urlscan.io logo urlscan.io
SecurityTrails logo

bedrat.xyz Open in urlscan Pro
2606:4700:3037::ac43:ca37  Public Scan

Go To Rescan Add Verdict Report
URL: http://bedrat.xyz/
Submission: On March 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 74 HTTP transactions. The main IP is 2606:4700:3037::ac43:ca37, located in United States and belongs to CLOUDFLARENET, US. The main domain is bedrat.xyz.
This is the only time bedrat.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    2606:4700:3037::ac43:ca37 (United States)

ASN13335 (CLOUDFLARENET, US)
bedrat.xyz
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700:3030::6815:e17 (United States)

ASN13335 (CLOUDFLARENET, US)
bedrat.xyz
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
15    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9bccdaf803b961326c2fbf7babcea57f.safeframe.googlesyndication.com
6    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
26 bedrat.xyz
bedrat.xyz
3 MB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
9bccdaf803b961326c2fbf7babcea57f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
392 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 448
207 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 224
208 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1985
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
202 KB
2 gstatic.com
fonts.gstatic.com
49 KB
74 8
Domain Requested by
26 bedrat.xyz bedrat.xyz
15 pagead2.googlesyndication.com bedrat.xyz
securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
bedrat.xyz
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net 1 redirects bedrat.xyz
www.googletagmanager.com
securepubads.g.doubleclick.net
3 fonts.googleapis.com bedrat.xyz
securepubads.g.doubleclick.net
3 www.googletagmanager.com bedrat.xyz
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 9bccdaf803b961326c2fbf7babcea57f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
74 11

This site contains links to these domains. Also see Links.

Domain
chpadblock.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
bedrat.xyz
GTS CA 1P5		 2024-03-01 -
2024-05-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://bedrat.xyz/
Frame ID: D63AE1AB21544C9F1B72AE5DD5DED9B7
Requests: 45 HTTP requests in this frame

Frame: https://9bccdaf803b961326c2fbf7babcea57f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2245A69E4A0B48B07E220A3B7B18F6A2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Frame ID: 62FE287A49BE16E47E5D8B0889160585
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4C2DE6C33E12C5F90D0E74BD5C091F1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Frame ID: 4D13C27F024305F820A9CEE861FC0F8C
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

