3mk9iOPbVQ8n04qmzuCJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 6d43c3ebccd5ecee-YUL
expires: Mon, 24 Jan 2022 06:41:30 GMT

GET
H/1.1 200
OK submit.jpg
www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/images/ 3 KB
3 KB 102ms
102ms Image
image/jpeg 194.25.167.195
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/images/submit.jpg

Requested by

Host: www.gebuhrenfrei.com
URL: https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.25.167.195 Sassenberg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

Software

Apache /

Resource Hash

e4c7bf4dfffc106d292851ce300ebf4ae8a1e19bbb5acaef7287faa287354c29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gebuhrenfrei.com/systemstatic/gebuehrenfrei/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Feb 2017 13:45:04 GMT
Server: Apache
ETag: W/"2698-1486734304000"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' *; img-src *; connect-src *; style-src 'self' 'unsafe-inline';frame-src 'self' *; frame-ancestors *;
Strict-Transport-Security: max-age=31556926; preload
Keep-Alive: timeout=15, max=91
Content-Length: 2666

GET
H/1.1 200
OK 9558-static.html Show response
d31bfnnwekbny6.cloudfront.net/customers/ Frame 1F26 9 KB
9 KB 29ms
29ms Document
text/html 99.84.42.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-23.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3f110372a6462a68663d1f95a38fcaf153a50b86ef92d2bcee5fe03a815090b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/customers/9558.html

Response headers

Content-Type: text/html
Content-Length: 8899
Connection: keep-alive
Last-Modified: Wed, 23 Sep 2020 10:26:43 GMT
x-amz-meta-cb-modifiedtime: Mon, 28 May 2018 10:40:14 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 27 Jan 2022 03:31:39 GMT
ETag: "81d320a0a7c774149085b62065163413"
X-Cache: Hit from cloudfront
Via: 1.1 075ecc80ea8e9352008139ab9fd7a592.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C4
X-Amz-Cf-Id: 8ZNmEUyTN4SWSP13FBkxYMd42Y6zD0yTYhpvKv_L8PL1M49BlgIAqA==
Age: 50919

GET
H/1.1 200
OK / Show response
mastertag.kpcustomer.de/ Frame 1F26 222 B
615 B 610ms
99ms Script
application/javascript 34.251.41.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mastertag.kpcustomer.de/?custid=9558&kp_load_heias_pixel=0&kp_load_neory_pixel=1&kp_load_piggybacks=1&kp_load_conversiontags=0&kp_load_on_valid_product_id_only=0&kp_site=startpage&kp_queries=cbp&kp_uses_full_category=0&t=2685960806353380400
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.41.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-41-192.eu-west-1.compute.amazonaws.com
Software: nginx/1.9.6 / Express
Resource Hash: 4f118c2bbcc63139e811fa548d0a83c01aee5074fe04226b8ed4adc4e22b5909

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:38:02 GMT
KP-Piggybacks: 1
ETag: "-977534532"
KP-Publishers: 24782,16056,16960,25312,9558,9558-1547,40516,3321,40530,40484,40486,36288,36288-1547
Server: nginx/1.9.6
X-Powered-By: Express
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
KP-UUID: 0
IS-BOT: 0
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 222

GET
H/1.1

200
OK

retarget Show response
ad.ad-srv.net/ Frame B82E
Redirect Chain

https://ad.ad-srv.net/retarget?a=36288&version=1&event=view&cat=0&segment=&items=
https://ad.ad-srv.net/retarget?a=36288&version=1&event=view&cat=0&segment=&items=&redirected=1

26 B
498 B

325ms
119ms

Document
text/html

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=36288&version=1&event=view&cat=0&segment=&items=&redirected=1
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/

Response headers

Date: Thu, 27 Jan 2022 17:40:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length: 26
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 27 Jan 2022 17:40:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: ?a=36288&version=1&event=view&cat=0&segment=&items=&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 criteo.html Show response
retrack-kupona.kuponacdn.de/dynmarker/9558/ Frame E29F 10 KB
2 KB 348ms
114ms Document
text/html 35.157.229.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://retrack-kupona.kuponacdn.de/dynmarker/9558/criteo.html
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.229.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-229-86.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 89ae2a45ddf15d896148e9babf8a0233be4f717d2da46ac016bbb1a459072103

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/

Response headers

date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: text/html
server: nginx/1.14.2
x-amz-id-2: Tyt0NfSeLdgsl6t113dq6Z54ZOxyUspvXPuUD6X9fxB37ldQR6L1da0b5iuA57eUNRWTRWOF2WU=
x-amz-request-id: E39H73KEAPWYQ698
last-modified: Wed, 04 Mar 2020 10:08:56 GMT
etag: W/"21f056466e9ae1fd73406d0238206eb9"
content-encoding: gzip

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 03E9
Redirect Chain

https://ads.creative-serving.com/pixel?id=3149791
https://ads.creative-serving.com/ul_cb/pixel?id=3149791
https://x.bidswitch.net/sync?dsp_id=4&user_id=33004320-ead8-4af5-ac05-7fb98099c4a9&ssp=&expires=30&user_group=2&cb=667
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=33004320-ead8-4af5-ac05-7fb98099c4a9&ssp=&expires=30&user_group=2&cb=667
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=2b2df252-2b70-4161-b591-012b05b7c835&expires=30

42 B
787 B

25ms
24ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=2b2df252-2b70-4161-b591-012b05b7c835&expires=30
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Content-Type: image/gif

Redirect headers

Location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=2b2df252-2b70-4161-b591-012b05b7c835&expires=30
Date: Thu, 27 Jan 2022 17:40:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK adretargeting.php
ads.adtiger.de/ Frame B8CD 0
497 B 1528ms
106ms Image
text/html 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adtiger.de/adretargeting.php?value=Retar_pxl

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Schwanstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.31

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:03 GMT
Last-Modified: Thu, 27 Jan 2022 17:40:03 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
Transfer-Encoding: chunked
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 0
Expires: 0

GET
H/1.1 200
OK adretargeting.php
ads.adtiger.de/ Frame AA73 0
497 B 1529ms
108ms Image
text/html 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adtiger.de/adretargeting.php?value=Retar_pxl_48h

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Schwanstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.31

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:39:08 GMT
Last-Modified: Thu, 27 Jan 2022 17:39:08 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
Transfer-Encoding: chunked
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 0
Expires: 0

GET
H2 200 tagging
ad2.adfarm1.adition.com/ Frame 3330 7 B
303 B 321ms
101ms Image
application/javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad2.adfarm1.adition.com/tagging?type=js&network=533&tag[KupoRet.mark]
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 18:40:18 +0100
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 DFPAudiencePixel;dc_seg=463272621;ord=1
pubads.g.doubleclick.net/activity;dc_iu=/3837/ Frame 917B 42 B
760 B 111ms
63ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/3837/DFPAudiencePixel;dc_seg=463272621;ord=1?

