Submitted URL: http://deduction.it/
Effective URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d...
Submission: On May 23 via manual from US

Summary

This website contacted 32 IPs in 9 countries across 24 domains to perform 96 HTTP transactions. The main IP is 195.201.46.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.auskunft.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 12th 2019. Valid for: 2 years.
This is the only time www.auskunft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 209.15.13.134 13768 (COGECO-PEER1)
1 2 209.15.13.136 13768 (COGECO-PEER1)
2 100.24.94.176 14618 (AMAZON-AES)
16 195.201.46.48 24940 (HETZNER-AS)
1 13.225.87.83 16509 (AMAZON-02)
11 172.217.22.66 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 91.215.100.39 43407 (INFONLINE-AS)
2 217.114.212.216 31103 (KEYWEB-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2.18.234.21 16625 (AKAMAI-AS)
1 37.157.4.25 198622 (ADFORM)
2 104.16.68.69 13335 (CLOUDFLAR...)
1 37.252.173.27 29990 (ASN-APPNEX)
1 35.158.66.58 16509 (AMAZON-02)
2 69.173.144.141 26667 (RUBICONPR...)
1 185.86.139.19 201081 (SMARTADSE...)
1 3 34.95.120.147 15169 (GOOGLE)
1 2 91.215.103.65 43407 (INFONLINE-AS)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 104.111.215.171 16625 (AKAMAI-AS)
3 52.58.42.46 16509 (AMAZON-02)
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:204... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.149.239 16509 (AMAZON-02)
1 2600:9000:204... 16509 (AMAZON-02)
1 52.58.57.245 16509 (AMAZON-02)
1 2.18.232.130 16625 (AKAMAI-AS)
1 104.111.230.142 16625 (AKAMAI-AS)
96 32
Apex Domain
Subdomains
Transfer
21 googlesyndication.com
adbdeaa93b3ebc315bd1afe56e76f49c.safeframe.googlesyndication.com
tpc.googlesyndication.com
c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com
pagead2.googlesyndication.com
a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com
34 KB
18 auskunft.de
www.auskunft.de
tracker.auskunft.de
418 KB
13 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
314 KB
7 googletagservices.com
www.googletagservices.com
166 KB
5 adscale.de
hb.adscale.de
js.adscale.de
ih.adscale.de
6 KB
3 userreport.com
nugmw.userreport.com
sak.userreport.com
tag.userreport.com
22 KB
3 openx.net
yieldlove-d.openx.net
eu-u.openx.net
1 KB
3 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
3 KB
3 google.de
adservice.google.de
667 B
3 ioam.de
script.ioam.de
de.ioam.de
11 KB
3 google-analytics.com
www.google-analytics.com
18 KB
2 adnxs.com
ib.adnxs.com
acdn.adnxs.com
711 B
2 districtm.io
dmx.districtm.io
cdn.districtm.io
425 B
2 casalemedia.com
as-sec.casalemedia.com
2 KB
2 khurshid-sus.com
usd.khurshid-sus.com
3 KB
2 dprtb.com
dprtb.com
3 KB
1 yieldlove-ad-serving.net
api.yieldlove-ad-serving.net
207 B
1 gstatic.com
csi.gstatic.com
361 B
1 nuggad.net
si.nuggad.net
511 B
1 smartadserver.com
prg.smartadserver.com
1 KB
1 adform.net
adx.adform.net
449 B
1 google.com
adservice.google.com
316 B
1 yieldlove.com
cdn-a.yieldlove.com
88 KB
1 deduction.it
deduction.it
545 B
96 24
Domain Requested by
16 www.auskunft.de usd.khurshid-sus.com
www.auskunft.de
11 securepubads.g.doubleclick.net www.auskunft.de
securepubads.g.doubleclick.net
dprtb.com
www.googletagservices.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.auskunft.de
7 www.googletagservices.com securepubads.g.doubleclick.net
3 ih.adscale.de js.adscale.de
www.auskunft.de
3 adservice.google.de securepubads.g.doubleclick.net
www.googletagservices.com
3 www.google-analytics.com 2 redirects www.auskunft.de
2 eu-u.openx.net 1 redirects cdn-a.yieldlove.com
2 a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 de.ioam.de 1 redirects www.auskunft.de
2 fastlane.rubiconproject.com cdn-a.yieldlove.com
2 as-sec.casalemedia.com cdn-a.yieldlove.com
2 stats.g.doubleclick.net www.auskunft.de
2 tracker.auskunft.de www.auskunft.de
2 usd.khurshid-sus.com dprtb.com
usd.khurshid-sus.com
2 dprtb.com 1 redirects
1 eus.rubiconproject.com cdn-a.yieldlove.com
1 cdn.districtm.io cdn-a.yieldlove.com
1 acdn.adnxs.com cdn-a.yieldlove.com
1 api.yieldlove-ad-serving.net cdn-a.yieldlove.com
1 tag.userreport.com sak.userreport.com
1 sak.userreport.com nugmw.userreport.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 nugmw.userreport.com www.auskunft.de
1 si.nuggad.net 1 redirects
1 js.adscale.de cdn-a.yieldlove.com
1 adbdeaa93b3ebc315bd1afe56e76f49c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 yieldlove-d.openx.net cdn-a.yieldlove.com
1 prg.smartadserver.com cdn-a.yieldlove.com
1 hb.adscale.de cdn-a.yieldlove.com
1 ib.adnxs.com cdn-a.yieldlove.com
1 dmx.districtm.io cdn-a.yieldlove.com
1 adx.adform.net cdn-a.yieldlove.com
1 adservice.google.com securepubads.g.doubleclick.net
1 script.ioam.de www.auskunft.de
1 cdn-a.yieldlove.com www.auskunft.de
1 deduction.it 1 redirects
96 39

This site contains links to these domains. Also see Links.

Domain
www.alpha9marketing.com
Subject Issuer Validity Valid
*.auskunft.de
Sectigo RSA Domain Validation Secure Server CA
2019-09-12 -
2021-09-11
2 years crt.sh
cdn-a.yieldlove.com
Amazon
2019-10-02 -
2020-11-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.ioam.de
COMODO RSA Organization Validation Secure Server CA
2017-12-22 -
2020-12-21
3 years crt.sh
tracker.auskunft.de
cPanel, Inc. Certification Authority
2020-05-13 -
2020-08-11
3 months crt.sh
*.google.de
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.google.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2
2020-02-25 -
2020-10-09
7 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.adscale.de
Amazon
2019-07-03 -
2020-08-03
a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.smartadserver.com
DigiCert Global CA G2
2020-02-03 -
2022-02-03
2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA
2019-07-29 -
2020-10-27
a year crt.sh
*.userreport.com
RapidSSL RSA CA 2018
2019-01-10 -
2021-03-10
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
yieldlove-ad-serving.net
Amazon
2019-11-19 -
2020-12-19
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2020-01-02 -
2021-04-02
a year crt.sh

This page contains 14 frames:

Primary Page: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Frame ID: B741E3522E1A907546C7087386A32EA9
Requests: 56 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1
Frame ID: 10FB666B30F870F4564E411BCBE5427E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukkEhlj7wB_MmeVY--K7lYUSb76_ntKSYlA4ldTL9i0U98Zso8ozn2z8eRtXb-SslBvuCrXsLqZFdVeDKzOwZxcPwmMslmaEqNCr05GAUCKND7-8dmHrAVvjDoxs7mMKWGTTlr_3AQ77nA4yciLIpGRJkEYSKHR7t--AF5Vjk4iyYZKtXVcPc1cLxELlvsnELYVnIubtP7pC69fHI8ycxNKlPJDE76JnQm_xf_J38bILAS3VXNYGyHPSx-XM7S2gqp8S3zaI9kikvYUcWWSxKnCGU&sai=AMfl-YS6Li2VpcCKylo_jW7JoU4a6d7mjLh9T_ZcTUJWtgj911XkA8T5tnaNl1sQUfO9mlhZ3xzcxoF2OrO30YYkAQcKe1qVOCRo8FjQ65MG&sig=Cg0ArKJSzFbYtuM23vd2EAE&urlfix=1&adurl=
Frame ID: 40234CB1A3356BB947650B5FE7474F3F
Requests: 18 HTTP requests in this frame

