www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gmai.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU2OTg3NzExNSwiaWF0IjoxNTY...
Effective URL:
https://www.auskunft.de/?rt=y&utm_source=zp
Submission: On September 30 via manual (September 30th 2019, 7:43:41 pm UTC) from US

Summary HTTP 47 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 16 domains to perform 47 HTTP transactions. The main IP is 195.201.46.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.

This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.166.182.52 46.166.182.52	43350 (NFORCE) (NFORCE)
2	34.193.227.251 34.193.227.251	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
10	195.201.46.48 195.201.46.48	24940 (HETZNER-AS) (HETZNER-AS)
1	143.204.214.67 143.204.214.67	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	185.86.138.79 185.86.138.79	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.33.223.197 185.33.223.197	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.215.100.39 91.215.100.39	43407 (INFONLINE-AS) (INFONLINE-AS)
2	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
5	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY - Fastly)
1	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
47	20

1 46.166.182.52 (Netherlands) 1 redirects

ASN43350 (NFORCE, NL)

gmai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.227.251 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-227-251.compute-1.amazonaws.com

usa.odysseus-nua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 195.201.46.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.46.201.195.clients.your-server.de

www.auskunft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.67 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-67.fra53.r.cloudfront.net

cdn-a.yieldlove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

yieldlove-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.79 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.197 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	189 KB
10	auskunft.de www.auskunft.de	352 KB
4	googletagservices.com www.googletagservices.com	100 KB
4	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	116 B
3	ioam.de 1 redirects script.ioam.de de.ioam.de	13 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	3 KB
3	openx.net 1 redirects yieldlove-d.openx.net eu-u.openx.net	5 KB
2	google.de adservice.google.de	349 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	smartadserver.com prg.smartadserver.com	3 KB
2	odysseus-nua.com usa.odysseus-nua.com	3 KB
1	google.com adservice.google.com	171 B
1	casalemedia.com as-sec.casalemedia.com	1 KB
1	yieldlove.com cdn-a.yieldlove.com	81 KB
1	gmai.com 1 redirects gmai.com	448 B
47	16

	Domain	Requested by
10	www.auskunft.de	usa.odysseus-nua.com www.auskunft.de
8	securepubads.g.doubleclick.net	www.auskunft.de securepubads.g.doubleclick.net usa.odysseus-nua.com www.googletagservices.com
4	www.googletagservices.com	securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	2 redirects www.auskunft.de
2	eu-u.openx.net	1 redirects cdn-a.yieldlove.com
2	de.ioam.de	1 redirects www.auskunft.de
2	adservice.google.de	securepubads.g.doubleclick.net www.googletagservices.com
2	stats.g.doubleclick.net	www.auskunft.de
2	prg.smartadserver.com	cdn-a.yieldlove.com
2	fastlane.rubiconproject.com	cdn-a.yieldlove.com
2	usa.odysseus-nua.com	usa.odysseus-nua.com
1	eus.rubiconproject.com	cdn-a.yieldlove.com
1	acdn.adnxs.com	cdn-a.yieldlove.com
1	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	script.ioam.de	www.auskunft.de
1	ib.adnxs.com	cdn-a.yieldlove.com
1	as-sec.casalemedia.com	cdn-a.yieldlove.com
1	yieldlove-d.openx.net	cdn-a.yieldlove.com
1	cdn-a.yieldlove.com	www.auskunft.de
1	gmai.com	1 redirects
47	22

This site contains links to these domains. Also see Links.