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;dc_seg=463272216;ord=1
pubads.g.doubleclick.net/activity;dc_iu=/3837/ Frame DC82 42 B
335 B 116ms
69ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/3837/DFPAudiencePixel;dc_seg=463272216;ord=1?

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 4497
Redirect Chain

https://secure.adnxs.com/seg?add=7999311&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D7999311%26t%3D2

43 B
1023 B

34ms
33ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D7999311%26t%3D2

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 61ff41b4-c162-4e91-b222-f7210888a748
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 40b999d7-cf35-48e9-a2ef-9c188a5fa3e1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D7999311%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trg.gif
www1.mpnrs.com/deliver2/trg/ Frame DF4E 43 B
537 B 420ms
101ms Image
image/gif 62.216.176.7
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.mpnrs.com/deliver2/trg/trg.gif?lv=11&tad=13f0kjf8mps0
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.216.176.7 Nidderau, Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
Software: Apache /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
Server: Apache
P3P: policyref="https://www1.mpnrs.com/w3c/p3p.xml", CP="NID DSP NOI COR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43
Expires: -1

GET
H2 204 bind
adserver.adtech.de/ Frame E9E7 0
46 B 455ms
344ms Image
text/plain 152.199.5.1
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.adtech.de/bind?ckey1=retargeting;cvalue1=kupona2017;expiresdays=2;adct=image/gif;misc=123
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.5.1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:18 GMT
server: awselb/2.0

GET
H2

200

src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame 1E69
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8059118;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
541 B

88ms
40ms

Image
image/gif

2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CJPVsv680vUCFZZGhwodyKEKTA;type=invmedia;cat=23kyrzeq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame 0F88
Redirect Chain

https://ad13.adfarm1.adition.com/tagging?type=image&network=3234&tag[KP.KP_75]
https://imagesrv.adition.com/1x1.gif

68 B
178 B

346ms
118ms

Image
image/gif

217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 17:40:18 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
date: Thu, 27 Jan 2022 18:40:18 +0100
server: ADITIONSERVER v1.0
access-control-allow-origin: *
content-type: text/plain
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 beacon
r.turn.com/r/ Frame 4A25 43 B
407 B 182ms
64ms Image
image/gif 2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=aX4P27N7V3QBEJmaeKwFCdMSC9-GQcpigPvVunmcOEQXn3kTCEjIyWH-IAH0irbPHv5QqJzbouwTVPIBCrPjog&cid=
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame 77E9
Redirect Chain

https://adfarm1.adition.com/track?tid=4346&sid=36427&type=image&data[kupona2017]=1
https://imagesrv.adition.com/1x1.gif

68 B
103 B

177ms
125ms

Image
image/gif

217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 17:40:18 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 18:40:18 +0100
server: ADITIONSERVER v1.0
location: https://imagesrv.adition.com/1x1.gif
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/plain
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 8C02
Redirect Chain

https://secure.adnxs.com/seg?add=8018835&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018835%26t%3D1

0
1006 B

22ms
22ms

Script
application/javascript

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018835%26t%3D1

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: e8615937-37e8-4141-8847-c6c0e3f241fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 26631d82-2c02-4141-9d7e-40dae2461f1e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018835%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 3F23
Redirect Chain

https://secure.adnxs.com/seg?add=8018849&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018849%26t%3D1

0
1007 B

40ms
40ms

Script
application/javascript

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018849%26t%3D1

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 0eb53673-6354-4657-9d8f-f886bc5c8075
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: eb755cc4-a1fb-4631-abc2-f590e93c1c6c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018849%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 9B36
Redirect Chain

https://secure.adnxs.com/seg?add=8018857&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018857%26t%3D1

0
1006 B

44ms
43ms

Script
application/javascript

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018857%26t%3D1

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 1b10bd36-cc42-446d-a5ef-a80fe67ac279
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:18 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 64e3df3b-22e7-4aad-b2a6-faa8d9eecfab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8018857%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363
adservice.google.com/ddm/fls/z/ Frame C133
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4816229;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363?
https://ad.doubleclick.net/ddm/activity/src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363?
https://adservice.google.com/ddm/fls/z/src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363

42 B
64 B

71ms
43ms

Image
image/gif

2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=4816229;dc_pre=CNuJu_680vUCFdT6hwoduUUJTA;type=invmedia;cat=qx0iubpy;ord=1629234647509.7363
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DFPAudiencePixel;ord=2324711069441.27;dc_seg=458240354
pubads.g.doubleclick.net/activity;dc_iu=/6032/ Frame 18DF 42 B
63 B 97ms
67ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/6032/DFPAudiencePixel;ord=2324711069441.27;dc_seg=458240354?

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DFPAudiencePixel;ord=3555210490133.3203;dc_seg=460824336
pubads.g.doubleclick.net/activity;dc_iu=/6032/ Frame 0D82 42 B
63 B 96ms
66ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/6032/DFPAudiencePixel;ord=3555210490133.3203;dc_seg=460824336?

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DFPAudiencePixel;ord=557580362115.3619;dc_seg=469427272
pubads.g.doubleclick.net/activity;dc_iu=/490/ Frame 44C1 42 B
63 B 95ms
65ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/490/DFPAudiencePixel;ord=557580362115.3619;dc_seg=469427272?

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125
adservice.google.com/ddm/fls/z/ Frame 0E63
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8059118;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125?
https://ad.doubleclick.net/ddm/activity/src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125?
https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125

42 B
64 B

65ms
43ms

Image
image/gif

2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8059118;dc_pre=CKmMu_680vUCFUodhwodbLUO4w;type=invmedia;cat=fhxzjjws;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3976142782851.8125
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DFPAudiencePixel;ord=4293494740778.0435;dc_seg=144260290
pubads.g.doubleclick.net/activity;dc_iu=/4467/ Frame E1CB 42 B
63 B 93ms
63ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/4467/DFPAudiencePixel;ord=4293494740778.0435;dc_seg=144260290?