bedrat – bedrat

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

74
Requests

70 %
HTTPS

100 %
IPv6

8
Domains

11
Subdomains

13
IPs

2
Countries

4500 kB
Transfer

6608 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bedrat.xyz/ 		73 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f58eac93daba432923053c9be161492b8ddc5ae485c36641295ea5db14a2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
865a69215e992bac-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 17 Mar 2024 04:58:55 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Link
<https://bedrat.xyz/wp-json/>; rel="https://api.w.org/"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2BqNr2g9WsFlYdwlzfR%2ByO%2BSPq2mTM13%2B8HwP1iOZEDFDkrd4TlG2aGRtJTGcYX1llrXi2bYWIOj%2BguaxLOhIh%2BTQkLQc2h3J%2FmwsIgWb9ipCPqVgO5zEVJg3%2BlD8bYdww80i0Ipq2oV"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
HIT from Backend
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		235 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TVT7LVX7RY
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06c9c9a9b053770912ee9ed2d5f7f4c2a7121983dcc79df3aeda47237bb9b46e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85510
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Mar 2024 04:58:55 GMT
style.min.css
bedrat.xyz/wp-includes/css/dist/block-library/ 		108 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 31 Jan 2024 08:08:49 GMT
Server
cloudflare
ETag
W/"65ba0011-1ae43"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQzJceFpCt1cOOfLvgbBRMz2BWMQmOSgSmsAuT1Q4GLl5TdCjWOnrHRHrKz%2BdA8AEESflQJ0n62TVWAvW9Q6o6H%2FuYm1BcuK7yofGfhpnfUFnW6S0UfmqaWKjQJ9ApekPJDGMTGqgyUQ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=315360000
CF-RAY
865a6922afae2bac-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		125 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDN82KS9
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
390c258a57167a6737ed710888142f45211fd7de1bda9293874e9fab11682fd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48860
x-xss-protection
0
last-modified
Sun, 17 Mar 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Mar 2024 04:58:55 GMT
5d9f1c29-b0a4-434f-89be-816f5e6a00e9
http://bedrat.xyz/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://bedrat.xyz/5d9f1c29-b0a4-434f-89be-816f5e6a00e9
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
styles.css
bedrat.xyz/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 02 Jan 2024 20:10:02 GMT
Server
cloudflare
ETag
W/"65946d9a-b4e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWaab33%2FdUADbD4W01kn60xtLdQXIrOd7mkvGBleUzCckr4J5mwDNtp6v8yiqiwJpyThk2eEwlp4GO6qcojslQEalCXivmRwKUahMXKit3N1RKkOl%2FZojjhDkR6fFPm9n%2B1uGv8vA%2Bys"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=315360000
CF-RAY
865a6922dd67b8c4-AMS
Expires
Thu, 31 Dec 2037 23:55:55 GMT
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 		1 KB
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 17 Mar 2024 04:58:55 GMT
style.css
bedrat.xyz/wp-content/themes/mobdii/ 		64 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/style.css
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81aeb169026b59bc73a0e18d05be0ae7b7916eb1c96f68d07a8b71569c89093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
W/"5eb47f26-ff57"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGigQlLW0Iv5%2BCFjzfE3vsSxFjLECNZA3ZGdjtXD1Zqa3wBhtw5MAhjMmfkE%2BXkx4DhBQSXea2v2La6wWeS1xNs0be6yqPJwAeLzfw%2FkUUJ8p%2BD5yymkaQyrMCmZmbg7IKemjAfOoQQJ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=315360000
CF-RAY
865a6922e98b361e-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
bedrat.xyz/wp-content/themes/mobdii/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/css/font-awesome.min.css
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
W/"5eb47f26-7187"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R31gfNEvUoOxzfeg7ZFRKOPxlFyzcKyLHzBmvhEYWIoFYNnTQoHecgiWBu090HiJDSl%2FICJWgeQmdkUkPikz3jeuOqv9Y7jIYu2gufNXd25%2B4lyqXOQB8USHftqtnGws4cmKSpI0QAMt"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=315360000
CF-RAY
865a6922eb4065cc-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
background-overlay.css
bedrat.xyz/wp-content/themes/mobdii/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/css/background-overlay.css
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5636042e69b59d87ebb2c9e07e01d9d6f8a5829b14db4fcd3293631bac7c1727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
W/"5eb47f26-1c71"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H8vNtJcXTKGYkk0gQZGI2OvPNYIm6JmpsQg6wZU8Jd%2BDjvfYOYiZEwTzmd62AXplyAmGZLYR1Oc15HTEnwgT6Q73u3Bm24FcdszVXSUgfWCQy8f7J3PMC7F87mW78V9t%2FV0gMmMSZ1yH"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=315360000