Frame: https://c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: E314B2CDAC95C2FDFFE375F0E59542F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 50E3235E996960D5C58C783DE0164F32
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A5B6A88F88A3BC2E8635CB44895B7DB2
Requests: 1 HTTP requests in this frame

Frame: https://tag.userreport.com/server.html
Frame ID: D3A673114B63861E78FB4E825C316B2F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpDh5Ma8tcdRDMCsGwgIcoqBUExiZg7tcJVcb5n-ogx_b1wnno95foXejEXfz0idQlnzBZtuRnBYmFU7-pOIWnVUGUL9lVJe03M9vqzo_q2MlbuVj9KFfBZOCvYpKkigBmrspXraMupu6Ubt6wSZRLKPBFURJ3HypaXQ8hSOiRwe9O7KJRYAFvBpU7FmlYHHbEzrBW1OEIsuUStZAq0z25JvcVZubi-WyWgBT9VJWD_bsBSWB7ZjhG0kOwCs_yL0VKK-fjFqupFSEMNPdtvg4BAHg&sig=Cg0ArKJSzJAtXvxewuqNEAE&urlfix=1&adurl=
Frame ID: 81A03570EF962BA1870B3E3C148B4774
Requests: 14 HTTP requests in this frame

Frame: https://a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 73AD5A93C9AEA31AF96409449413EC5A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 5A84059DBD21FE8A95E94492F3ED750E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 51B4799CFC1DF71668E888A86ABD5AFC
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Frame ID: 9450DA0F38C002F509E4A1BFF4568223
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 898DC8776F3B8D9EF55FBDDDA0D285F0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 06F9EA8F6EC13B4EE2EAF7983171C349
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://deduction.it/ HTTP 302
    http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4R... Page URL
  2. http://dprtb.com/Redirect/ HTTP 302
    http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7... Page URL
  3. http://usd.khurshid-sus.com/zcredirect?visitid=e83fb1d1-9c95-11ea-956a-129887c57937&type=js&browserWidth... Page URL
  4. https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a937... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

96
Requests

94 %
HTTPS

30 %
IPv6

24
Domains

39
Subdomains

32
IPs

9
Countries

1092 kB
Transfer

2489 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://deduction.it/ HTTP 302
    http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa Page URL
  2. http://dprtb.com/Redirect/ HTTP 302
    http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958 Page URL
  3. http://usd.khurshid-sus.com/zcredirect?visitid=e83fb1d1-9c95-11ea-956a-129887c57937&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://deduction.it/ HTTP 302
  • http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa
Request Chain 1
  • http://dprtb.com/Redirect/ HTTP 302
  • http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Request Chain 19
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=490209165&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&dr=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=939421039&gjid=1586459368&cid=1113055395.1590197826&tid=UA-77541742-2&_gid=434711996.1590197826&_r=1&z=1250364308 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=939421039&_gid=434711996.1590197826&gjid=1586459368&_v=j82&z=1250364308
Request Chain 35
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.khurshid-sus.com&r2=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect.visitid.e83fb1d1-9c95-11ea-956a-129887c57937.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0012&i2=0012f2e5b015507b35ec87e42&ep=1615404929&vr=416&id=sxnjyl&i3=0012f2e5b015507b35ec87e42%3A1616981826566%3A1590197826566%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1590197826566&n1=4&dntt=0&lt=1590197826569&ev=&cs=8esns6&mo=1 HTTP 302
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.khurshid-sus.com&r2=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect.visitid.e83fb1d1-9c95-11ea-956a-129887c57937.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0012&i2=0012f2e5b015507b35ec87e42&ep=1615404929&vr=416&id=sxnjyl&i3=0012f2e5b015507b35ec87e42%3A1616981826566%3A1590197826566%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1590197826566&n1=4&dntt=0&lt=1590197826569&ev=&cs=8esns6&mo=1&sr=71
Request Chain 46
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
  • https://nugmw.userreport.com/rc-ap/3114a7cc-29b7-4544-a7a4-65c9debe7db4/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Request Chain 94
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Request Chain 97
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=490209165&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&dr=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nobounce&ea=10%20seconds&_u=aEBAAEAB~&jid=2099250562&gjid=1969529413&cid=1113055395.1590197826&tid=UA-77541742-2&_gid=434711996.1590197826&_r=1&z=164289711 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=2099250562&_gid=434711996.1590197826&gjid=1969529413&_v=j82&z=164289711

96 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set click
dprtb.com/
Redirect Chain
  • http://deduction.it/
  • http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN...
5 KB
2 KB
Document
General
Full URL
http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b38144d6415a4df24e7a0aafcf87f1650b2850c6b255bee8211b12fbdb2fb287

Request headers

Host
dprtb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Set-Cookie
JUgFEuIdMROyDyU=JUgFEuIdMROyDyU; path=/
X-Server
web02
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Sat, 23 May 2020 01:37:04 GMT
Content-Length
2119

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web02
Date
Sat, 23 May 2020 01:37:04 GMT
Connection
close
Content-Length
392
e83fb1d1-9c95-11ea-956a-129887c57937
usd.khurshid-sus.com/zcvisitor/
Redirect Chain
  • http://dprtb.com/Redirect/
  • http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
1010 B
2 KB
Document
General
Full URL
http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Requested by
Host: dprtb.com
URL: http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa
Protocol
HTTP/1.1
Server
100.24.94.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-94-176.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.khurshid-sus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://dprtb.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa

Response headers

Date
Sat, 23 May 2020 01:37:05 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web02
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Sat, 23 May 2020 01:37:04 GMT
Content-Length
239
zcredirect
usd.khurshid-sus.com/
880 B
2 KB
Document
General
Full URL
http://usd.khurshid-sus.com/zcredirect?visitid=e83fb1d1-9c95-11ea-956a-129887c57937&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: usd.khurshid-sus.com
URL: http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Protocol
HTTP/1.1
Server
100.24.94.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-94-176.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
9ec1d53c996d23c5c75198606cc5845b4a22398f07e150a8260220bdcc11326c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.khurshid-sus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://usd.khurshid-sus.com/zcvisitor/e83fb1d1-9c95-11ea-956a-129887c57937?campaignid=f6228670-4b89-11e7-b1d2-0eda985eb958