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d31bfnnwekbny6.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame E29F 40 KB
13 KB 95ms
43ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: retrack-kupona.kuponacdn.de
URL: https://retrack-kupona.kuponacdn.de/dynmarker/9558/criteo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://retrack-kupona.kuponacdn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:18 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Jan 2022 17:40:18 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 596C 13 KB
5 KB 76ms
27ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.gebuhrenfrei.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://retrack-kupona.kuponacdn.de/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3225
date: Thu, 27 Jan 2022 17:40:17 GMT
content-length: 5180
strict-transport-security: max-age=31536000; preload;

GET
H2

200

sid Show response
mug.criteo.com/ Frame 596C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=retrack-kupona.kuponacdn.de&sn=ChromeSyncframe&so=0&topUrl=www.gebuhrenfrei.com&lsw=1
https://mug.criteo.com/sid?cpp=5vAcCHxwZWRTMzdhOHhRRFdWYzdMZ2xkdUVCMnFQdFJINzdVTkpPaVNqTjBEZ2k0RnRLTHJjZUNjK1U1ZUE2T2FUSFVobTF1OHNOV0ZLMGp6R1QvbFppc3Z1cHlzUXUwZko4RUorR2w2eG5jU1Vpc28zRTE5YmN1Z2JLZT...

433 B
633 B

77ms
26ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5vAcCHxwZWRTMzdhOHhRRFdWYzdMZ2xkdUVCMnFQdFJINzdVTkpPaVNqTjBEZ2k0RnRLTHJjZUNjK1U1ZUE2T2FUSFVobTF1OHNOV0ZLMGp6R1QvbFppc3Z1cHlzUXUwZko4RUorR2w2eG5jU1Vpc28zRTE5YmN1Z2JLZTRjRG5hampGM3pZT3Fqcnc2RWhVZThwbGM0TnZGamMyTmNMRDJsdWh5VTcxSjdCckY4OVFjSDNhYnNiQ0dvR2VxbmtZSWJ1dlhobGNXd1NaMWxrbkFuM29QTmllZmxKcGlWVnpBWXdJenB3NzhnZitIMnkvVTcyRXh4SzdiMUExMDNqUUN6bjRidmxrREU1dVAxcWU3WFRVL0wzWktEeFFyeEhBT2pRT21HTmFzY3pKekNLODkvdTBZUGNLblZzd3hPbWpOV00rZHw&cppv=2

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

d2b2659cd3a0c481c2a158b0f76d1b4bbf0d6cf12290e84aaaf050652d022194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:17 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4572
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=5vAcCHxwZWRTMzdhOHhRRFdWYzdMZ2xkdUVCMnFQdFJINzdVTkpPaVNqTjBEZ2k0RnRLTHJjZUNjK1U1ZUE2T2FUSFVobTF1OHNOV0ZLMGp6R1QvbFppc3Z1cHlzUXUwZko4RUorR2w2eG5jU1Vpc28zRTE5YmN1Z2JLZTRjRG5hampGM3pZT3Fqcnc2RWhVZThwbGM0TnZGamMyTmNMRDJsdWh5VTcxSjdCckY4OVFjSDNhYnNiQ0dvR2VxbmtZSWJ1dlhobGNXd1NaMWxrbkFuM29QTmllZmxKcGlWVnpBWXdJenB3NzhnZitIMnkvVTcyRXh4SzdiMUExMDNqUUN6bjRidmxrREU1dVAxcWU3WFRVL0wzWktEeFFyeEhBT2pRT21HTmFzY3pKekNLODkvdTBZUGNLblZzd3hPbWpOV00rZHw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1920
content-length: 594
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ Frame E29F 7 KB
8 KB 320ms
114ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=53013&v=5.8.1&p0=e%3Dce%26m%3D%255B%252523Email%252520address%252523%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fd31bfnnwekbny6.cloudfront.net&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=_Qtyn19QelAyJTJCYnVLTmp5ZU9HUnk4S2QwUERGc0FoanI4cElQV1clMkJZdkQzVVNieUxHU1ltT082OWQzMllXOUcwenolMkZSMFNkRFF6Zk0yOGx0eEZqTjBkcUFEdVAzejdlQUI3SFRCeWRuQ1dyY0JIWU4wSEI2NjRiZGlkQ1JNNmJnSHNZNHJrQVFPdXFGJTJGanJzeWVkR0Nlbkx6USUzRCUzRA&tld=retrack-kupona.kuponacdn.de&dtycbr=70272

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0f721902b2abff4fa6a0c0ceb1010df367aa875dc3b3bd83b9b0649e913dca3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://retrack-kupona.kuponacdn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:16 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12865441
timing-allow-origin: *
expires: 0

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 1E7D
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=m-TkYlC_BPNcOZEj8UNVK7cesgGJYqG3

42 B
450 B

70ms
45ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=m-TkYlC_BPNcOZEj8UNVK7cesgGJYqG3
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 17:40:19 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=m-TkYlC_BPNcOZEj8UNVK7cesgGJYqG3
date: Thu, 27 Jan 2022 17:40:18 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3849
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1E7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay02LVg0WjBXZ2xZVDZUM2ZHVmFCaDVOS3JSY29OOHV3Y29xRDlOUQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
369 B

80ms
28ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 250647
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 1E7D
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ&custom=&tag_format=img&tag_action=sync&custom=&cb=e18468a0-8c5d-43f2-8524-22baf55...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=e18468a0-8c5d-43f...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=dc934915-5234-4cdb-b86c-a4d4c0402a77&tag_format=img&tag_action=sync&cb=

0
590 B

24ms
24ms

Image
text/plain

52.203.72.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=dc934915-5234-4cdb-b86c-a4d4c0402a77&tag_format=img&tag_action=sync&cb=
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Server: 52.203.72.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-72-187.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:19 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=dc934915-5234-4cdb-b86c-a4d4c0402a77&tag_format=img&tag_action=sync&cb=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 1E7D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%252C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=dc934915-5234-4cdb-b86c-a4d4c0402a77&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%2C

95 B
429 B

38ms
38ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=dc934915-5234-4cdb-b86c-a4d4c0402a77&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%2C

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=dc934915-5234-4cdb-b86c-a4d4c0402a77&ttd_puid=3b1feab9-4c68-419f-a707-7b23914a262f%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 1E7D 0
194 B 312ms
28ms Image
text/plain 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 1E7D 43 B
717 B 66ms
21ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 27 Jan 2022 17:40:19 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 1E7D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-cB5Ef0WglYT6T3fGVaBh5NKrRcrVALDcrmOAeg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-cB5Ef0WglYT6T3fGVaBh5NKrRcrVALDcrmOAeg&verify=true