Domain
android.auskunft.de
ios.auskunft.de
www.alpha9marketing.com

Subject Issuer	Validity	Valid
*.auskunft.de Sectigo RSA Domain Validation Secure Server CA	`2019-09-12` - `2021-09-11`	2 years	crt.sh
cdn-a.yieldlove.com Amazon	`2018-10-11` - `2019-11-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.smartadserver.com Thawte RSA CA 2018	`2018-09-07` - `2020-02-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zp
Frame ID: 88C7AEE53F2194046A2A0D0270B3EB9A
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQyYLEVVWDftqa3mczvMwhDy_zTFdFxk3BDlJx--B_aINSdU54gz2qlpcn07VAXxPJJQq2tSnFVumxFRGfOCraXNQVcWihqFaDF1GxAc1D-_-ODDRbE9fMMsZTtUoVCwotV7yKCC0GWfYjB_wqiQhGY8NZwFL_8X6DsSseXmpjxw0cc76VxKESHDzIAYP8u_vlWzdjHNPe9P43XvYpYAH4-nIMHalMhviThA4dPgxZp5Ku3B3p7-ohzse2IyU4AFOV8RH5ZBgskFmetXSDFbNbq9Q&sai=AMfl-YQrnj0BE5QXU5DAhxFWXlKdIW5Bjh2tpJzAq00CtPzkxQbQOmczZfdWEkro0DQjhWJ78J6utv72W6PREf8qxhXaFnzuwuXCGUuCamZF&sig=Cg0ArKJSzOpADwKGxBpVEAE&urlfix=1&adurl=
Frame ID: C3B9D4A6D2430D3758475F550B9699A3
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: 7F45544D0E8EFBC066941EC970A09610
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 221125006ACCF8DE5D66118140F69DAB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 28E338BA4472827C2D8EFB2783084689
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: 925A57775D68F2DEE56B195BA05AF0EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gmai.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU2OTg... HTTP 302
http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7... Page URL
http://usa.odysseus-nua.com/zcredirect?visitid=8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76&type=js&browserWidth... Page URL
https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

47
Requests

96 %
HTTPS

30 %
IPv6

16
Domains

22
Subdomains

20
IPs

6
Countries

768 kB
Transfer

1932 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://android.auskunft.de/
Title: Android App

Search URL Search Domain Scan URL

URL: https://ios.auskunft.de/
Title: iOS App

Search URL Search Domain Scan URL

URL: https://www.alpha9marketing.com/unternehmen/stellenangebote
Title: Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gmai.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU2OTg3NzExNSwiaWF0IjoxNTY5ODY5OTE1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybjRrb25tbnJwcnFtMW5iMDQwOGNyNjIiLCJuYmYiOjE1Njk4Njk5MTUsInRzIjoxNTY5ODY5OTE1MzQ3NTcwfQ.XxubO9M HTTP 302
http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
http://usa.odysseus-nua.com/zcredirect?visitid=8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://www.auskunft.de/?rt=y&utm_source=zp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gmai.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU2OTg3NzExNSwiaWF0IjoxNTY5ODY5OTE1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybjRrb25tbnJwcnFtMW5iMDQwOGNyNjIiLCJuYmYiOjE1Njk4Njk5MTUsInRzIjoxNTY5ODY5OTE1MzQ3NTcwfQ.XxubO9M HTTP 302
http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Request Chain 19

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1037375609&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1988469688&gjid=309752242&cid=404538862.1569872605&tid=UA-77541742-2&_gid=420085785.1569872605&_r=1&z=1702173096 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1988469688&_gid=420085785.1569872605&gjid=309752242&_v=j79&z=1702173096

Request Chain 30

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000d&i2=000d712480630f7865d925add&ep=1600655864&vr=415&id=sxnjyl&i3=000d712480630f7865d925add%3A1599853405369%3A1569872605369%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569872605369&n1=4&dntt=0&lt=1569872605371&ev=&cs=3jvwfq&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000d&i2=000d712480630f7865d925add&ep=1600655864&vr=415&id=sxnjyl&i3=000d712480630f7865d925add%3A1599853405369%3A1569872605369%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569872605369&n1=4&dntt=0&lt=1569872605371&ev=&cs=3jvwfq&mo=1&sr=71

Request Chain 46

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1

Request Chain 47

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1037375609&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Suche%20nach%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=nobounce&ea=10%20seconds&_u=aEBAAEAB~&jid=1096409&gjid=1437258569&cid=404538862.1569872605&tid=UA-77541742-2&_gid=420085785.1569872605&_r=1&z=26191769 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1096409&_gid=420085785.1569872605&gjid=1437258569&_v=j79&z=26191769