Response headers

Date
Sat, 23 May 2020 01:37:05 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request /
www.auskunft.de/
29 KB
11 KB
Document
General
Full URL
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Requested by
Host: usd.khurshid-sus.com
URL: http://usd.khurshid-sus.com/zcredirect?visitid=e83fb1d1-9c95-11ea-956a-129887c57937&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
d47b1bcaae1267b4d9762e3132b3a635f25b6c6d076b785ff962472b3b7be4cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
www.auskunft.de
:scheme
https
:path
/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://usd.khurshid-sus.com/zcredirect?visitid=e83fb1d1-9c95-11ea-956a-129887c57937&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://usd.khurshid-sus.com/zcredirect?visitid=e83fb1d1-9c95-11ea-956a-129887c57937&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status
200
server
nginx
date
Sat, 23 May 2020 01:37:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
AUSKUNFT_SESSION=9brn4nr454v8jr24jj52ttticv; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=2592000
content-encoding
gzip
main-index.abae26c4bb3805eee151.css
www.auskunft.de/assets/bundles/
32 KB
9 KB
Stylesheet
General
Full URL
https://www.auskunft.de/assets/bundles/main-index.abae26c4bb3805eee151.css
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
62b5bdbb7d0bd0d6f7d8109502050a2fb47e1a52ecd2427064ca3fe5505ceac3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-8048"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
yieldlove-bidder.js
cdn-a.yieldlove.com/
287 KB
88 KB
Script
General
Full URL
https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-83.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
235a514df8e69f9aa1ce152f19f439547c79af4900c262f94b830257a48e688d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 00:18:26 GMT
content-encoding
gzip
age
4719
status
200
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
v8-FyEskngQnXVUd2V_qN2hd07rKKzhvgK8UzwpELzjOs-eJBXaS-A==
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/
43 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
70484d6450dacdea0cc8d8461da8765c8b212eb25e323d7f5cc82e63dbc6fc77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"523 / 288 of 1000 / last-modified: 1590083614"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14368
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:06 GMT
cbanner-desktop.webp
www.auskunft.de/img/corona-info/
17 KB
17 KB
Image
General
Full URL
https://www.auskunft.de/img/corona-info/cbanner-desktop.webp
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
0338af95f906ea8b5df98f2a3feeb022d52089e71c4cf64b9548b5e8ab65944d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
last-modified
Mon, 27 Apr 2020 08:41:33 GMT
server
nginx
etag
"5ea69abd-42d0"
strict-transport-security
max-age=2592000
content-type
image/webp
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
17104
expires
Mon, 22 Jun 2020 01:37:02 GMT
cbanner-tablet.webp
www.auskunft.de/img/corona-info/
15 KB
15 KB
Image
General
Full URL
https://www.auskunft.de/img/corona-info/cbanner-tablet.webp
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
6a23e909614977de744554ddd4ddb2eb0b7c02adf0d808e53ef8e1988633f2ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
last-modified
Mon, 27 Apr 2020 08:41:33 GMT
server
nginx
etag
"5ea69abd-3a6a"
strict-transport-security
max-age=2592000
content-type
image/webp
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
14954
expires
Mon, 22 Jun 2020 01:37:02 GMT
cbanner-mobile.webp
www.auskunft.de/img/corona-info/
10 KB
10 KB
Image
General
Full URL
https://www.auskunft.de/img/corona-info/cbanner-mobile.webp
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
282347fab2a42961ec28e38cae17ba846004b3b1f117afc0d4a609d19aa4d8c3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
last-modified
Mon, 27 Apr 2020 08:41:33 GMT
server
nginx
etag
"5ea69abd-27d0"
strict-transport-security
max-age=2592000
content-type
image/webp
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
10192
expires
Mon, 22 Jun 2020 01:37:02 GMT
auskunft_de_logo.webp
www.auskunft.de/img/
1 KB
1 KB
Image
General
Full URL
https://www.auskunft.de/img/auskunft_de_logo.webp?v=20170717
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
last-modified
Fri, 21 Jul 2017 08:52:49 GMT
server
nginx
etag
"5971c0e1-4ee"
strict-transport-security
max-age=2592000
content-type
image/webp
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1262
expires
Mon, 22 Jun 2020 01:37:02 GMT
geo-location-icon_basic.svg
www.auskunft.de/img/
1 KB
1 KB
Image
General
Full URL
https://www.auskunft.de/img/geo-location-icon_basic.svg
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:02 GMT
last-modified
Fri, 15 Nov 2019 10:29:36 GMT
server
nginx
etag
"5dce7e10-4d3"
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1235
jquery.min.js
www.auskunft.de/assets/static/
86 KB
35 KB
Script
General
Full URL
https://www.auskunft.de/assets/static/jquery.min.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-15851"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
main.57f662d7216e8a2832bc.js
www.auskunft.de/assets/bundles/
93 KB
35 KB
Script
General
Full URL
https://www.auskunft.de/assets/bundles/main.57f662d7216e8a2832bc.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a01adccc648a7b8ac8cd95b1d0307cfc1ff4eba85562c56176e3209c660165dd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-1722f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
3511
date
Sat, 23 May 2020 00:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sat, 23 May 2020 02:38:35 GMT
background
www.auskunft.de/
219 KB
219 KB
Image
General
Full URL
https://www.auskunft.de/background
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
server
nginx
strict-transport-security
max-age=2592000
content-type
image/jpeg
status
200
cache-control
public, max-age=1209600
expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
auskunft.7c525d0b8c32e8de4f5a81311c32ca04.woff2
www.auskunft.de/assets/bundles/
12 KB
12 KB
Font
General
Full URL
https://www.auskunft.de/assets/bundles/auskunft.7c525d0b8c32e8de4f5a81311c32ca04.woff2
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
240ad1a64225fcca3f17fe0ca56ac79d02ded5d25fbb4839c7d329d772c7eb70
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.auskunft.de/assets/bundles/main-index.abae26c4bb3805eee151.css
Origin
https://www.auskunft.de

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
"5ec7c60e-308c"
strict-transport-security
max-age=2592000
content-type
application/octet-stream
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
12428
expires
Mon, 22 Jun 2020 01:37:02 GMT
iam.js
script.ioam.de/
24 KB
9 KB
Script
General
Full URL
https://script.ioam.de/iam.js?m=1
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script4.ioam.de
Software
nginx / BLACKBIRD-SRC v0.13 0012
Resource Hash
30dd642852b1dd9dc346a1b8ad486cdcdc73330323e34d3b40a856c896c57fae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 01:37:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 May 2020 01:37:06 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.13 0012
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Sat, 23 May 2020 03:37:06 GMT
matomo.js
tracker.auskunft.de/
68 KB
22 KB
Script
General
Full URL
https://tracker.auskunft.de/matomo.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
ns1.alpha9marketing.net
Software
Apache /
Resource Hash
1faba3eab693d5f037455a9c6c4913d8124d5f25d11c263da38ed8ab27b23d9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
br
last-modified
Wed, 29 Apr 2020 17:05:02 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
22714
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=490209165&t=pageview&_s=1&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=939421039&_gid=434711996.1590197826&gjid=1586459368&_v=j82&z=1250364308
35 B
99 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=939421039&_gid=434711996.1590197826&gjid=1586459368&_v=j82&z=1250364308
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 May 2020 01:37:06 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=939421039&_gid=434711996.1590197826&gjid=1586459368&_v=j82&z=1250364308
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~app.97dd235570a1793be79a.js
www.auskunft.de/assets/bundles/
30 KB
12 KB
Script
General
Full URL
https://www.auskunft.de/assets/bundles/vendors~app.97dd235570a1793be79a.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.57f662d7216e8a2832bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
4928908e388105383025d5c0509ea4b568bc0790d3eda3c9b209b3b29d6ba394
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-77ce"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
app.7dff67ac17616aac64b6.js
www.auskunft.de/assets/bundles/
34 KB
11 KB
Script
General
Full URL
https://www.auskunft.de/assets/bundles/app.7dff67ac17616aac64b6.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.57f662d7216e8a2832bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
655ad60d0dea7966b9ce91ff0565ba7a745664dfb7bf285d136479069f61b8d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-8744"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
integrator.js
adservice.google.de/adsid/
109 B
320 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
316 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.auskunft.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020050602.js
securepubads.g.doubleclick.net/gpt/
243 KB
87 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 May 2020 17:23:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89224
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:06 GMT
cygnus
as-sec.casalemedia.com/
24 B
988 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=392699&v=7.2&r=%7B%22id%22%3A%221f70d0e30ad214%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2222dc134fb62cde%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223be9beec8af72d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e1a5b69c114355b5275eadacbe72bddb2e739d7d87468f4a5358a9a4de2592d0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 May 2020 01:37:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Sat, 23 May 2020 01:37:06 GMT
cygnus
as-sec.casalemedia.com/
24 B
752 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=392699&v=8.1&r=%7B%22id%22%3A%221f70d0e30ad214%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2222dc134fb62cde%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392699%22%2C%22sid%22%3A%224%22%7D%2C%22video%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A4%7D%7D%2C%7B%22id%22%3A%223be9beec8af72d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22392698%22%2C%22sid%22%3A%223%22%7D%2C%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%2C%22page%22%3A%22https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1&
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e1a5b69c114355b5275eadacbe72bddb2e739d7d87468f4a5358a9a4de2592d0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 May 2020 01:37:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Sat, 23 May 2020 01:37:06 GMT
/
adx.adform.net/adx/
5 B
449 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY4ODYyOCZ0cmFuc2FjdGlvbklkPWQ2MGU1MDA1LWUyYjctNDNhNC1hZmE4LWFlODBhYWUyMWEyZA%3D%3D&pt=gross&stid=4c6ccf64-4f35-4730-bfdc-791f2f1a3505&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:06 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
dmx.districtm.io/b/
0
425 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.auskunft.de
access-control-allow-credentials
true
cf-ray
597b0cc0087e0bcd-AMS
access-control-allow-headers
Content-Type, Origin
cf-request-id
02e0c64c0300000bcdda8d8200000001
prebid
ib.adnxs.com/ut/v3/
19 B
711 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 May 2020 01:37:08 GMT
X-Proxy-Origin
185.220.70.68; 185.220.70.68; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.106:80
AN-X-Request-Uuid
6bd2ab22-9560-457e-994b-f6698a50c2ab
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dsh
hb.adscale.de/
248 B
480 B
XHR
General
Full URL
https://hb.adscale.de/dsh
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.66.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-66-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
17a8e014681a3887ee31964b869eaafa1447ff0dc79f5d3d0235d90f5aa76902