CF-RAY
865a6922fdff3684-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
animate.min.css
bedrat.xyz/wp-content/themes/mobdii/css/ 		52 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/css/animate.min.css
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
W/"5eb47f26-ce35"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2B9PxlQa62RWi3YI3wFA1VeAM4rxE6IbnqQNxrDXZsw0BZj%2BkxfQ1YV1QDkX9AQ2tEb1iyD338zQJ0qUJuRkoKaHDSZn9DlLRa%2B1%2BYRe07%2BOyLsZrYsVJBk1uHIU5OAkSX%2FR4hIbWPN9"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=315360000
CF-RAY
865a6922fdc26673-AMS
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
bedrat.xyz/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-includes/js/jquery/jquery.min.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 28 Aug 2023 17:14:23 GMT
Server
cloudflare
ETag
W/"64ecd5ef-15601"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJEiU3O6y5ZhEIkf8IZLdTEv2jydWMqdpT9XUzYHviIoi%2FOSkTLNL4BevfhmL4cg3ZSkhDYC1sUVARLyB64C%2FlUi%2Bw1439OoX9Y%2FEYA8r8q9AM2BBkj2wB1qVLJWsl9HxbbWT5gHuhru"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a6923180f2bac-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
bedrat.xyz/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 09 Jun 2023 05:49:24 GMT
Server
cloudflare
ETag
W/"6482bd64-3509"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAgYs%2BylmOYlJIm2rTW1P3FutHOZswIMd0jNDmA5pLqLMdnhD75p4j5qLWUWp74Pj7JzAlN5ZEc3jtMbBJv0UEp%2BaJxhe99zz8hvydnVNfN6mdM7VZ6NXtazsWECOTtU0N1DEUAAZ8z%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a69235de5b8c4-AMS
Expires
Thu, 31 Dec 2037 23:55:55 GMT
icon.png
bedrat.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/ 		15 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bedrat.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 16 Mar 2024 08:52:09 GMT
Server
cloudflare
ETag
W/"65f55db9-3d37"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkqIhDUAsYiumPkdcG9BBVDRv4RBqQz2V8jhUp4ZO5JoMt4To76uQdaTcla5bkqHgmow1pXcx4%2BFBiCnF1ZiVdhYtr3xzwW3z4kLLOqyJEYVRRULCrTQqUlQp3A4QRTbpn97qVWj1LGF"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=315360000
CF-RAY
865a69235b7865cc-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
d.svg
bedrat.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/ 		71 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bedrat.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/d.svg
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ed1f79aeb5a9c25435cb7b6d5335353448d2eefaac75fa24470d93a0d07fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 16 Mar 2024 08:52:09 GMT
Server
cloudflare
ETag
W/"65f55db9-11ba9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAveSLCU2mbN9oyWEWhWrbo86HZgqaQoMt%2Fl35rmn8%2FbOtNWusgyVE9teNp4hTDFjdRqVM2Q2zAg2pPcOkoomVyixkIQ5AO8m13zanzK27CZu%2B4qR9oSpJse45bJixdELq52qUWEbyZY"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
CF-RAY
865a692359f3361e-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
bedrat.xyz/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 02 Jan 2024 20:10:02 GMT
Server
cloudflare
ETag
W/"65946d9a-2b6d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoVQZ0Kc2%2BS8Ey07%2BPC7HXSIsDiO3Yo73hs63hB9Do5MKpHTGHn%2BHu8KAZUfX3zo00vDQGIM%2FbEjI8%2B35JP0mKHJiJsmKbkGl9fd3MUHqaB7rBH0EgEyYSmrhu5y0GyDwLM3na7%2BAvws"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a6923bbba65cc-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
bedrat.xyz/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 02 Jan 2024 20:10:02 GMT
Server
cloudflare
ETag
W/"65946d9a-337e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ot60C0fjyYwxFLuNXL2hgGlCDQgQ46t%2B3%2BrOoidbFn4lP%2BGKuSqMti7wYOhT8RNilZx6%2BICA2wyATrmqt8Y%2BLMqMveI6gzlvSywuCTh6xm4y%2BDewSi07ZOJ1EkuQMGeBsQ4cjQCq5bM%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a6923de29b8c4-AMS
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hoverIntent.min.js
bedrat.xyz/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-includes/js/hoverIntent.min.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 08 Apr 2022 20:07:18 GMT
Server
cloudflare
ETag
W/"625095f6-5db"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SU%2FoOwnOAfM%2BvW8ps0bRpXSQQ1kSOyQbWGGd3KfmxlJn0ngooBQ0n24ZklgrlYNIk6VwyLjsAcV42fx7IXxoYNp1tVA16iSG0w%2Bs8iJpfcrKuVHe3jdkg3kRY%2FJsIzgMt8JnxLbvQPwO"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a6923d8bd2bac-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wow.min.js
bedrat.xyz/wp-content/themes/mobdii/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/js/wow.min.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