47 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76 Show response
usa.odysseus-nua.com/zcvisitor/
Redirect Chain

http://gmai.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU2OTg3NzExNSwiaWF0IjoxNTY5ODY5OTE1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybjRrb25tbnJwcnFtMW5iMDQwOGNyNjIiLCJu...
http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

1010 B
2 KB

221ms
183ms

Document
text/html

34.193.227.251
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Protocol

HTTP/1.1

Server

34.193.227.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-193-227-251.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

078b66ec79c37f797f8a44f6e819803764ac647fe108efa79a6133d3445d9bc2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.odysseus-nua.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 19:43:24 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 30 Sep 2019 19:43:20 GMT
location: http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
server: nginx
set-cookie: sid=8e6eeed0-e3ba-11e9-b968-ebb3f6818a34; path=/; domain=.gmai.com; expires=Sat, 18 Oct 2087 22:57:28 GMT; max-age=2147483647; HttpOnly

GET
H/1.1 200
OK zcredirect
usa.odysseus-nua.com/ 268 B
965 B 104ms
103ms Document
text/html 34.193.227.251
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.odysseus-nua.com/zcredirect?visitid=8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usa.odysseus-nua.com
URL: http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Protocol

HTTP/1.1

Server

34.193.227.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-193-227-251.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.odysseus-nua.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Date: Mon, 30 Sep 2019 19:43:24 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H2 200 Primary Request / Show response
www.auskunft.de/ 24 KB
9 KB 125ms
96ms Document
text/html 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/?rt=y&utm_source=zp

Requested by

Host: usa.odysseus-nua.com
URL: http://usa.odysseus-nua.com/zcredirect?visitid=8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

1a6727988741617d17e2d52468f3240d3f164d6776aa35d1e2c31cbbf506bdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.auskunft.de
:scheme: https
:path: /?rt=y&utm_source=zp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://usa.odysseus-nua.com/zcredirect?visitid=8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://usa.odysseus-nua.com/zcredirect?visitid=8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status: 200
server: nginx
date: Mon, 30 Sep 2019 19:43:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: AUSKUNFT_SESSION=lr05itebo16bj597pj4ln907mq; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip

GET
H2 200 main.6e791fbc76443f35145a.css
www.auskunft.de/assets/bundles/ 332 KB
61 KB 18ms
17ms Stylesheet
text/css 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main.6e791fbc76443f35145a.css

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

bc474c535f684c34bb25cc55c44cfd62eb3cbc8070e043938176cf1043ca70a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:24 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 09:43:25 GMT
server: nginx
etag: W/"5d8dd9bd-53133"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 30 Oct 2019 19:43:24 GMT

GET
H2 200 yieldlove-bidder.js Show response
cdn-a.yieldlove.com/ 264 KB
81 KB 37ms
15ms Script
application/javascript 143.204.214.67
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.67 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-67.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 7ee59035df5ccb94ff08da4562ec55e192603feaeec8bb66c42c599c27900627

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 18:57:34 GMT
content-encoding: gzip
age: 2749
status: 200
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: y_R7V_qa8X7d9xYQwdLNHShotcuhNH3Lcvfs3e589Wr3Wg_6tippYQ==
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 44 KB
14 KB 106ms
39ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e47358938ed88ccbc57820d6e6bcfe6f83f11d5bc7649a21fe9a743f02442bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "295 / 945 of 1000 / last-modified: 1569859548"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14311
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:24 GMT

GET
H2 200 auskunft_de_logo.webp
www.auskunft.de/img/ 1 KB
1 KB 26ms
25ms Image
image/webp 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:24 GMT
last-modified: Fri, 21 Jul 2017 08:52:49 GMT
server: nginx
etag: "5971c0e1-4ee"
strict-transport-security: max-age=2592000
content-type: image/webp
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1262
expires: Wed, 30 Oct 2019 19:43:24 GMT

GET
H2 200 jquery.min.js Show response
www.auskunft.de/assets/static/ 86 KB
35 KB 17ms
16ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/static/jquery.min.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:24 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 09:43:25 GMT
server: nginx
etag: W/"5d8dd9bd-15851"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 30 Oct 2019 19:43:24 GMT