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
status
200
content-type
text/plain
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
fastlane.json
fastlane.rubiconproject.com/a/api/
241 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348702&size_id=15&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&tk_flint=pbjs_lite_v3.8.0&x_source.tid=376c8a16-cd3d-49e7-ac2a-b862a2894900&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2049396680129114
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
34d310591a80631a8660ca80fe1217702e342bb210eaf352a1644096fd553a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 May 2020 01:37:06 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=451
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16728&site_id=270832&zone_id=1348688&size_id=2&rf=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&tk_flint=pbjs_lite_v3.8.0&x_source.tid=d60e5005-e2b7-43a4-afa8-ae80aae21a2d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.16897902725453817
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7f6eea170145ad1bdefa415ae2a8d3e8135168c1df5ccf1c83c4b671eaf86800

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 May 2020 01:37:06 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.auskunft.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=498
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/
0
1 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.19 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:05 GMT
x-smrt-d
6%3b26%3b71
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
expires
-1
arj
yieldlove-d.openx.net/w/1.0/
4 KB
1 KB
XHR
General
Full URL
https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=376c8a16-cd3d-49e7-ac2a-b862a2894900%2Cd60e5005-e2b7-43a4-afa8-ae80aae21a2d&nocache=1590197826488&pubcid=c4045d16-4f11-440a-9912-b1d22d635685&aus=300x250%7C728x90&divIds=%252F53015287%252Fauskunft.de_d_300x250_1%2C%252F53015287%252Fauskunft.de_d_728x90_1&auid=540797124%2C540797111&
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.186.1 /
Resource Hash
9f8d45ee55d8c3053fe71fd03d0ecf8caa8adb08e9a4da274754d2d5afbb39ec

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
server
OXGW/16.186.1
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.auskunft.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
878
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.khurshid-sus.com&r2=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect.visitid.e83fb1d1-...
  • https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.khurshid-sus.com&r2=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect.visitid.e83fb1d1-...
0
694 B
Script
General
Full URL
https://de.ioam.de/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.khurshid-sus.com&r2=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect.visitid.e83fb1d1-9c95-11ea-956a-129887c57937.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0012&i2=0012f2e5b015507b35ec87e42&ep=1615404929&vr=416&id=sxnjyl&i3=0012f2e5b015507b35ec87e42%3A1616981826566%3A1590197826566%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1590197826566&n1=4&dntt=0&lt=1590197826569&ev=&cs=8esns6&mo=1&sr=71
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
de3.ioam.de
Software
nginx / BLACKBIRD-RCV v1.06.2 003e
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 01:37:06 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.06.2 003e
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Sat, 23 May 2020 01:37:06 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.06.2 003e
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Sat, 23 May 2020 01:37:06 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=auskunft&cp=auskunft_startseite&sv=ke&co=kommentar&sc=yes&pt=CP&ps=lin&er=N22&rf=usd.khurshid-sus.com&r2=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect.visitid.e83fb1d1-9c95-11ea-956a-129887c57937.type.js.browserWidth.1600.browserHeight.1200.iframeDetected.false&ur=www.auskunft.de&xy=1600x1200x24&lo=DE%2FHessen&cb=0012&i2=0012f2e5b015507b35ec87e42&ep=1615404929&vr=416&id=sxnjyl&i3=0012f2e5b015507b35ec87e42%3A1616981826566%3A1590197826566%3A.auskunft.de%3A1%3Aauskunft%3Aauskunft_startseite%3Anoevent%3A1590197826566&n1=4&dntt=0&lt=1590197826569&ev=&cs=8esns6&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Thu, 23 May 2019 01:37:06 GMT
matomo.php
tracker.auskunft.de/
43 B
109 B
Image
General
Full URL
https://tracker.auskunft.de/matomo.php?action_name=auskunft.de%20-%20Auskunft%20zu%20lokalen%20Unternehmen%20und%20Gesch%C3%A4ften&idsite=1&rec=1&r=520710&h=3&m=37&s=6&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%2Cdeduction%2Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&urlref=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&_id=f285d02caab27aab&_idts=1590197827&_idvc=1&_idn=0&_rcn=zp&_refts=1590197827&_viewts=1590197827&_ref=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&send_image=1&cookie=1&res=1600x1200&gt_ms=111&pv_id=D0dXhn&devicePixelRatio=1
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.114.212.216 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
ns1.alpha9marketing.net
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
br
server
Apache
vary
Origin,Accept-Encoding
content-type
image/gif
status
200
cache-control
no-store
content-length
47
searchbar.cf77791b5b1297563e4e.js
www.auskunft.de/assets/bundles/
9 KB
3 KB
Script
General
Full URL
https://www.auskunft.de/assets/bundles/searchbar.cf77791b5b1297563e4e.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.57f662d7216e8a2832bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
33b5c0114328f49015b0ab429040fe28172ca09ad38d855504348f82845860ed
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-2281"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
searchbar-handle-sort.7d8bd58e6c5cd91aee87.js
www.auskunft.de/assets/bundles/
892 B
764 B
Script
General
Full URL
https://www.auskunft.de/assets/bundles/searchbar-handle-sort.7d8bd58e6c5cd91aee87.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.57f662d7216e8a2832bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
91dd4fb47cdf327cde95a75ed04fccd6d724e26413a7fe86fe6f0b736970a150
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-37c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
geolocation.02405706db2b84d06871.js
www.auskunft.de/assets/bundles/
6 KB
2 KB
Script
General
Full URL
https://www.auskunft.de/assets/bundles/geolocation.02405706db2b84d06871.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/assets/bundles/main.57f662d7216e8a2832bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
b85f7174e0ee9867a330a2e481d11f59a942f0224e0e8095a737763e4129072a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 23 May 2020 01:37:02 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 12:31:10 GMT
server
nginx
etag
W/"5ec7c60e-187b"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=2592000
expires
Mon, 22 Jun 2020 01:37:02 GMT
ads
securepubads.g.doubleclick.net/gampad/
6 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=92418557188040&correlator=1372650801501054&output=ldjh&impl=fifs&adsid=NT&eid=21066225&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200523&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1590197826&dt=1590197826674&dlt=1590197826146&idt=511&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=734&adks=3358614790&ucis=1&ifi=1&u_tz=120&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&ref=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&dssz=30&icsg=12493823&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1113055395.1590197826&ga_sid=1590197827&ga_hid=490209165&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
bde840b6b0dcbf136ac4b128ec1cba56be2832be3a4f6b5d8d886d7310505ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3072
x-xss-protection
0
google-lineitem-id
5111110714
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275073032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
adbdeaa93b3ebc315bd1afe56e76f49c.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://adbdeaa93b3ebc315bd1afe56e76f49c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

userconnect.js
js.adscale.de/
14 KB
5 KB
Script
General
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.171 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-171.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
be07eda2a1384fbafc09d94064ca57bee7ca5fec7529511a32d2bb0e63fc6c18