0
122 B

26ms
26ms

Image
text/plain

3.218.90.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-cB5Ef0WglYT6T3fGVaBh5NKrRcrVALDcrmOAeg&verify=true

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Server

3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-90-66.compute-1.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-cB5Ef0WglYT6T3fGVaBh5NKrRcrVALDcrmOAeg&verify=true
date: Thu, 27 Jan 2022 17:40:19 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 1E7D 0
476 B 96ms
20ms Image
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-PNFEb0WglYT6T3fGVaBh5NKrRcqS-dEgBbspIw
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:19 GMT
Cache-Control: no-cache
X-TraceId: 5572489114d1d4cd484c1b2d1d8df915
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 1E7D 0
426 B 285ms
93ms Image
text/plain 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-216-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 27 Jan 2022 17:40:19 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 1E7D 42 B
787 B 102ms
27ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-8dyUoUWglYT6T3fGVaBh5NKrRcrg1sPDd2LMzA&expires=30
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: f69a50991384d09413b97a37bb74928b
Content-Type: image/gif

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 1E7D 43 B
1020 B 23ms
19ms Image
image/gif 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-VJwVTUWglYT6T3fGVaBh5NKrRcqn0sym_iLFag&seg=95287

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:19 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 4c2b60a5-dd37-482c-a77d-6d72f8107c1a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame 1E7D 170 B
600 B 215ms
189ms Image
image/png 34.102.166.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-5SQb8kWglYT6T3fGVaBh5NKrRcprTAUpoaO39Q
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
content-encoding: gzip
vary: accept-encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: image/png;charset=utf-8
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 1E7D 43 B
872 B 558ms
186ms Image
image/gif 124.146.215.48
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-vc87W0WglYT6T3fGVaBh5NKrRcoAk6RZdv4Btg
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.48 Shibuya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID: 14
Date: Thu, 27 Jan 2022 17:40:19 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-vc87W0WglYT6T3fGVaBh5NKrRcoAk6RZdv4Btg","cluster_id":14,"gdpr":false,"ipv4":"149.56.153.184","key":"YfLZA8Co8YEAAH25dSQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40011"}
X-SO-Ads-Time: 3
X-SO-Key: YfLZA8Co8YEAAH25dSQAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40011
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: a-ad40011.dc2p.scaleout.jp
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-IP: 149.56.153.184

GET
H/1.1 200
OK sync
adgen.socdm.com/rtb/ Frame 1E7D 43 B
827 B 587ms
208ms Image
image/gif 124.146.215.5
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.5 Shibuya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID: 26
Date: Thu, 27 Jan 2022 17:40:19 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":26,"gdpr":false,"ipv4":"149.56.153.184","key":"YfLZA8Co8HMAAK90F.MAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40256"}
X-SO-Ads-Time: 9
X-SO-Key: YfLZA8Co8HMAAK90F.MAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40256
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: a-ad40256.dc2p.scaleout.jp
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: m-ng15.dc4p.scaleout.jp
X-SO-IP: 149.56.153.184

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1E7D 42 B
674 B 89ms
20ms Image
image/gif 104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-_i_IQkWglYT6T3fGVaBh5NKrRcqsotoX0jwm6Q
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug020:0:537
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 /
cs.adingo.jp/sync/ Frame 1E7D 43 B
412 B 86ms
24ms Image
image/gif 23.23.105.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-3i_ld0WglYT6T3fGVaBh5NKrRcogkIkBeUELow
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.105.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-105-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK Criteo
crb.kargo.com/api/v1/dsync/ Frame 1E7D 43 B
504 B 207ms
107ms Image
image/gif 34.205.163.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-6-X4Z0WglYT6T3fGVaBh5NKrRcoN8uwcoqD9NQ
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.163.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-163-198.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:19 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

xuid
eb2.3lift.com/ Frame 1E7D
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-ZP75GkWglYT6T3fGVaBh5NKrRcpKI8F5nCiO4Q&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ZP75GkWglYT6T3fGVaBh5NKrRcpKI8F5nCiO4Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

27ms
27ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ZP75GkWglYT6T3fGVaBh5NKrRcpKI8F5nCiO4Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-ZP75GkWglYT6T3fGVaBh5NKrRcpKI8F5nCiO4Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

k-lSPPY0WglYT6T3fGVaBh5NKrRcroSoGzPw5VsQ
an.yandex.ru/mapuid/criteois/ Frame 1E7D
Redirect Chain

https://an.yandex.ru/mapuid/criteois/k-lSPPY0WglYT6T3fGVaBh5NKrRcroSoGzPw5VsQ
https://an.yandex.ru/mapuid/criteois/k-lSPPY0WglYT6T3fGVaBh5NKrRcroSoGzPw5VsQ?redir-setuniq=1

43 B
108 B

151ms
151ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/criteois/k-lSPPY0WglYT6T3fGVaBh5NKrRcroSoGzPw5VsQ?redir-setuniq=1

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:40:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 17:40:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:40:19 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/criteois/k-lSPPY0WglYT6T3fGVaBh5NKrRcroSoGzPw5VsQ?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 17:40:19 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 1E7D 45 B
782 B 82ms
39ms Image
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-8g_CQUWglYT6T3fGVaBh5NKrRco73v71TZi9Hg

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 27 Jan 2022 17:40:19 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 27 Jan 2022 17:40:19 GMT

GET
H2 200 /
sync.ad-stir.com/ Frame 1E7D 43 B
456 B 575ms
186ms Image
image/gif 18.180.85.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=CRITEO&uid=k-PG5flEWglYT6T3fGVaBh5NKrRcqw69W-CS0HXQ
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.180.85.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-85-76.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate
content-length: 43
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 1E7D
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YQjQQkWglYT6T3fGVaBh5NKrRcog8kQS05Itvw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YQjQQkWglYT6T3fGVaBh5NKrRcog8kQS05Itvw&C=1

43 B
1 KB

107ms
106ms

Image
image/gif

23.201.213.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YQjQQkWglYT6T3fGVaBh5NKrRcog8kQS05Itvw&C=1
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Server: 23.201.213.31 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-213-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 17:40:19 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YQjQQkWglYT6T3fGVaBh5NKrRcog8kQS05Itvw&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Thu, 27 Jan 2022 17:40:19 GMT