GET
H2 200 main.a5ffcc249b448f21a8e4.js Show response
www.auskunft.de/assets/bundles/ 92 KB
35 KB 15ms
15ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

49ea213d385910b82b142d6ca89c165f9780c1e25e14c4bc8171dbd19bbaf03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:24 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 09:43:25 GMT
server: nginx
etag: W/"5d8dd9bd-17060"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 30 Oct 2019 19:43:24 GMT

GET
H2 200 arj Show response
yieldlove-d.openx.net/w/1.0/ 4 KB
5 KB 239ms
237ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&jr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=b3d71faa-73e7-419e-90ac-98fe448c80f6%2Cac899b6b-8fe7-4653-85e3-8e11e3e32afb&nocache=1569872604913&aus=300x250%7C728x90&divIds=%252F53015287%252Fauskunft.de_d_300x250_1%2C%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797124%2C540797111&
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: bd0b882289f1ba0dd4333243ad4a64b4f188a9e264dff5452bc773f09f5f4cc6

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 19:43:25 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.auskunft.de
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 4408
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 638 B
1 KB 339ms
183ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=392699&v=7.2&r=%7B%22id%22%3A%22465e59f7c0fd23%22%2C%22imp%22%3A%5B%7B%22id%22%3A%225c4e0e3eb7c9d9%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%7D%2C%7B%22id%22%3A%226ff7b1ebcfc653%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a6dc61cd94ac4edd0069b23a84db7f28a7c360c45ad279959f17627efdba0d60

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Sep 2019 19:43:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 470
Expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 237 B
2 KB 148ms
69ms XHR
application/json 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348702&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&tk_flint=pbjs_lite_v2.24.0&x_source.tid=b3d71faa-73e7-419e-90ac-98fe448c80f6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8485266750278913
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f12c2035731f2f440095763a0442e4cbee320cf1187b5c31f57485bd5adbb3bb

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Sep 2019 19:43:25 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=43
Content-Length: 237
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 236 B
2 KB 273ms
184ms XHR
application/json 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348688&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&tk_flint=pbjs_lite_v2.24.0&x_source.tid=ac899b6b-8fe7-4653-85e3-8e11e3e32afb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1465455505797686
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 38ff8091c58930cb17175256ecbccb083c13283633f025ad64c60a85c45dcd71

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Sep 2019 19:43:25 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=272
Content-Length: 236
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 541ms
293ms XHR
application/json 185.86.138.79
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Sep 2019 19:43:24 GMT
X-SMRT-D: 4%3b25%3b75
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 528ms
160ms XHR
application/json 185.86.138.79
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Sep 2019 19:43:25 GMT
X-SMRT-D: 4%3b9%3b47
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 255 B
1 KB 89ms
39ms XHR
application/json 185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0489a9c3d6b5530e345178630c38af11d611723187a3a74837e4939e982cfbba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Sep 2019 19:43:26 GMT
X-Proxy-Origin: 89.249.64.196; 89.249.64.196; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid: 97c8784b-53dd-4027-83be-e72279b790ee
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.auskunft.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 255
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4646
date: Mon, 30 Sep 2019 18:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 30 Sep 2019 20:25:58 GMT

GET
H2 200 background
www.auskunft.de/ 164 KB
164 KB 26ms
26ms Image
image/jpeg 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.auskunft.de/background

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0698405bd8a5983afbf3542111e84c7daeeda227c254d6d1031fa3a3009c7a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 19:43:24 GMT
server: nginx
strict-transport-security: max-age=2592000
content-type: image/jpeg
status: 200
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a2c35de4389fa7e5c99461e89f7b9f6ea18701cd5bd4ff425ad4a70daa61d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 auskunft.52a08a88453921abda3fac6930b20ccd.woff2
www.auskunft.de/assets/bundles/ 13 KB
13 KB 16ms
16ms Font
application/octet-stream 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/auskunft.52a08a88453921abda3fac6930b20ccd.woff2