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
CU0W6mzysE2erfWGQPOBK52neFu_JfJU
Content-Encoding
gzip
Last-Modified
Tue, 19 May 2020 01:21:54 GMT
Server
AmazonS3
x-amz-request-id
B1F4443185AC1BBC
ETag
"e756fa775ef8e25ec3b2c4db6bc84fd1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Sat, 23 May 2020 01:37:06 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4413
x-amz-id-2
8uEXxGWS0dxE0S0byRLbCZNhscTYyoriv7hEK3jBrzSoF3YawXjm6XVd7bqvYzcF4tJs2eHb+S4=
userconnect
ih.adscale.de/
181 B
360 B
Script
General
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=6de03fad-4fc8-45cf-bbc0-26a66c69ae06&cbfn=stroeerCoreConnect&ts=1590197826756&umd=false&gdpr_err=NO_CMP_FOUND&ref=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.42.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-42-46.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 23 May 2020 01:37:06 GMT
server
Apache-Coyote/1.1
content-length
181
content-type
application/javascript
map
ih.adscale.de/ Frame 10FB
0
0
Document
General
Full URL
https://ih.adscale.de/map?format=display&ssl=1
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.42.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-42-46.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=9e0936d388b94268ae86cba45c6e2302; ng=2#3465942750#26503297#85882
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 23 May 2020 01:37:06 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2596
server
Apache-Coyote/1.1
set-cookie
tu=4#3064981374#48~~441721~441721~1#101~~441721~441721~1#39~~441721~441721~1#40~~441721~441721~1#42~~441721~441721~1#75~~441721~441721~1#108~~441721~441721~1#63~~441721~441721~1; Max-Age=2592000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None
nuggad
nugmw.userreport.com/rc-ap/3114a7cc-29b7-4544-a7a4-65c9debe7db4/si.nuggad.net/
Redirect Chain
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
  • https://nugmw.userreport.com/rc-ap/3114a7cc-29b7-4544-a7a4-65c9debe7db4/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
2 KB
2 KB
Script
General
Full URL
https://nugmw.userreport.com/rc-ap/3114a7cc-29b7-4544-a7a4-65c9debe7db4/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:ba00:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
97e4af0525bba5c5fc15d8eb23e674e29db4588897a68275322261b0b5209204

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
via
1.1 ac27d939fa02703c4b28926f53f95083.cloudfront.net (CloudFront)
server
nginx/1.14.1
x-amz-cf-pop
FRA53
access-control-allow-methods
get, post, options
content-type
text/javascript
status
200
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
1882
x-amz-cf-id
os_3Oai_YyYVZJMY4sV07CbwHbQsq-f2fA6v4FhOm6sQYoDX9ff6cg==

Redirect headers

date
Sat, 23 May 2020 01:37:06 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
nginx/1.14.1
x-amz-cf-pop
FRA2-C1
status
302
access-control-allow-methods
get, post, options
location
https://nugmw.userreport.com/rc-ap/3114a7cc-29b7-4544-a7a4-65c9debe7db4/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
0
x-amz-cf-id
oP8FBQORc9BHUn2vGKkGWDjBcXpg8RmVfEyR4mmF0JrPm8KAOKUMeQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 4023
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukkEhlj7wB_MmeVY--K7lYUSb76_ntKSYlA4ldTL9i0U98Zso8ozn2z8eRtXb-SslBvuCrXsLqZFdVeDKzOwZxcPwmMslmaEqNCr05GAUCKND7-8dmHrAVvjDoxs7mMKWGTTlr_3AQ77nA4yciLIpGRJkEYSKHR7t--AF5Vjk4iyYZKtXVcPc1cLxELlvsnELYVnIubtP7pC69fHI8ycxNKlPJDE76JnQm_xf_J38bILAS3VXNYGyHPSx-XM7S2gqp8S3zaI9kikvYUcWWSxKnCGU&sai=AMfl-YS6Li2VpcCKylo_jW7JoU4a6d7mjLh9T_ZcTUJWtgj911XkA8T5tnaNl1sQUfO9mlhZ3xzcxoF2OrO30YYkAQcKe1qVOCRo8FjQ65MG&sig=Cg0ArKJSzFbYtuM23vd2EAE&urlfix=1&adurl=
Requested by
Host: dprtb.com
URL: http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:06 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 4023
43 KB
14 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100b29ee8597249807afef46e63ab563c4abf4629b879355ff074c8611cac01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"523 / 694 of 1000 / last-modified: 1590083614"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
14415
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:06 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4023
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124220f530266be8497184bf5b9adc70961a8021bfae7e70136fe862a35d17d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589974910160429"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28390
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:06 GMT
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589974910160429"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27764
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:06 GMT
nuggad
ih.adscale.de/
49 B
286 B
Image
General
Full URL
https://ih.adscale.de/nuggad?/nvars/d7=2&d10=2&d2=5&d4=0&d11=0&d8=2&d9=2&d12=5&d1=2&d3=3
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.42.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-42-46.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 23 May 2020 01:37:06 GMT
server
Apache-Coyote/1.1
content-type
image/gif
content-length
49
p3p
CP=NOI PSA OUR
pubads_impl_2020051802.js
securepubads.g.doubleclick.net/gpt/ Frame 4023
245 KB
88 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
38c1db12aacbdc654b0ece8387a0d632e21db38c1c8d5be141bb557dafc38419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 May 2020 18:24:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89574
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:06 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame 4023
113 B
175 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4023
11 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2064114102602308&correlator=3379833924408454&output=ldjh&impl=fif&eid=21061507%2C21066238%2C21065929%2C21066047&vrg=2020051802&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200523&iu_parts=53015287%2Causkunft.de_d_728x90_1_dc&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D50fa94b7b5524c6c%3AT%3D1590197826%3AS%3DALNI_MZZygxKYfQASLkMk7gWLQcwgX1oWw&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1590197827&dt=1590197827091&dlt=1590197826906&idt=171&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=734&adks=3040953405&ucis=ngl54b86vgjp&ifi=1&ifk=3637571251&u_tz=120&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&dssz=8&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1113055395.1590197826&ga_sid=1590197827&ga_hid=1639488040&ga_fc=true&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
5e0ec3419cbdc3b5e1f9dc6fc5cf5fdbadad59875aad9700b5847c2f66dfd21e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5287
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4023
0
0
Other
General
Full URL
https://c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4023
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

truncated
/ Frame 4023
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87be0d7732ecf131c6da5607faad1e1b2b8e6204041787540a4aff4a67d15818