GET
H2 204 pixel
adx.dable.io/ Frame 1E7D 0
141 B 667ms
218ms Image
text/plain 52.79.202.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-XUlslUWglYT6T3fGVaBh5NKrRcrTn-m3zMw-jw
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.79.202.62 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-79-202-62.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
server: nginx

GET
H2 204 /
s.ad.smaato.net/c/ Frame 1E7D 0
242 B 90ms
24ms Image
text/plain 2600:9000:20aa:4a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-jqBDb0WglYT6T3fGVaBh5NKrRcr1H_sT9eDkGw
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:4a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
via: 1.1 6c2e384f59feb64a0c739aee7f890066.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: IAD89-C2
x-amz-cf-id: gzcDS4vGW6a7D6CSUQ7-9JD33mpEyzSYRMvADXLEVhwMhQCaVXfk3w==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1E7D 43 B
220 B 109ms
108ms Image
image/gif 18.197.236.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HTZwXkWglYT6T3fGVaBh5NKrRcpr2zPnnLLwlQ&expires=30&user_group=5
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.236.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-236-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 17:40:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame 1E7D 42 B
884 B 229ms
158ms Image
image/gif 99.84.125.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-MTGirUWglYT6T3fGVaBh5NKrRcqnSPCV3ReUEw

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.125.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-125-75.ewr52.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
via: 1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
pragma: no-cache
x-amzn-trace-id: Root=1-00000000-000000000000000000000000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: GsCRzL7NmlPvEg6_KmB6X1g0Hq9zLqkfGEf8TMrBGigxYSu_3jn_CQ==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1E7D
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=525806914916947629

43 B
370 B

25ms
24ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=525806914916947629

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1299822
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 17:40:19 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 932f0eee-201b-44de-83e4-37142007fd1a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=525806914916947629
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 1E7D
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/aEXztpCw_q8DIxyP-wn80jjR6IHbXfI_/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4553705166977748109

43 B
370 B

27ms
27ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4553705166977748109

Requested by

Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3119920
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4553705166977748109
pragma: no-cache
date: Thu, 27 Jan 2022 17:40:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1E7D 42 B
111 B 20ms
20ms Image
image/gif 104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-_i_IQkWglYT6T3fGVaBh5NKrRcqsotoX0jwm6Q
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug003:0:455
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 t.gif
cw.addthis.com/ Frame 1E7D 0
426 B 131ms
131ms Image
text/plain 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-8dyUoUWglYT6T3fGVaBh5NKrRcrg1sPDd2LMzA
Requested by: Host: d31bfnnwekbny6.cloudfront.net
URL: https://d31bfnnwekbny6.cloudfront.net/customers/9558-static.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-216-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 17:40:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 27 Jan 2022 17:40:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.yieldmanager.com
URL: https://ad.yieldmanager.com/pixel?id=2378466&t=2