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

8b8387f49828cc88bae916ee99f4e2a8cf97782645940cf408bd2c7943784b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.auskunft.de/assets/bundles/main.6e791fbc76443f35145a.css
Origin: https://www.auskunft.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:24 GMT
last-modified: Fri, 27 Sep 2019 09:43:25 GMT
server: nginx
etag: "5d8dd9bd-335c"
strict-transport-security: max-age=2592000
content-type: application/octet-stream
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13148
expires: Wed, 30 Oct 2019 19:43:24 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1037375609&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1988469688&_gid=420085785.1569872605&gjid=309752242&_v=j79&z=1702173096

35 B
102 B

26ms
14ms

Image
image/gif

2a00:1450:400c:c0c::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1988469688&_gid=420085785.1569872605&gjid=309752242&_v=j79&z=1702173096

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 Sep 2019 19:43:25 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Sep 2019 19:43:25 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1988469688&_gid=420085785.1569872605&gjid=309752242&_v=j79&z=1702173096
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 34 KB
11 KB 224ms
61ms Script
application/javascript 91.215.100.39
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script4.ioam.de
Software: nginx / BLACKBIRD-SRC v0.10 000d
Resource Hash: 155ed1c6f1fe13ac5c7a9e86a5f0a677b91eb227ab242d1490dd677d9f14cc8f

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 19:43:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Sep 2019 19:43:25 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.10 000d
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 30 Sep 2019 21:43:25 GMT

GET
H2 200 vendors~app.5dadbffd24878eaa2672.js Show response
www.auskunft.de/assets/bundles/ 42 KB
16 KB 13ms
12ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/vendors~app.5dadbffd24878eaa2672.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

9510eeed248c028151703400aff73bb224892eba4d3bf27306d1e448b84e71ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 09:43:25 GMT
server: nginx
etag: W/"5d8dd9bd-a8be"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 30 Oct 2019 19:43:25 GMT

GET
H2 200 app.aa45d96f51fcc5a715ec.js Show response
www.auskunft.de/assets/bundles/ 47 KB
15 KB 15ms
14ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/app.aa45d96f51fcc5a715ec.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

024ef2c11a940963d0b67c31b3b4fa17c6ad752b3207816af03743672ba6163a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 09:43:25 GMT
server: nginx
etag: W/"5d8dd9bd-bb97"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 30 Oct 2019 19:43:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 22ms
20ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ 158 KB
58 KB 78ms
76ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

35aefd2d1de0b25d9a5640cf3129dfc507a3c417a7da34f4bb6f9b4a79e19484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59149
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 searchbar-handle-sort.d8cfdeddddc61e006bd4.js Show response
www.auskunft.de/assets/bundles/ 963 B
817 B 12ms
10ms Script
application/javascript 195.201.46.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.auskunft.de/assets/bundles/searchbar-handle-sort.d8cfdeddddc61e006bd4.js

Requested by

Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.a5ffcc249b448f21a8e4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.46.201.195.clients.your-server.de

Software

nginx /

Resource Hash

4d1fbe218f21ccf7853376fe4bb57c16bf3acfd78b1954c32d5e41e7c8a4c74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.auskunft.de/?rt=y&utm_source=zp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 09:43:25 GMT
server: nginx
etag: W/"5d8dd9bd-3c3"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000
expires: Wed, 30 Oct 2019 19:43:25 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 391ms
390ms XHR
text/plain 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=168103542221746&correlator=3353773648588889&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&eid=21064549&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=yieldlove_scenario%3Ddefault%26yieldlove_scenario_pid%3Dpid%253A19965.default%26yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1569872605&dt=1569872605316&dlt=1569872604827&idt=463&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=728&adks=3358614790&ucis=1&ifi=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&ref=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect%3Fvisitid%3D8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&dssz=23&icsg=195263&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=404538862.1569872605&ga_sid=1569872605&ga_hid=1037375609&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e98c0ba2c6ac5ed8cfccc350e1528c0ded1d2b9a9bd62eb37261de9fa53b2e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2229
x-xss-protection: 0
google-lineitem-id: 5111110714
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138275073032
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
24 KB 44ms
44ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

35c073a53df4dd054afab9758b90a88846802754ff15fc3b31cc9af133c8a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24721
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 19ms
6ms Other
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.8e797ee1-...
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.8e797ee1-...