W/"5eb47f26-20e0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pT1LY1PvHHrErxqg5EbimHBDcWCNE7vkQ49B%2Ftw2MmqTbWeL8FoylUzyQ%2FJdUbFTSo58egLPIVPYAAmE4OLPP6gb9Aw7h7any7v5MiFPFdz06WL5Em0pIlhWM3DFhFhvH9mNIp9RE5Rd"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a6923de306673-AMS
Expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
bedrat.xyz/wp-content/themes/mobdii/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/js/scripts.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079aaf2f516f94dd0d317c61df83204d057256bbe1e4c8d85c8728d84a4876c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
W/"5eb47f26-66dc"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMJgXDyRNXQjyFZkr2Msyyk7qRJ00kvx2Dnv2wYsaydEI9mrWIbeGJPtPxKKle8tGfxT0ZWmxo4FKk2WLHuoe%2BvcjTiziKBfMdwT%2F20mcYJ6c7TrTSHuLpAwrxkhnWaNjNfxbFsXH23W"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a6923de843684-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
skip-link-focus-fix.js
bedrat.xyz/wp-content/themes/mobdii/js/ 		880 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/js/skip-link-focus-fix.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
W/"5eb47f26-370"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZgD%2F5iuhvDW5q4%2FgnByQhM0GXhJ%2FhMSGW9BUMBIyJ3pIxKV%2Fi9pDHMIe46MhFcHdx2hr%2FdiO1XJBkBkbGBmQkJfsKwk2eDF4ICNi0IWg3grfzlBnvLQ82sZKDxQHMEEaPJYql5M3knUI"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a6923da50361e-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
5578.jpg
bedrat.xyz/wp-content/uploads/2024/01/ 		579 KB
580 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedrat.xyz/wp-content/uploads/2024/01/5578.jpg
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d7e790edf221be9aa339477962ba8506cc881be69a9a0d0355632cde82893fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105230
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 20:40:49 GMT
server
cloudflare
etag
W/"659474d1-90a84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5E28jeMCxo5Y7fu47oj0CJGcQGVGe7b0yBW%2BNXW7vSZGs8J1j41S6hjS9UGzGX%2F3XtNG9nx26h62IyLba0IfC%2BWaHlX2cE9MNr3naZBVE1j%2BVBiTnF%2BazVZQAhbkRIAmbuQBeLszXj7i"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
cf-ray
865a69247ea918d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2150970196.jpg
bedrat.xyz/wp-content/uploads/2024/01/ 		501 KB
502 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedrat.xyz/wp-content/uploads/2024/01/2150970196.jpg
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f9fdaf576630a01b397fef670d16e58bbc1235e16e15713837b6361ea9af10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105230
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 20:44:19 GMT
server
cloudflare
etag
W/"659475a3-7d41a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=namPIubtMprxhMEkMkIhrcKkf%2BcBMguXNxPIIQaUL3VBgZqGyTVpiAIJFl5rnA9blOoDDjkN5qasHYzN8gyHyAK0MrkRdqWQE907uXT24%2FABO2MwGf%2BwGqX9zLu%2FSNHpflcd8q2MASWi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
cf-ray
865a69247ea818d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2150970192.jpg
bedrat.xyz/wp-content/uploads/2024/01/ 		479 KB
480 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedrat.xyz/wp-content/uploads/2024/01/2150970192.jpg
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e68665ddca68bc176dbdbc37cac3f27d51d42bc19e11c43d859902a410adf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105224
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 20:23:33 GMT
server
cloudflare
etag
W/"659470c5-77ce4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMKYG%2BxBwhqKTv1Rn4JK0x0GSY2KvvosTiZdN7C4K4PXv%2B8AJA08ix6byKWHMLDR5%2B7YHPPWpSS7husj533YucVWyoP8D5Yz149%2BiTZDV2Y2Gl9lxAc%2BTm5bx9kxNTp1bVOu%2F06KVkyn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
cf-ray
865a69247ea618d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
82639.jpg
bedrat.xyz/wp-content/uploads/2024/01/ 		603 KB
604 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedrat.xyz/wp-content/uploads/2024/01/82639.jpg
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc9f0a43ded7d377db0d0adc2353480322cea5c2b2d8f96df9ed857d0fd006a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105276
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 20:37:58 GMT
server
cloudflare
etag
W/"65947426-96b05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7PMgJhEQTZyV6qV%2F%2BSadbGUhHn0%2FMsq9GAgOPyEnor5KjUnrcrCSRkHtaFfNKWFdY2JvvAzw1F4tzlGmowTLUE3k4dyF6Lal34gb5W8I8rft3%2BFOMvRMoHycKui7jpu4jq%2Fnkkpit4Ab"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
cf-ray
865a69247ea418d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
131400.jpg
bedrat.xyz/wp-content/uploads/2024/01/ 		400 KB