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 4023
52 KB
20 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e2ea87cc9df14b81adee30e0c00c4b0ec0bd275c4cae8d27d4215f4d59813b4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20318
x-xss-protection
0
server
cafe
etag
8895968061586713747
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 23 May 2020 02:34:28 GMT
csi
csi.gstatic.com/ Frame 4023
0
361 B
Other
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kaiyq88r&chm=1&ctx=2&qqid=CO-Q1cTsyOkCFRRx4AodLYEEhQ&met.4=fb.2~lb.5o~ol.5o~idt.7r~dt.-6g&met.9=1.20~2.4r&met.3=197.5i~123.5g_7~117.5o~118.5q~118.5r~118.5s_1~118.5t~118.5w~118.5x~118.5x~113.6a_3~112.69_4&met.1=1.kaiyq82i~14.0~15.0~16.0~17.0~18.0~19.0~20.5o~21.5o&met.7=CA0QChgBIAMoAzAuOCtABEgFUAVYF2AKaBhwLHjucYABz3CIAdXYArABAbgBAw~CCoQChgBIAMoAzAyOC8~CA4QChgBIEkoSTCcAThTaEpwc3iVvQWAAea7BYgB-qkPsAEBuAED~CDAQBxgBIEooSjBZOA9oS3BYeK8BgAFsiAFxsAEBuAED~CCgQChgBINMBKNMBMNwBOAlo1AFw2gF4jqABgAHengGIAZ-eA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4003:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E314
0
0
Document
General
Full URL
https://c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sat, 23 May 2020 01:37:07 GMT
expires
Sun, 23 May 2021 01:37:07 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4023
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589974910160429"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27764
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4023
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020051802&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2e8281eb31fd07719177d405444f17fcad29a912075b60b567621af17d4b557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5531
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4023
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020051802.js?21066238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 50E3
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 22 May 2020 23:54:38 GMT
expires
Sat, 22 May 2021 23:54:38 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6149
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4023
0
120 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020051802&jk=2064114102602308&bg=!7-yl7PRY-EaLNKipAtoCAAAATFIAAAASmQF9LMfq8N-RlEFGwPNdsMvSUNnh2-Oa3fEXOelTJr_RqnKm-cvP5p7LFwCy7_suCyxFvXqP5xWrtZ--VH3sb8PbUXeVJYJk-TBBS0q-X8-YYqWMIhEoGDLdpfRFs-WgtiOOj62un2p8XQH6iSxUNXxh1HJusxogUyvqTJ-j2Pjd92vLLchwxctoyLzaELF-v3Ty_zczmHagUdzYIIl46P1YE9VChEMforFL7lQMGKchV6s9nP934g0lSsHkj93WBG2tW2oE9fd0G0H1T8pjOgOcXcepMylTubBeNrmIfTgI9vgP3qEQEGYt7OdfDZez3XB_Bzmtdp-qq1qvUZLmWjyHp_P4vp6HK-6FhHY71Fb6oDol9M57wMhw2y5EqQRcjrZHW4-S1wmbfIDP8zRHuHEPoRvIWyTYoB2Bdn0p7YJUFEh1hjO8_W0oVNPd_EkxG3H-4vMZsbgRPBXDyT7Wab82P8hAj1WOm_YFmYUuIQ4NF60I01gKUkz3dTLNOLCq
Requested by
Host: www.auskunft.de
URL: https://www.auskunft.de/?rt=y&utm_source=zp&c=zre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183&t=mike-dip-2ESHpMYh&s=gamboge-moose&keyword=deduction%2Cdeduction%2Cdeduction.it&m=&t_t=DOMAIN&g=DE&v_t=NON-ADULT&c_id=672097&l_c_id=f6228670-4b89-11e7-b1d2-0eda985eb958&os=MacOS&br=Chrome&cr=unknown&d_id=&v_c=0.001620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f62b5bc8f5ee66367cc2a0b5802cec4b9adb188150615942ca0009ac47f55a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5554
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:07 GMT
ads
securepubads.g.doubleclick.net/gampad/
4 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=92418557188040&correlator=538006343244597&output=ldjh&impl=fifs&adsid=NT&eid=21066225%2C21064500&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200523&iu_parts=53015287%2Causkunft.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=1&prev_scp=yieldlove_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A19965.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Ddefault%26yieldlove_meta_ab%3Dpid%253A19965.scenario%253Adefault%26yieldlove_meta%3Dpid%253A19965.sb%253Af%26yieldlove_pid%3D19965%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fauskunft.de_d_728x90_1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1590197827&dt=1590197827705&dlt=1590197826146&idt=511&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=734&adks=3358614790&ucis=2&ifi=2&u_tz=120&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&ref=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3De83fb1d1-9c95-11ea-956a-129887c57937%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&dssz=34&icsg=2199822859326&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1113055395.1590197826&ga_sid=1590197827&ga_hid=490209165&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e354e11aca1290a51fcc153ef7261363272e534a2cc57f245ef07725866572cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2173
x-xss-protection
0
google-lineitem-id
5111110714
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275073032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A5B6
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 22 May 2020 23:54:38 GMT
expires
Sat, 22 May 2021 23:54:38 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6149
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=92418557188040&bg=!2Nul28NYZrGp0cjHF3UCAAAAU1IAAAAQmQF3gMnAb7BrLnN4pChphFivgxQx9oua3JWesONBjl18KApAqCR3iv83WDVPKl-JaD4f0l7pnypzXxe4p1O-kDWlMIlt6ykHYC2zNTQPmBY6muiPKZ69cecDx_YgIrZZo6fLo666A5i9phePP8R52fXYg48Gx08UzZwDRNg4Bim32h4dEiyEnrEKQOReOqq9vnSi46HRgz9YB90IoBrJrRfWgM6X9kalW8dCENBGzIh4zJnurYC-keyqsq7QJu2iAd7HwtIJZPOZCdcE07QfGOhh4xyGrLfxOcbmOHfiyyh6Y1ALfACAQbr97B4K0LkFwZDN9p3febwZooxqwSn_IP1E4F1JYNoV-zGX5abwapEf07ry0jlewQmWk_PcVgUKxWoxoET8XP1U4REewxJt7-i20wnZv-gFW8_OTmz_L7a5wxPXSLOj-WObg_QiNs7OacJa6K0al9a0huI4DoDkeILUIHzGmq5sH8ZEjkFupUCe8wcndtVjpMYS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
launcher.js
sak.userreport.com/sdm/
64 KB
20 KB
Script
General
Full URL
https://sak.userreport.com/sdm/launcher.js
Requested by
Host: nugmw.userreport.com
URL: https://nugmw.userreport.com/rc-ap/3114a7cc-29b7-4544-a7a4-65c9debe7db4/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.239 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-239.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a7315598045b0762a4a7c6f40fb6c0da236c402566d27a8ab70db5d8cbb7a58

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
GWFVIbVrEULGta0P7hxp6E817LeR6Zwy
content-encoding
gzip
last-modified
Mon, 18 May 2020 09:31:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
date
Sat, 23 May 2020 01:37:07 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=7200, s-maxage=60
x-amz-cf-id
fys6CzqU615Tb-1G_i3fYNSyvCOb2-p6okFTsNF5xBnjiYwFZEyj1w==
via
1.1 831ce605dd77f58786c993787cdac90b.cloudfront.net (CloudFront)
server.html
tag.userreport.com/ Frame D3A6
0
0
Document
General
Full URL
https://tag.userreport.com/server.html
Requested by
Host: sak.userreport.com
URL: https://sak.userreport.com/sdm/launcher.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:9800:11:af01:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

:method
GET
:authority
tag.userreport.com
:scheme
https
:path
/server.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html
server
nginx/1.12.2
last-modified
Tue, 14 Apr 2020 13:55:12 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding
gzip
date
Sat, 23 May 2020 00:58:41 GMT
cache-control
max-age=3600
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53
x-amz-cf-id
lnnQiUIzbuZAiT-VAn9wGOzPov_LEfykaxB-H66euWzbhU8pWyx9bg==
age
2391
5111110714
api.yieldlove-ad-serving.net/v1/bl/53015287/
2 B
207 B
XHR
General
Full URL
https://api.yieldlove-ad-serving.net/v1/bl/53015287/5111110714
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.57.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-57-245.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
x-powered-by
Express
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-key
/bl/53015287/5111110714
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
content-length
2
csi
csi.gstatic.com/ Frame 4023
0
0

csi
csi.gstatic.com/ Frame 4023
0
0

csi
csi.gstatic.com/ Frame 4023
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame 81A0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpDh5Ma8tcdRDMCsGwgIcoqBUExiZg7tcJVcb5n-ogx_b1wnno95foXejEXfz0idQlnzBZtuRnBYmFU7-pOIWnVUGUL9lVJe03M9vqzo_q2MlbuVj9KFfBZOCvYpKkigBmrspXraMupu6Ubt6wSZRLKPBFURJ3HypaXQ8hSOiRwe9O7KJRYAFvBpU7FmlYHHbEzrBW1OEIsuUStZAq0z25JvcVZubi-WyWgBT9VJWD_bsBSWB7ZjhG0kOwCs_yL0VKK-fjFqupFSEMNPdtvg4BAHg&sig=Cg0ArKJSzJAtXvxewuqNEAE&urlfix=1&adurl=
Requested by
Host: dprtb.com
URL: http://dprtb.com/click?data=bWIyN3l5NDU2WmNsUUJVX1NScGhSM0lxcXUzNFpRUmtiUnZnZXdPSGpwOTczbGd4RUJhTTFkd05SNm55NkEyR2w1MmNhc0stNkpNeGZObXBJUzVrM05YQ3hNTzQ5TDhubXgwTlU5am8xR3JobVY1cVpvbTRmRlZkX3ViWXhTN2U4QUN0TWtFNk1GdDh5QVZZZ0hMVmdBMg2&id=db7a5b37-ad46-4dcc-aa94-d2f1dbbff8aa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:07 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame 81A0
43 KB
14 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e85d55c2ef395085ea70522cff040caae649be4025a0ee0da21fe4e28abc21ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"523 / 863 of 1000 / last-modified: 1590083532"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
14368
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:07 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 81A0
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js?21066225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124220f530266be8497184bf5b9adc70961a8021bfae7e70136fe862a35d17d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589974910160429"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28390
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:07 GMT
pubads_impl_2020050602.js
securepubads.g.doubleclick.net/gpt/ Frame 81A0
243 KB
87 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 May 2020 17:23:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89224
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:08 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame 81A0
113 B
172 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.auskunft.de
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 81A0
12 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=792621468476484&correlator=1381479409262849&output=ldjh&impl=fif&eid=21066031%2C21066045&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200523&iu_parts=53015287%2Causkunft.de_d_728x90_1_dc&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D76b318a84cb66f04%3AT%3D1590197827%3AS%3DALNI_MZff0q2CnTod4agNgiogRi0WxAMQw&cdm=www.auskunft.de&bc=31&abxe=1&lmt=1590197828&dt=1590197828274&dlt=1590197827962&idt=132&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=734&adks=3040953405&ucis=jrpgpcd392ax&ifi=1&ifk=3637571251&u_tz=120&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&top=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1080465239.1590197828&ga_sid=1590197828&ga_hid=1014146230&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
461fca7194d7c30aa3c589b6e1364a67ebc276b348ff848724f43c449c22eef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6172
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.auskunft.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 81A0
0
0
Other
General
Full URL
https://a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 81A0
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

truncated
/ Frame 81A0
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c37578a7fbc77e9e96d985225c7c54670e724c7914898c2ea911590d83161ba