0
694 B

51ms
51ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000d&i2=000d712480630f7865d925add&ep=1600655864&vr=415&id=sxnjyl&i3=000d712480630f7865d925add%3A1599853405369%3A1569872605369%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569872605369&n1=4&dntt=0&lt=1569872605371&ev=&cs=3jvwfq&mo=1&sr=71
Requested by: Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.05.0 001f
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 19:43:25 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.05.0 001f
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 30 Sep 2019 19:43:25 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.05.0 001f
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 30 Sep 2019 19:43:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usa.odysseus-nua.com&r2=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirect.visitid.8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=000d&i2=000d712480630f7865d925add&ep=1600655864&vr=415&id=sxnjyl&i3=000d712480630f7865d925add%3A1599853405369%3A1569872605369%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1569872605369&n1=4&dntt=0&lt=1569872605371&ev=&cs=3jvwfq&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sun, 30 Sep 2018 19:43:25 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame C3B9 0
274 B 58ms
57ms Fetch
image/gif 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQyYLEVVWDftqa3mczvMwhDy_zTFdFxk3BDlJx--B_aINSdU54gz2qlpcn07VAXxPJJQq2tSnFVumxFRGfOCraXNQVcWihqFaDF1GxAc1D-_-ODDRbE9fMMsZTtUoVCwotV7yKCC0GWfYjB_wqiQhGY8NZwFL_8X6DsSseXmpjxw0cc76VxKESHDzIAYP8u_vlWzdjHNPe9P43XvYpYAH4-nIMHalMhviThA4dPgxZp5Ku3B3p7-ohzse2IyU4AFOV8RH5ZBgskFmetXSDFbNbq9Q&sai=AMfl-YQrnj0BE5QXU5DAhxFWXlKdIW5Bjh2tpJzAq00CtPzkxQbQOmczZfdWEkro0DQjhWJ78J6utv72W6PREf8qxhXaFnzuwuXCGUuCamZF&sig=Cg0ArKJSzOpADwKGxBpVEAE&urlfix=1&adurl=

Requested by

Host: usa.odysseus-nua.com
URL: http://usa.odysseus-nua.com/zcvisitor/8e797ee1-e3ba-11e9-9f0b-0acf0acb6c76?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Sep 2019 19:43:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C3B9 44 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e47358938ed88ccbc57820d6e6bcfe6f83f11d5bc7649a21fe9a743f02442bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "295 / 658 of 1000 / last-modified: 1569859548"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14311
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3B9 78 KB
29 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

40c4598498d723f4f7406649ed88cba3ae85afbbb863e97b2723174e22b2381a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569582964828766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29649
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
28 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d23b76d0502f01f486b0025cdb942713385d66f4775fc86af7166da3c26313c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569582964828766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29086
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 pubads_impl_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C3B9 158 KB
58 KB 40ms
40ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

35aefd2d1de0b25d9a5640cf3129dfc507a3c417a7da34f4bb6f9b4a79e19484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59149
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame C3B9 113 B
178 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C3B9 12 KB
7 KB 332ms
327ms XHR
text/plain 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3246873726029818&correlator=3180401314227498&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062819%2C21064687&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu=%2F53015287%2Fauskunft.de_d_728x90_1_dc&sz=728x90&eri=2&cookie=ID%3D30c26475f1f4d589%3AT%3D1569872605%3AS%3DALNI_MauDsfdNWbn_-2EjC3UhNYnhWqk7w&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1569872605&dt=1569872605921&dlt=1569872605755&idt=159&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=728&adk=3040953405&uci=4jwtppsqligv&ifi=1&ifk=2918664091&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=404538862.1569872605&ga_sid=1569872606&ga_hid=1722809198&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

92210dd20a4ed1139a20c613c2fe87a1e27bb5df2ef43e87ea73c884d1e523dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7255
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.auskunft.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C3B9 63 KB
24 KB 270ms
265ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