401 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedrat.xyz/wp-content/uploads/2024/01/131400.jpg
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43180bee65207adb620fd8fd354b89398b0e6e6dfed3daebe8ebf51539b7195f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105262
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 20:34:15 GMT
server
cloudflare
etag
W/"65947347-64008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmatGTZxBkwRg4QJQGNB9HUeIvDntUvS%2BdJa%2Btei3%2BFRuKmIDcy2B%2F1F0VyslCpRHHTncCgBbMEiINJA%2FPUdWgewu4LRm1NI7DQKTLw8RU2WjEBLuMpGjWd1mJu%2F8hX4ZDmiHtkdiwLx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
cf-ray
865a69247ea518d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
collage-finance-banner-concept.jpg
bedrat.xyz/wp-content/uploads/2024/01/ 		562 KB
563 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedrat.xyz/wp-content/uploads/2024/01/collage-finance-banner-concept.jpg
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37fd2417c51c45b1cc483b30c2a07d8dc49b28ab3fb753dbc91f4d0684cbd48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105224
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 20:48:10 GMT
server
cloudflare
etag
W/"6594768a-8c6f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7OH1qPNl72RDm%2BJXfwCf%2FYvSaT8JPKtlQUJRZRlpygfXCd%2F%2Ba1GSKTvCIdoFu8usz3D0OU4X68dsKXlIvh1cU%2Bc5%2FJAtUt6jUPV0juyTVyP7mqyDNhXhvKQNiesmi8nMJNxOKEx5%2FkfI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
cf-ray
865a69247ea718d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
NeoSansArabicMedium.woff2
bedrat.xyz/wp-content/themes/mobdii/fonts/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/fonts/NeoSansArabicMedium.woff2
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/wp-content/themes/mobdii/style.css
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd203e960c4febcf631c11b74960770314414a61cbda09799d74b604a4c42b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bedrat.xyz/wp-content/themes/mobdii/style.css
Origin
http://bedrat.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:56 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
51220
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
"c814-5a515a9219580"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wKydGMKDRbvG2zGUu3DTYOvjxiW%2B7yu2sZCD3glXonaHGqSOdfE0w%2F48jE9X3%2FS03QYht6W1jlBJF%2BO2qo9QmQpirFzZbQXTYNxtYXTb1D0uNamHtS4qTLmpqfEMWf3DHWaNJJw4pxa"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
865a69243a8e361e-FRA
fontawesome-webfont.woff2
bedrat.xyz/wp-content/themes/mobdii/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-content/themes/mobdii/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/wp-content/themes/mobdii/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bedrat.xyz/wp-content/themes/mobdii/css/font-awesome.min.css
Origin
http://bedrat.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:56 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
71896
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 May 2020 21:35:34 GMT
Server
cloudflare
ETag
"118d8-5a515a9219580"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlG73MLl7zCRV03q2UkswQPn7FuAiEjBK3dR9RKT7KhPYCxJB8eX3SvD32cyD%2BUMvOsDkvTSzHuhYuU8EUSJWv%2F4wl2HhYCtbB1qY1yX9sTbHnMemXszFlvpzQY6N9%2FKBITX7o%2FkGbGl"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
865a692439022bac-FRA
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-170273213-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TVT7LVX7RY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81439587082c5754e07ca5a49b7431e3bf1d84ba69268320096f97dc6923baba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71938
x-xss-protection
0
last-modified
Sun, 17 Mar 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Mar 2024 04:58:56 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TVT7LVX7RY&gtm=45je43d0v9123125049za200&_p=1710651535766&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=468316868.1710651536&ul=en-us&sr=1600x1200&pscdl=noapi&_s=1&sid=1710651535&sct=1&seg=0&dl=http%3A%2F%2Fbedrat.xyz%2F&dt=bedrat%20%E2%80%93%20bedrat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=498
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TVT7LVX7RY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Mar 2024 04:58:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://bedrat.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b1122098b3f66f2fe2be31c8e7c773eaef3202bd4713dfa9bf320ea31db1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28559
x-xss-protection
0
server
cafe
etag
88 / 19799 / m202403130101 / config-hash: 15864570305302719697
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 04:58:56 GMT