Verdicts & Comments Add Verdict or Comment

308 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gebuhrenfrei.com/	1969-12-31 23:59:59	Name: ROUTEID.0fed26543d6cb4f4e1b452d79968c0b4 Value: .node1
www.gebuhrenfrei.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8EFF00EE966B626DC1285A562FDE910A
.gebuhrenfrei.com/	1970-01-20 17:59:37	Name: __utma Value: 34273079.386242502.1643305216.1643305216.1643305216.1
.gebuhrenfrei.com/	1969-12-31 23:59:59	Name: __utmc Value: 34273079
.gebuhrenfrei.com/	1970-01-20 04:51:13	Name: __utmz Value: 34273079.1643305216.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.gebuhrenfrei.com/	1970-01-20 00:28:25	Name: __utmt Value: 1
.gebuhrenfrei.com/	1970-01-20 00:28:27	Name: __utmb Value: 34273079.1.10.1643305216
www.gebuhrenfrei.com/	1970-01-20 00:38:30	Name: adt_firstvisit Value: 1643305216135
www.gebuhrenfrei.com/	1970-01-20 00:38:30	Name: adt_recurring Value: 0
.gebuhrenfrei.com/	1970-01-20 09:15:27	Name: _vwo_uuid_v2 Value: DCCB1507236759777195FB80C0DF59082\|d38e41f1543e68663464365e51618112
.gebuhrenfrei.com/	1970-01-20 09:54:20	Name: _adt_pk_id.2.6543 Value: 5877eb905a8fe46f.1643305217.
.gebuhrenfrei.com/	1970-01-20 00:28:27	Name: _adt_pk_ses.2.6543 Value: 1
www.gebuhrenfrei.com/	1970-01-20 00:29:51	Name: isSdEnabled Value: false
.gebuhrenfrei.com/	1970-01-20 17:45:13	Name: _et_coid Value: 55fc9396460303a7481f82948b31342d
opt.kuponacdn.de/	1970-01-20 09:14:01	Name: 9558 Value: JSON%3A%7B%22timestamp%22%3A1643305217%2C%22customer_id%22%3A%229558%22%2C%22referrer%22%3A%22https%3A%2F%2Fd31bfnnwekbny6.cloudfront.net%2F%22%2C%22advertiser_decision%22%3A%22out%22%2C%22user_decision%22%3A%22imp_in%22%7D
opt.kuponacdn.de/	1970-01-20 09:14:01	Name: opt_keys Value: JSON%3A%5B%22opt_keys%22%2C%229558%22%5D
.doubleclick.net/	1970-01-20 17:59:37	Name: IDE Value: AHWqTUkB_v57yPRbnuU_J3_Oor00SPZF4Eu3fSEqAHOma5bzdDu6xZDt-y4MDafrBis
.adnxs.com/	1970-01-20 02:38:01	Name: uuid2 Value: 525806914916947629
.ad-srv.net/	1970-01-20 02:38:01	Name: pwzdy6wsn8n7_uid Value: f6fcc2b21d4c7b58
.turn.com/	1970-01-20 04:47:37	Name: uid Value: 4553705166977748109
.criteo.com/	1970-01-20 09:50:01	Name: uid Value: 8593f8dc-ba2d-471b-96c4-13f7eef1763a
www1.mpnrs.com/	1970-01-20 09:14:01	Name: ata Value: ~mdaVc8GGGcmi
.creative-serving.com/	1970-01-20 09:50:01	Name: tuuid Value: 33004320-ead8-4af5-ac05-7fb98099c4a9
.creative-serving.com/	1970-01-20 09:50:01	Name: c Value: 1643305218
.creative-serving.com/	1970-01-20 09:50:01	Name: tuuid_lu Value: 1643305218
.adfarm1.adition.com/	1970-01-20 02:38:04	Name: UserID1 Value: 7057942168670962895
.tapad.com/	1970-01-20 01:54:49	Name: TapAd_TS Value: 1643305219058
.tapad.com/	1970-01-20 01:54:49	Name: TapAd_DID Value: 3b1feab9-4c68-419f-a707-7b23914a262f
.yahoo.com/	1970-01-20 09:14:22	Name: A3 Value: d=AQABBAPZ8mECEKSFZcuAmneAr-fkWPx90GMFEgEBAQEq9GH8YQAAAAAA_eMAAA&S=AQAAAjZUrJCUGKYXILzHKEJbhXo
.outbrain.com/	1970-01-20 02:38:01	Name: obuid Value: cc149cce-0ca0-47ab-a908-e100d0ab58ad
.outbrain.com/	1970-01-20 01:11:37	Name: criteo Value: k-PNFEb0WglYT6T3fGVaBh5NKrRcqS-dEgBbspIw
.rlcdn.com/	1970-01-20 09:14:01	Name: rlas3 Value: hrZkNj+SDWeIIQ2k5h4ew66Dli+JX4Y9slN/HhjevuQ=
.rlcdn.com/	1970-01-20 01:54:49	Name: pxrc Value: CAA=
.rubiconproject.com/	1970-01-20 09:14:01	Name: khaos Value: KYX9HY58-15-3862
.analytics.yahoo.com/	1970-01-20 09:15:27	Name: IDSYNC Value: 18zh~22wh
.bidswitch.net/	1970-01-20 09:14:01	Name: tuuid Value: 2b2df252-2b70-4161-b591-012b05b7c835
.bidswitch.net/	1970-01-20 09:14:01	Name: c Value: 1643305219
.bidswitch.net/	1970-01-20 09:14:01	Name: tuuid_lu Value: 1643305219
.mediawallahscript.com/	1970-01-20 17:59:37	Name: mCookie Value: 31f5c671-7f98-11ec-9899-b9e462c971bd
.mediawallahscript.com/	1970-01-20 01:14:30	Name: mVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2022 Value: %7B%221KTuLJ%22%3A1%7D
.mediawallahscript.com/	1970-01-20 17:59:37	Name: mUserCookie Value: %7B%7D
.pubmatic.com/	1970-01-20 01:11:37	Name: KRTBCOOKIE_97 Value: 3385-uid:k-_i_IQkWglYT6T3fGVaBh5NKrRcqsotoX0jwm6Q&KRTB&23286-uid:k-_i_IQkWglYT6T3fGVaBh5NKrRcqsotoX0jwm6Q&KRTB&23287-uid:k-_i_IQkWglYT6T3fGVaBh5NKrRcqsotoX0jwm6Q&KRTB&23288-uid:k-_i_IQkWglYT6T3fGVaBh5NKrRcqsotoX0jwm6Q
.pubmatic.com/	1970-01-20 01:11:37	Name: PugT Value: 1643305219
.pubmatic.com/	1970-01-20 02:38:01	Name: PUBMDCID Value: 2
.adingo.jp/	1970-01-20 01:11:37	Name: criteo_dsp Value: k-3i_ld0WglYT6T3fGVaBh5NKrRcogkIkBeUELow
.adsrvr.org/	1970-01-20 09:14:01	Name: TDID Value: dc934915-5234-4cdb-b86c-a4d4c0402a77
.adsrvr.org/	1970-01-20 09:14:01	Name: TDCPM Value: CAEYBSABKAIyCwi6homV2vGwOhAFOAE.
.tpmn.co.kr/	1970-01-20 09:14:01	Name: uuid Value: 4e2bcd8c6b214068a860abdf083cef37
.tpmn.co.kr/	1970-01-20 01:11:37	Name: criteo Value: k-5SQb8kWglYT6T3fGVaBh5NKrRcprTAUpoaO39Q
.tapad.com/	1970-01-20 01:54:49	Name: TapAd_3WAY_SYNCS Value: 1!665
.3lift.com/	1970-01-20 02:38:01	Name: tluid Value: 1974603648391111063544
.addthis.com/	1970-01-20 09:50:01	Name: ouid Value: 61f2d903000123d2ac37e8dedbe0796be1de1bdd70c306fed8f5
.addthis.com/	1970-01-20 09:50:01	Name: uid Value: 61f2d90396b9621e
.addthis.com/	1970-01-20 09:50:01	Name: na_id Value: 2022012717401925500535576883
.rubiconproject.com/	1970-01-20 09:14:01	Name: audit Value: 1\|Qf2hbngmR09NBRrK2EsaYxylMxm9MD8ZubtluxeVp/oeECEUBMheinb9GzRn3BSIpkwHKmtq6VcwHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTdekp+P+GGBFgXCUbtwfi10SGOfoIFQdhwFaJ2g76TGgU03GZ9CazZx16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.media.net/	1970-01-20 09:14:01	Name: visitor-id Value: 2863068191455284000V10
.media.net/	1970-01-20 01:11:37	Name: data-c-ts Value: 1643305219
.media.net/	1970-01-20 01:11:37	Name: data-c Value: k-8g_CQUWglYT6T3fGVaBh5NKrRco73v71TZi9Hg~~3
.kargo.com/	1970-01-20 09:14:01	Name: ktcid Value: 3f96370d-c0c0-0e9d-54ef-c9446567d530
.adnxs.com/	1970-01-20 02:38:01	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2HbzEH5HT!EKyQ#xY4s6(:>la5>P9dsA139>2XAJ!@zv9F)GOda2Pv=e?ZcNx%R8'$UUZo#q/A)':$U5pFEPTD._*PlZ[C[-kX-39WBf
.casalemedia.com/	1970-01-20 09:14:01	Name: CMID Value: YfLZA-5x-nnwhl6xY0q50AAA
.casalemedia.com/	1970-01-20 02:38:01	Name: CMPS Value: 466
.adtdp.com/	1970-01-20 17:59:37	Name: uid Value: 65a4f23f-7e48-4d33-8dcd-aaf2b488fcd2
.adtdp.com/	1970-01-20 17:59:37	Name: pr Value: aja
.yandex.ru/	1970-01-23 16:04:25	Name: yuidss Value: 7807869251643305219
.yandex.ru/	1970-01-23 16:04:25	Name: yandexuid Value: 7807869251643305219
.casalemedia.com/	1970-01-20 02:38:01	Name: CMPRO Value: 995
.casalemedia.com/	1970-01-20 09:14:01	Name: CMRUM3 Value: 1461f2d9032760k-YQjQQkWglYT6T3fGVaBh5NKrRcog8kQS05Itvw
.casalemedia.com/	1970-01-20 00:29:51	Name: CMST Value: YfLZA2Hy2QMA
.socdm.com/	1970-01-20 17:59:37	Name: SOC Value: YfLZA8Co8HMAAK90F.MAAAAA
.ad-stir.com/	1970-01-20 17:59:37	Name: uid Value: 09dfbbca-5338-4062-bcd7-cb6a195aafb5
.ad-stir.com/	1970-01-20 00:48:34	Name: d10 Value: k-PG5flEWglYT6T3fGVaBh5NKrRcqw69W-CS0HXQ
.dable.io/	1970-01-20 02:52:25	Name: uid Value: 31768293.1643305219857