35c073a53df4dd054afab9758b90a88846802754ff15fc3b31cc9af133c8a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24721
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:25 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame C3B9 0
0 10ms
5ms Other
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C3B9 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca45fbb2ce7a475289c321f505577a1caeec0850ed1eb3f45958ee5aaaae944

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 7F45 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Mon, 30 Sep 2019 09:31:37 GMT
expires: Tue, 29 Sep 2020 09:31:37 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 36709
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3B9 77 KB
29 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d23b76d0502f01f486b0025cdb942713385d66f4775fc86af7166da3c26313c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 19:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569582964828766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29086
x-xss-protection: 0
expires: Mon, 30 Sep 2019 19:43:26 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C3B9 42 B
116 B 59ms
58ms Image
image/gif 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoYSDQbsi81o0B8F-7iBKu6CDzA3b2Lfhqy9kCwIFcC2AAmMdKCXtHaO60sTPS8v9FfL4u0WhhP7QB_Ld_dIcULrEZrVo-_PbewYXOI6U&sig=Cg0ArKJSzFJFyrvKJZaxEAE&adk=3358614790&tt=-1&bs=1585%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=728,429,818,1157&cm=1&mcvt=1012&rs=0&ht=0&tfs=114&tls=1126&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1569872605757&dlt=0&rpt=215&isd=0&msd=0&xdi=0&ps=1585%2C1813&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-12-7-11-11-0-0-0&tvt=1121&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&r=v&id=osdim&vs=4&za&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 19:43:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2211 0
0 73ms
24ms Document
text/html 151.101.113.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 30 Sep 2019 19:43:29 GMT
Age: 4788093
Connection: keep-alive
X-Served-By: cache-jfk8123-JFK, cache-hhn4035-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 1180743
X-Timer: S1569872609.013210,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 28E3 0
0 66ms
24ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 27 Sep 2019 17:49:20 GMT
Content-Encoding: gzip
Content-Length: 7688
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=53726
Expires: Tue, 01 Oct 2019 10:38:55 GMT
Date: Mon, 30 Sep 2019 19:43:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 925A
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1

0
0

49ms
49ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
accept-encoding: gzip, deflate, br
cookie: i=cf19b3bf-5bff-094a-058a-48b71732c332|1569872608
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

status: 200
vary: Accept
set-cookie: i=cf19b3bf-5bff-094a-058a-48b71732c332|1569872608; Version=1; Expires=Tue, 29-Sep-2020 19:43:29 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1569872609|mOgikimWiygu; Version=1; Expires=Tue, 15-Oct-2019 19:43:29 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 30 Sep 2019 19:43:29 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=cf19b3bf-5bff-094a-058a-48b71732c332|1569872608; Version=1; Expires=Tue, 29-Sep-2020 19:43:28 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
date: Mon, 30 Sep 2019 19:43:28 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1037375609&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp&dr=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcredirec...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1096409&_gid=420085785.1569872605&gjid=1437258569&_v=j79&z=26191769