Redirect headers

Date
Sun, 17 Mar 2024 04:58:56 GMT
X-Content-Type-Options
nosniff
Server
cafe
Vary
Accept-Encoding
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Sun, 17 Mar 2024 04:58:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDN82KS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4a7b35c683070205142cfa9a454acf622935a920030276fb676c192fe62963f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28563
x-xss-protection
0
server
cafe
etag
895 / 19799 / m202403130101 / config-hash: 15864570305302719697
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 04:58:56 GMT
wp-emoji-release.min.js
bedrat.xyz/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bedrat.xyz/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ca37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 04:58:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Cache
HIT from Backend
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 02 Feb 2023 00:53:25 GMT
Server
cloudflare
ETag
W/"63db0985-4904"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXSorvvj1c7ryovo7oNSIQM1K69TJTyzlVQJhh9v1SBZnEP8asja%2BRnSABlniGuRJvd7%2Fh9fz0ksHDV9pB0RoRxa%2BYLG8xZij5%2FR09nRXqZbUG%2B2jPEc1d0s2yunhU%2BhxYxNxW9FEYkj"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
865a69247c3065cc-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2818995a2a0ae6968b69c7f35f80275b13024a6e88d18c00c9fe9b78d9301167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50907
x-xss-protection
0
server
cafe
etag
17888383903770375243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 17 Mar 2024 04:58:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9c8aac2ce3d2280f63316b5de24a48cb5f4fea20ade84d3269b70fa285e198e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50913
x-xss-protection
0
server
cafe
etag
10439820944696349248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 17 Mar 2024 04:58:56 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-170273213-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 17 Mar 2024 03:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4248
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 17 Mar 2024 05:48:08 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/ 		433 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d76947c8cf14073f1ddd3d2243a869413b89c0e0fa1aaa9382c5526391ffc63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 18:20:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
38297
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139511
x-xss-protection
0
server
cafe
etag
4094789103652271715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 16 Mar 2025 18:20:39 GMT
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2144433577&t=pageview&_s=1&dl=http%3A%2F%2Fbedrat.xyz%2F&ul=en-us&de=UTF-8&dt=bedrat%20%E2%80%93%20bedrat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=455812794&gjid=1139641422&cid=468316868.1710651536&tid=UA-170273213-1&_gid=909998025.1710651536&_r=1&gtm=457e43d0z89123125049za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=787839829
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://bedrat.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Mar 2024 04:58:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://bedrat.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		89 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2868621071018607&correlator=1131685893556105&eid=44777897&output=ldjh&gdfp_req=1&vrg=202403130101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23048872711%2Cidea3%2Cidea4%2Cidea5%2Cidea6&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%7C750x200%7C728x90%7C250x250%7C336x280%7C970x90%7C240x400%7C970x250%2C300x250%7C750x200%7C728x90%7C250x250%7C336x280%7C970x90%7C240x400%7C970x250%2C300x250%7C750x200%7C728x90%7C250x250%7C336x280%7C970x90%7C240x400%7C970x250%2C300x250%7C750x200%7C728x90%7C250x250%7C336x280%7C970x90%7C240x400%7C970x250&ifi=1&sfv=1-0-40&sc=0&abxe=1&dt=1710651536374&lmt=1710651536&adxs=650%2C-9%2C-9%2C-9&adys=228%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbedrat.xyz%2F&vis=1&psz=1200x0%7C0x-1%7C0x-1%7C0x-1&msz=1200x0%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0&dlt=1710651535749&idt=602&adks=4171548686%2C22989631%2C2848573961%2C3380749514&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5bdc24639b69507cb88b32448f3b9795e980e6ffcfbee8d7028a52e60a38389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26187
x-xss-protection
0
google-lineitem-id
-1,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://bedrat.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		56 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2868621071018607&correlator=1131685893556105&eid=44777897&output=ldjh&gdfp_req=1&vrg=202403130101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23048872711%2Cidea0&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&fas=1&sc=0&abxe=1&dt=1710651536379&lmt=1710651536&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbedrat.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&dlt=1710651535749&idt=602&adks=4211955086&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaafe03a9e642b63a949430cdf0320ac73a1f791d6404ce909264016e4272df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13068
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://bedrat.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9bccdaf803b961326c2fbf7babcea57f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2245 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9bccdaf803b961326c2fbf7babcea57f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bedrat.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Mar 2024 04:58:56 GMT
expires
Mon, 17 Mar 2025 04:58:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a77afe26d1cac9c363a1cc1ac22aeeaad241f79ecf2bd28b5810668055a0557e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 18:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
37763
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14990
x-xss-protection
0
server
cafe
etag
6471512203304387839
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 16 Mar 2025 18:29:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca61d8afe7c7928105198fe2d27e7748e343c6e1425afa0262d2a61f4d41d1d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12429
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 04:58:56 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402262017000/ Frame 62FE 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Mar 2024 08:53:20 GMT
age
417937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56141
x-xss-protection
0
server
sffe
etag
"28cb2d39d2a36ad8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Mar 2025 08:53:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 62FE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 18:11:24 GMT
age
470853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5220
x-xss-protection
0
server
sffe
etag
"49cab81f34612748"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 18:11:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 62FE 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Mar 2024 08:56:50 GMT
age
417727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29016
x-xss-protection
0
server
sffe
etag
"d87e4eaec13170fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Mar 2025 08:56:50 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 62FE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 18:11:24 GMT
age
470853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"92d49a70059f031a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 18:11:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 62FE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 18:11:24 GMT
age
470853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12941
x-xss-protection
0
server
sffe
etag
"abc788b0a91a2b6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 18:11:24 GMT
css
fonts.googleapis.com/ Frame 62FE 		4 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Mar 2024 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Mar 2024 04:57:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Mar 2024 04:58:56 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 62FE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 18:57:50 GMT
x-content-type-options
nosniff
server
cafe
age
36066
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 17 Mar 2024 18:57:50 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 62FE 		295 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 17:34:54 GMT
x-content-type-options
nosniff
server
cafe
age
41042
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 17 Mar 2024 17:34:54 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/17987569142318913229/ Frame 62FE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17987569142318913229/14763004658117789537?w=300&h=300&tw=1&q=75
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0097eb2267d62a34fa957c3eb923cbfd4e24cc91bd7fdec18572a995a7a521fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 15 Mar 2025 05:12:30 GMT
date
Fri, 15 Mar 2024 05:12:30 GMT
x-content-type-options
nosniff
age
171986
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3920
x-xss-protection
0
last-modified
Thu, 25 May 2023 17:12:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/15038374023391797729/ Frame 62FE 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15038374023391797729/14763004658117789537
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc57707315ea7ed88ba279020eabb875f32debea06e389cb2a86ea53115d449d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 14 Mar 2025 15:00:51 GMT
date
Thu, 14 Mar 2024 15:00:51 GMT
x-content-type-options
nosniff
age
223085
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185793
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 10:45:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 62FE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b368fbabc6db8d68dd27d8fbc31c2211332b91d6dd783744395c2767c333c250