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 80) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.gebuhrenfrei.com/Home/(Line 56) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.gebuhrenfrei.com/Home/(Line 56) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.gebuhrenfrei.com/Home/(Line 658) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.etracker.com/t.js?et=Y83BYV, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.gebuhrenfrei.com/Home/(Line 658) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.etracker.com/t.js?et=Y83BYV, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.etracker.de/api/v6/tracking/webEvents Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.etracker.de/api/v6/tracking/webEvents Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' ; img-src ; connect-src ; style-src 'self' 'unsafe-inline';frame-src 'self' ; frame-ancestors *;
Strict-Transport-Security	max-age=31556926; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad.as.amanad.adtdp.com
ad.doubleclick.net
ad.tpmn.co.kr
ad.yieldmanager.com
ad13.adfarm1.adition.com
ad2.adfarm1.adition.com
adfarm1.adition.com
adgen.socdm.com
ads.adtiger.de
ads.creative-serving.com
ads.yahoo.com
adserver.adtech.de
adservice.google.com
advanzia2-service.adtelligence.de
advanzia2-tracking.adtelligence.de
adx.dable.io
aggregator.service.usercentrics.eu
an.yandex.ru
api.usercentrics.eu
app.usercentrics.eu
browser-update.org
cdn.adtelligence.de
cm.g.doubleclick.net
code.etracker.com
contextual.media.net
crb.kargo.com
cs.adingo.jp
cw.addthis.com
d.turn.com
d31bfnnwekbny6.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
eb2.3lift.com
googleads.g.doubleclick.net
graphql.usercentrics.eu
gum.criteo.com
idsync.rlcdn.com
imagesrv.adition.com
mastertag.kpcustomer.de
match.adsrvr.org
mug.criteo.com
opt.kuponacdn.de
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.tapad.com
pubads.g.doubleclick.net
r.casalemedia.com
r.turn.com
retrack-kupona.kuponacdn.de
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
ssl.google-analytics.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync.ad-stir.com
sync.outbrain.com
tg.socdm.com
ups.analytics.yahoo.com
www.etracker.de
www.gebuhrenfrei.com
www.google.ca
www.google.com
www.googleadservices.com
www1.mpnrs.com
x.bidswitch.net
ad.yieldmanager.com
104.36.115.109
107.178.246.49
116.202.122.87
124.146.215.48
124.146.215.5
142.250.65.162
142.250.65.230
142.251.40.194
152.199.5.1
178.250.2.151
178.32.75.217
18.180.85.76
18.185.243.227
18.197.236.215
194.25.167.195
2001:4998:14:800::1000
213.95.181.109
217.79.188.21
217.79.188.54
217.79.188.59
217.79.188.8
23.201.213.31
23.208.216.126
23.23.105.100
23.52.167.93
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2600:9000:20aa:4a00:1b:5138:8a40:93a1
2606:4700:20::ac43:459c
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2008
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::2004
2607:f8b0:4006:823::2002
2607:f8b0:4023:1404::9b
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2a02:6b8::90
3.218.90.66
34.102.166.132
34.205.163.198
34.251.41.192
34.96.102.137
35.157.229.86
35.190.60.146
35.71.131.137
52.203.72.187
52.223.22.214
52.28.58.4
52.79.202.62
62.201.164.113
62.201.164.117
62.216.176.7
64.202.112.127
68.67.160.75
69.173.151.100
74.119.119.139
74.119.119.150
76.13.32.146
94.130.102.164
99.84.125.75
99.84.42.23
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
01c07687e749ffefe24b14b4e6c82e6a242570be12fb3f8b0104c5398bed28bb
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
065a5d7bc73b758fba6faa99cc06d218c9994e4d740c13556210d297c597047b
07106d012f8bdee0bcca07062ca888dd5ba47ae8a1ccafcb42694eb69897e9cb
079932d45c27391eb43949af1432714db00ac8c7385e01071a5e46bb06232171
09f43c0d176c12ea2bceb81986be2a9e70a8544f93b0cac680a45ac89f9f6e91
0a1e99d351fb5d01bd2648d0330a060d9ebefc8de51184c102904f0b707f2c6d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f721902b2abff4fa6a0c0ceb1010df367aa875dc3b3bd83b9b0649e913dca3d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15d838b6fb9021a6a33b900e43215784f3464ced6e05978e7ad9c1eb0d176076
15e5fc36c026c00dfef9898482dd92925fedca6ad4f9f46cb4a4d75530e082c9
17ee03e58e82df27e8238b21433b9b7437889f93ab2225232b373fc56b6f62b8
1dc9184197d58ad84693cfdf5b0e80f45eed17dfde63e4020c2060bfc53f31ff
1faf7ba5e26a1ee6f0f83f3fdb1d60afff3e171a75ab40df4337a333460f2bcb
27c0f136d57f47b9486fdca200e5cd526870de786286afcbff2c3e3f3de3f4b6
2d2800cf150e2d9534b12c7a35c39ba3dd7e895d19556c322bf5ffac9e66d58d
2d9e0408709535c2d40cd1e7d0d80418e5bae73a16dc0644bc5aca4c728e2ea7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3308e8d744bf41f83c548a50fe68377e7098036ac4b5845b53373483f0ecc5d2
3469a022ec7dc28a6e642126b589477f4a8fb3b03fd0087b8efe17e1b4e5bbb8