35 B
102 B

14ms
14ms

Image
image/gif

2a00:1450:400c:c0c::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1096409&_gid=420085785.1569872605&gjid=1437258569&_v=j79&z=26191769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 Sep 2019 19:43:34 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Sep 2019 19:43:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=404538862.1569872605&jid=1096409&_gid=420085785.1569872605&gjid=1437258569&_v=j79&z=26191769
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 413
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.auskunft.de/	1969-12-31 23:59:59	Name: session_id Value: a5433651-a7a6-4168-a4f2-b684e2b08cc9
.auskunft.de/	1970-01-19 04:05:59	Name: _gid Value: GA1.2.420085785.1569872605
.auskunft.de/	1970-01-19 12:24:13	Name: ioam2018 Value: 000d712480630f7865d925add:1599853405369:1569872605369:.auskunft.de:2:auskunft:auskunft_startseite:noevent:1569872605369:5un2cu
.auskunft.de/	1970-01-19 21:35:44	Name: _ga Value: GA1.2.404538862.1569872605
.auskunft.de/	1970-01-19 04:04:32	Name: _gat Value: 1
www.auskunft.de/	1969-12-31 23:59:59	Name: AUSKUNFT_SESSION Value: lr05itebo16bj597pj4ln907mq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
as-sec.casalemedia.com
cdn-a.yieldlove.com
de.ioam.de
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
gmai.com
ib.adnxs.com
pagead2.googlesyndication.com
prg.smartadserver.com
script.ioam.de
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
usa.odysseus-nua.com
www.auskunft.de
www.google-analytics.com
www.googletagservices.com
yieldlove-d.openx.net
104.109.78.125
143.204.214.67
151.101.113.108
172.217.16.194
185.33.223.197
185.86.138.79
195.201.46.48
2.18.234.21
2a00:1450:4001:814::2002
2a00:1450:4001:815::200e
2a00:1450:4001:817::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:821::2002
2a00:1450:400c:c0c::9a
34.193.227.251
34.95.120.147
46.166.182.52
69.173.144.143
91.215.100.39
91.215.103.65
024ef2c11a940963d0b67c31b3b4fa17c6ad752b3207816af03743672ba6163a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0489a9c3d6b5530e345178630c38af11d611723187a3a74837e4939e982cfbba
0698405bd8a5983afbf3542111e84c7daeeda227c254d6d1031fa3a3009c7a68
078b66ec79c37f797f8a44f6e819803764ac647fe108efa79a6133d3445d9bc2
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
155ed1c6f1fe13ac5c7a9e86a5f0a677b91eb227ab242d1490dd677d9f14cc8f
1a6727988741617d17e2d52468f3240d3f164d6776aa35d1e2c31cbbf506bdd8
35aefd2d1de0b25d9a5640cf3129dfc507a3c417a7da34f4bb6f9b4a79e19484
35c073a53df4dd054afab9758b90a88846802754ff15fc3b31cc9af133c8a401
38ff8091c58930cb17175256ecbccb083c13283633f025ad64c60a85c45dcd71
40c4598498d723f4f7406649ed88cba3ae85afbbb863e97b2723174e22b2381a
49ea213d385910b82b142d6ca89c165f9780c1e25e14c4bc8171dbd19bbaf03b
4d1fbe218f21ccf7853376fe4bb57c16bf3acfd78b1954c32d5e41e7c8a4c74d
7ee59035df5ccb94ff08da4562ec55e192603feaeec8bb66c42c599c27900627
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b8387f49828cc88bae916ee99f4e2a8cf97782645940cf408bd2c7943784b28
92210dd20a4ed1139a20c613c2fe87a1e27bb5df2ef43e87ea73c884d1e523dc
9510eeed248c028151703400aff73bb224892eba4d3bf27306d1e448b84e71ac
98a2c35de4389fa7e5c99461e89f7b9f6ea18701cd5bd4ff425ad4a70daa61d2
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
a6dc61cd94ac4edd0069b23a84db7f28a7c360c45ad279959f17627efdba0d60
bc474c535f684c34bb25cc55c44cfd62eb3cbc8070e043938176cf1043ca70a1
bd0b882289f1ba0dd4333243ad4a64b4f188a9e264dff5452bc773f09f5f4cc6
d23b76d0502f01f486b0025cdb942713385d66f4775fc86af7166da3c26313c1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47358938ed88ccbc57820d6e6bcfe6f83f11d5bc7649a21fe9a743f02442bd9
e98c0ba2c6ac5ed8cfccc350e1528c0ded1d2b9a9bd62eb37261de9fa53b2e96
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eca45fbb2ce7a475289c321f505577a1caeec0850ed1eb3f45958ee5aaaae944
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12c2035731f2f440095763a0442e4cbee320cf1187b5c31f57485bd5adbb3bb

www.auskunft.de Open in urlscan Pro 195.201.46.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

30 %IPv6

16 Domains

22 Subdomains

20 IPs

6 Countries

768 kBTransfer

1932 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.auskunft.de Open in urlscan Pro
195.201.46.48 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

30 %
IPv6

16
Domains

22
Subdomains

20
IPs

6
Countries

768 kB
Transfer

1932 kB
Size

6
Cookies

47 HTTP transactions
2 data transactions