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
container.html
a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 73AD
0
0
Document
General
Full URL
https://a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sat, 23 May 2020 01:37:08 GMT
expires
Sun, 23 May 2021 01:37:08 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 81A0
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589974910160429"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27764
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 81A0
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c582ffa45fd777ee43c0bf47fb5ba5691f1033a80ffa404a8de5d402f36d6f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 May 2020 01:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5581
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 81A0
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 01:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Sat, 23 May 2020 01:37:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5A84
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 22 May 2020 23:54:38 GMT
expires
Sat, 22 May 2021 23:54:38 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6150
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 81A0
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=792621468476484&bg=!0NOl08tY3uVkT1PgcfoCAAAAVFIAAAAOmQF9RMX1hJrzSgPbRVDIhm-dlkuwW2_V7qlsu7P2J3cb-eVmgrbAMhB9xcjGFP_oViLdyL7tzJuVXHMdwqbJJ_jcgy--5FC7sGsIGT3y_05YUnnDgd4qMizOVA7Wmx6WORV7KFRrCB6thqVE_4lQgmDfueuNj7dpu8lPLLbpJ72XAa40QcoBJExV9sPuOgBJJL4Rih4v0EUFBynbj8ZWSIhL_28WDCJxTpqJ8WTWhb6pU0hvEWqNeff6np46numE13oO_ULaQz6ZzTGXkJd6mhtx0wxPJc1HZGHk1M7A3CTLMmwYYuIK8tLqRqfiQHTP8jHmdSaH7rA74TFIvdUHvZGk0hmyJ3WRCGSr9wBYrahcY524O9WpNru6xreMxZAA9YZF3DuXYM6GeoXQfTfOrL6XAl2lQ86cakf4QM6UNIe4LfFbojeZiWbnPmFxox3mdxrkbco7s5n811GP3p6OV2RFKCqwM5cug46xKfUJ67ItYqsyhoOinqkvsSjb2qaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 81A0
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCugz7J-FKYRepGhfR9RgiVLcCKPb8W8hMl7rtowflMvPaaF_YCeexlXqLtziCrIJMDk3LQtCHxeh-keRNoV6Y932f-H0sM4v7e4slKO0&sig=Cg0ArKJSzN-AJWsriRtpEAE&adk=3358614790&tt=-1&bs=1600%2C1200&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&p=734,436,824,1164&mcvt=1014&rs=0&ht=0&tfs=102&tls=1123&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1590197827966&dlt&rpt=321&isd=0&msd=0&ext&xdi=0&ps=1600%2C1966&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1122&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484ca84e28a93764c5ff0ec9310472576d1138347183%26t%3Dmike-dip-2ESHpMYh%26s%3Dgamboge-moose%26keyword%3Ddeduction%252Cdeduction%252Cdeduction.it%26m%3D%26t_t%3DDOMAIN%26g%3DDE%26v_t%3DNON-ADULT%26c_id%3D672097%26l_c_id%3Df6228670-4b89-11e7-b1d2-0eda985eb958%26os%3DMacOS%26br%3DChrome%26cr%3Dunknown%26d_id%3D%26v_c%3D0.001620&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 51B4
0
0
Document
General
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Sun, 23 May 2021 01:37:09 GMT
Date
Sat, 23 May 2020 01:37:09 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 9450
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
0
0
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.186.1 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a6bbd3f1-435e-0eca-31d7-6d67213f21cd|1590197829
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=a6bbd3f1-435e-0eca-31d7-6d67213f21cd|1590197829; Version=1; Expires=Sun, 23-May-2021 01:37:09 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1590197829|mOgikimWiygu; Version=1; Expires=Sun, 07-Jun-2020 01:37:09 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.186.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 23 May 2020 01:37:09 GMT
content-type
text/html
content-length
375
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=a6bbd3f1-435e-0eca-31d7-6d67213f21cd|1590197829; Version=1; Expires=Sun, 23-May-2021 01:37:09 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.186.1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=1
date
Sat, 23 May 2020 01:37:09 GMT
content-length
0
via
1.1 google
alt-svc
clear
index.html
cdn.districtm.io/ids/ Frame 898D
0
0
Document
General
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Sat, 23 May 2020 01:37:09 GMT
set-cookie
__cfduid=df22e7544e110411b2e696b374e7012671590197829; expires=Mon, 22-Jun-20 01:37:09 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
597b0cd3cbd00bcd-AMS
cf-request-id
02e0c6585800000bcdda91d200000001
usync.html
eus.rubiconproject.com/ Frame 06F9
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?auskunft.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 20 May 2020 19:35:32 GMT
Content-Encoding
gzip
Content-Length
9192
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=44576
Expires
Sat, 23 May 2020 14:00:05 GMT
Date
Sat, 23 May 2020 01:37:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=490209165&t=event&_s=2&dl=https%3A%2F%2Fwww.auskunft.de%2F%3Frt%3Dy%26utm_source%3Dzp%26c%3Dzre83fb1d19c9511ea956a129887c5793751d293484...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=2099250562&_gid=434711996.1590197826&gjid=1969529413&_v=j82&z=164289711
35 B
99 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=2099250562&_gid=434711996.1590197826&gjid=1969529413&_v=j82&z=164289711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 May 2020 01:37:16 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 May 2020 01:37:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77541742-2&cid=1113055395.1590197826&jid=2099250562&_gid=434711996.1590197826&gjid=1969529413&_v=j82&z=164289711
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kaiyq88v&chm=1&ctx=2&qqid=CO-Q1cTsyOkCFRRx4AodLYEEhQ&uet=2&met.3=143.8g_1~118.8h~118.8n~143.b9_1~118.ba~118.bg~298.c2~155.bs_b~132.d1_1~118.d3~132.d4~118.d5~132.d6~118.d6~132.d6~143.e2_1~118.e4~132.e4~143.f4_3~118.f7~132.f8~143.gw_1~118.gx~132.gx~118.hx~132.hx~143.hz_1~415.jd~130.jd~118.je~132.je~132.je~143.jp_1~118.jp~132.jq~118.kq~132.kr~143.ks_1~143.mi_1~118.mj~132.mj~118.nj~132.nk~143.nl_1~143.pb_1~118.pc~132.pc~118.qc~132.qc~143.qe_1~143.s4_1~118.s4~132.s5&met.1=24.sy&met.7=CA8QDRgBIMABKMABMIEDOMEBaMEBcIADePgpgAGnKYgBq1WwAQG4AQM~CBsQARgBIOYBKOYBMPACOIsB~CBsQBRgBII8DKI8DMJcDOAhokANwlgN42ReAAZ0XiAGyLbABAbgBAw~CCoQChgBIJIDKJIDMKMDOBE~CCcQDRgBIJQDKJQDMLsDOCdAlANIlgNQlgNYqQNgmwNoqQNwuwN46zGAAZsriAHXOLABAbgBAw~CCcQChgBIL0DKL0DMOcDOCs~CCcQBRgBIOwDKOwDMPYDOAo~CBwQBhgBIJQFKJQFMKIFOA5olAVwogV4eLABAbgBAw
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kaiyq8vi&chm=1&ctx=2&qqid=CO-Q1cTsyOkCFRRx4AodLYEEhQ&met.3=142.t1_1~142.t2_1
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~kaiyq8vl&chm=1&ctx=2&qqid=CO-Q1cTsyOkCFRRx4AodLYEEhQ&uet=1&met.3=119.t3_1&met.1=24.t4