38aea12122be9d2dfefb3948878d19c8bab2c63b5e9f9a140f062c39491d84b0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42d7c779eac081dac5e721ee4d7cf7ec5abb631f6512a0d3758e9386ad0add64
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd7092c426ccdbacb68b9bb754e7383457d37cc922f37f10f1960612ce1b924
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f118c2bbcc63139e811fa548d0a83c01aee5074fe04226b8ed4adc4e22b5909
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f1850643640e3bc63c6541824501aa6674e7dc16584533737be736b7470569
58c84b10916a9081869e831cee021af1ec6afb5746d9c0777156fff76717ff11
5903a02d83ea8a78ced055e4edcece00d4c1a25c2fd6c6b5974ff8672bb3241f
59ac34ae74eba3698a59fae6b2360d25227614594b486413250fd07d8bd4a650
59b58cbc7a6cdcbd308cce1321a938025bb66f7de0fd34ffea8431b9e4eed8f0
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6444290c54d9828cdfe1c19ccf516a871747b43d2a8a6ec967f672c45c4dfd76
65ba2e573ba7a45a7904bba2a4183a262f76d5abd127a63466f8e6e18c52a92e
670ffee907a50644eab875c2378790d98f4da98c8f1b2a67ba7b6903e33dbc98
69230f9e3c19966ae3cd0628c0266315d643aa9ac00da33dd7317c15711f37a2
6cc82230d6fb5dc5b8ee08815da6de6997dd9ff5754b6537f4f052c745d48a4f
71c183da45e4a98fc3447c90ee822c2a6a87bb672f70a2f3e5ea037d41c0813f
7292713d20be98a27619d610da630ad57ada4cef26a4a8913647d8fe6a93ef00
765ee15850b68158abb11e245e5b72d615d37c1cb920eda850da1bf256b1ca20
7706dd45386901420f8ce918f7775dc59a8e96fb88d8ba67bfa6d5607a74ef0b
78e08b36f596318a1029d3be7fba9a6ed5bad1e5384dc36ad628660fd627dc82
7c06606db196ea56e061f267fd830864969228cedfbb3306cd48cf54aca85fbf
8206731bafb73f0da9b605d339350e8144dd52fae3163dda8ef3525ac4fb60d3
821e2128eb5f6ac67b022235c8362dde2fcd437b6240d29fc068b38e50e0fff7
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842f93cec1f8678ffd05ea4a04d1321faf0713f6716aa310c5eb0ed04cdc47e9
86862b52ea697e8c11a1de74bdd1b05a2cf7ca2097d34eca752080dc84d0b75b
89ae2a45ddf15d896148e9babf8a0233be4f717d2da46ac016bbb1a459072103
8d8f4b2fa2c3331dd24b9ce503d91c925746a0c5aa0defda4b8f83bef0d0c382
90c97fe4de228243e795883e6b2f27c67ede2b2c4bb205c7c556ed7a4e3a6a57
945b06b1892d3fc83b45b95bafbc9bcd283fd6fb68734c6bc5bcd1b8041a5c1a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a39721ab63ff1ad4e3ef5bba08d1cbd10286aa307262fb58eb7e98f4670f446a
a6320f420e1678128868e2919fe5893cc6169ce2162e24ce8f0d77759786a2cb
a6aad3abd7921f4c78a37e8a035e859baadb7799568796014619abf8149fe643
a73a3f0c302f71d1a0733163e461ba728cd6bff9c93f0917ea3a42927a866e60
a8ba6bf999f48d6576cf1ec5ea2680d722306c49821d614e30f293c68b89d536
ac5817b3d269f20b4ede2237fa09cb5e285bb1f69e01529a1852a33497e2e758
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4969586b07d58ea6f448f3923227869353b3e644b0a5a65422d4e736ae4e720
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2f00fd0eb51feee8ae5b9123111ebcb9b2db02abfe05bd2adb80af52b7219ec
c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b
ca6a914031c36bd9f17a8dd27572f89016767fd5ae9a414bdf3e89cba4b8f0d0
cc351b1fc22ef1f507c8a7b9868cf76a6a21beaf1d8f05dc8141cc2cc8c99445
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d149e1f7026c53081c7813668244b77b0c937fa06cde8131e780ca9848b5f0b2
d2882cd4c7493b77fd2a81140c8783bc35d6f07498313ad8267e59d4a4ef590c
d2b2659cd3a0c481c2a158b0f76d1b4bbf0d6cf12290e84aaaf050652d022194
d2d3403e69d8bce76b594200c3ec44a682d20b0f7567def39519a4fe94ce5721
d3a155528f0d3feae2ff4b648d38b9c4c4ca7a230f0089ec8e66c7eff6138eea
d53ecad56103d729cf92be4faf5203c238c781202a0774ccc6fbb6a9ecd15e97
d73461cf3a7236261edd84df7513279c790330522e814fee096607c7c59c4071
daf78cee0a32d6962c0649e533352e4b4200bda197bf73c1b16e0c444e21bc40
dcfb3cacc3c8f2a8c567df5f3407c77f251cc8b00540d59361a3b650fafb444e
dea0074098ec5611ef2f4c67f5c9e7bec9a42897fffacd5433dce9ecd08af120
dea6017543dbdc36a39d8133e9c4b951f964b90d2587fb674a8b6b5f1ff14236
e110618acb199e61cac3c156dae2603fead546548c0ade9dd1995c8cfd647e36
e2ced8e2cd997ec5fdcf63bc24fdda4c0ee8b27ff971fc04537c27a0bcd7cc23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c7bf4dfffc106d292851ce300ebf4ae8a1e19bbb5acaef7287faa287354c29
e738413d5e8e74f14ef6bf92098d1a18e71413d0605f536048beb6c80fdf65b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f110372a6462a68663d1f95a38fcaf153a50b86ef92d2bcee5fe03a815090b
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

www.gebuhrenfrei.com Open in urlscan Pro 194.25.167.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

66 %HTTPS

27 %IPv6

48 Domains

69 Subdomains

57 IPs

7 Countries

1147 kBTransfer

3061 kBSize

73 Cookies

6 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -23 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gebuhrenfrei.com Open in urlscan Pro
194.25.167.195 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

66 %
HTTPS

27 %
IPv6

48
Domains

69
Subdomains

57
IPs

7
Countries

1147 kB
Transfer

3061 kB
Size

73
Cookies

139 HTTP transactions
-23 data transactions