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| yieldlove_site_id object| googletag object| body string| highresImage object| highresImageLoader string| gaProperty string| disableStr function| gaOptout function| bgLoadSuccess function| bgLoadFailed string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| iam_data object| _paq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| regeneratorRuntime object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| YLHH object| yieldlove_site_settings object| yieldlove_cmd object| core object| pbjsYLHH function| pbjsYLHHChunk object| _pbjsGlobals object| stroeerCore string| szmvars object| iom object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id function| stroeerCoreConnect object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| NUGGjson function| aplauncherExec function| aplauncher function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests string| apsrc object| _urq object| audienceProjectLayer object| __sak

2 Cookies

Domain/Path Name / Value
.ih.adscale.de/ Name: tu
Value: 4#3399266969#48~7f09f0a793b9526ed01dd0afce86fed3~441721~0~0#39~8d6b5ec8-7e43-4800-a951-8f37bca0269d~441721~0~0#40~1f8fba72-5b6c-4ad2-b782-ab0d1b8b0aa3~441721~0~0#42~3939380256932869708~441721~0~0
.adscale.de/ Name: uu
Value: f63e0d21e4b446d2b0fc4fb8ff9acc66

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a061c732a8671a977ee30ba724eb5f3f.safeframe.googlesyndication.com
acdn.adnxs.com
adbdeaa93b3ebc315bd1afe56e76f49c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adx.adform.net
api.yieldlove-ad-serving.net
as-sec.casalemedia.com
c5eadbf4678c04bef9cf0a827cfbeeb8.safeframe.googlesyndication.com
cdn-a.yieldlove.com
cdn.districtm.io
csi.gstatic.com
de.ioam.de
deduction.it
dmx.districtm.io
dprtb.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
hb.adscale.de
ib.adnxs.com
ih.adscale.de
js.adscale.de
nugmw.userreport.com
pagead2.googlesyndication.com
prg.smartadserver.com
sak.userreport.com
script.ioam.de
securepubads.g.doubleclick.net
si.nuggad.net
stats.g.doubleclick.net
tag.userreport.com
tpc.googlesyndication.com
tracker.auskunft.de
usd.khurshid-sus.com
www.auskunft.de
www.google-analytics.com
www.googletagservices.com
yieldlove-d.openx.net
csi.gstatic.com
100.24.94.176
104.111.215.171
104.111.230.142
104.16.68.69
13.225.87.83
172.217.22.66
185.86.139.19
195.201.46.48
2.18.232.130
2.18.234.21
209.15.13.134
209.15.13.136
217.114.212.216
2600:9000:2047:9800:11:af01:b40:93a1
2600:9000:2047:ba00:1f:a1b:34c0:93a1
2600:9000:20eb:3a00:12:6213:9cc0:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:809::2001
2a00:1450:4001:818::2002
2a00:1450:4001:820::2002
2a00:1450:4003:802::2003
2a00:1450:400c:c03::9b
34.95.120.147
35.158.66.58
37.157.4.25
37.252.173.27
52.222.149.239
52.58.42.46
52.58.57.245
69.173.144.141
91.215.100.39
91.215.103.65
0338af95f906ea8b5df98f2a3feeb022d52089e71c4cf64b9548b5e8ab65944d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
100b29ee8597249807afef46e63ab563c4abf4629b879355ff074c8611cac01f
124220f530266be8497184bf5b9adc70961a8021bfae7e70136fe862a35d17d2
17a8e014681a3887ee31964b869eaafa1447ff0dc79f5d3d0235d90f5aa76902
1c582ffa45fd777ee43c0bf47fb5ba5691f1033a80ffa404a8de5d402f36d6f5
1faba3eab693d5f037455a9c6c4913d8124d5f25d11c263da38ed8ab27b23d9e
235a514df8e69f9aa1ce152f19f439547c79af4900c262f94b830257a48e688d
240ad1a64225fcca3f17fe0ca56ac79d02ded5d25fbb4839c7d329d772c7eb70
282347fab2a42961ec28e38cae17ba846004b3b1f117afc0d4a609d19aa4d8c3
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30dd642852b1dd9dc346a1b8ad486cdcdc73330323e34d3b40a856c896c57fae
33b5c0114328f49015b0ab429040fe28172ca09ad38d855504348f82845860ed
34d310591a80631a8660ca80fe1217702e342bb210eaf352a1644096fd553a5f
38c1db12aacbdc654b0ece8387a0d632e21db38c1c8d5be141bb557dafc38419
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
461fca7194d7c30aa3c589b6e1364a67ebc276b348ff848724f43c449c22eef4
4928908e388105383025d5c0509ea4b568bc0790d3eda3c9b209b3b29d6ba394
4a7315598045b0762a4a7c6f40fb6c0da236c402566d27a8ab70db5d8cbb7a58
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5e0ec3419cbdc3b5e1f9dc6fc5cf5fdbadad59875aad9700b5847c2f66dfd21e
62b5bdbb7d0bd0d6f7d8109502050a2fb47e1a52ecd2427064ca3fe5505ceac3
655ad60d0dea7966b9ce91ff0565ba7a745664dfb7bf285d136479069f61b8d7
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a23e909614977de744554ddd4ddb2eb0b7c02adf0d808e53ef8e1988633f2ac
6c7bb897973891c1c585ed3b9cd3f4083dacd01e560aec3982de747b7428a570
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570
70484d6450dacdea0cc8d8461da8765c8b212eb25e323d7f5cc82e63dbc6fc77
7c37578a7fbc77e9e96d985225c7c54670e724c7914898c2ea911590d83161ba
7f6eea170145ad1bdefa415ae2a8d3e8135168c1df5ccf1c83c4b671eaf86800
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ca84110a7b64ff11da31e57fb3e21d7d52d0118e5a74cf6148972ad5d5bac4
87be0d7732ecf131c6da5607faad1e1b2b8e6204041787540a4aff4a67d15818
919579411d2e74d37b5eba39d4657e7504a23862cf50ddafb42c2d844cdde432
91dd4fb47cdf327cde95a75ed04fccd6d724e26413a7fe86fe6f0b736970a150
97e4af0525bba5c5fc15d8eb23e674e29db4588897a68275322261b0b5209204
9e63050e8937b3650ad2bbebf1a2008ba490ec8b2ec0a5e83ba43dbde16d57e5
9ec1d53c996d23c5c75198606cc5845b4a22398f07e150a8260220bdcc11326c
9f8d45ee55d8c3053fe71fd03d0ecf8caa8adb08e9a4da274754d2d5afbb39ec
a01adccc648a7b8ac8cd95b1d0307cfc1ff4eba85562c56176e3209c660165dd
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b2e8281eb31fd07719177d405444f17fcad29a912075b60b567621af17d4b557
b38144d6415a4df24e7a0aafcf87f1650b2850c6b255bee8211b12fbdb2fb287
b85f7174e0ee9867a330a2e481d11f59a942f0224e0e8095a737763e4129072a
bde840b6b0dcbf136ac4b128ec1cba56be2832be3a4f6b5d8d886d7310505ba8
be07eda2a1384fbafc09d94064ca57bee7ca5fec7529511a32d2bb0e63fc6c18
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
d47b1bcaae1267b4d9762e3132b3a635f25b6c6d076b785ff962472b3b7be4cc
e1a5b69c114355b5275eadacbe72bddb2e739d7d87468f4a5358a9a4de2592d0
e2ea87cc9df14b81adee30e0c00c4b0ec0bd275c4cae8d27d4215f4d59813b4b
e354e11aca1290a51fcc153ef7261363272e534a2cc57f245ef07725866572cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85d55c2ef395085ea70522cff040caae649be4025a0ee0da21fe4e28abc21ef
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62b5bc8f5ee66367cc2a0b5802cec4b9adb188150615942ca0009ac47f55a25