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 62FE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://bedrat.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:16:13 GMT
x-content-type-options
nosniff
age
463364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 20:16:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4C2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bedrat.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
53042
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 14:14:55 GMT
expires
Sun, 16 Mar 2025 14:14:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402262017000/ Frame 4D13 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Mar 2024 08:53:20 GMT
age
417937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56141
x-xss-protection
0
server
sffe
etag
"28cb2d39d2a36ad8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Mar 2025 08:53:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 4D13 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 18:11:24 GMT
age
470853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5220
x-xss-protection
0
server
sffe
etag
"49cab81f34612748"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 18:11:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 4D13 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Mar 2024 08:56:50 GMT
age
417727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29016
x-xss-protection
0
server
sffe
etag
"d87e4eaec13170fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Mar 2025 08:56:50 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 4D13 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 18:11:24 GMT
age
470853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"92d49a70059f031a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 18:11:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 4D13 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 18:11:24 GMT
age
470853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12941
x-xss-protection
0
server
sffe
etag
"abc788b0a91a2b6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 18:11:24 GMT
css
fonts.googleapis.com/ Frame 4D13 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Mar 2024 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Mar 2024 03:46:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Mar 2024 04:58:57 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 4D13 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 18:57:50 GMT
x-content-type-options
nosniff
server
cafe
age
36067
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 17 Mar 2024 18:57:50 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 4D13 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 17:34:54 GMT
x-content-type-options
nosniff
server
cafe
age
41043
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 17 Mar 2024 17:34:54 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7577535885673247725/ Frame 4D13 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7577535885673247725/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a635364d7cf9a30593c7c7e976d0a6cfe28a817203b5f3448c5064010fe67c4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 14 Mar 2025 14:35:24 GMT
date
Thu, 14 Mar 2024 14:35:24 GMT
x-content-type-options
nosniff
age
224613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19573
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 15:47:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 4D13 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a6208ded57dc87709a4589f9b775688d1738499c55f5ebd2527fe6974aedc30

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4D13 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://bedrat.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 04:01:15 GMT
x-content-type-options
nosniff
age
435462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 04:01:15 GMT
J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame B4C2 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
54334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Mar 2025 13:53:23 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame 62FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=Cp7tskHj2Zav6GbjC7_UPsPu_sA6XyZqfdtat6NGiEq_q5PHIARABIJa_sKABYJWCgICwB6ABmfrpyCnIAQmpApzIbW2TRLI-4AIAqAMByAMKqgTqAU_Qouxvy5ijqsjmEpSHjWI4yN6VYalA-KlMBU8PBBGkAcjzDRljtf1bwbM1z3Hl93OPbo829RacsTMI7qpxyqJ3lSrTT5kpQZjscYjYgVDFfqgHfkYsGX0JQXYoDdn2ziDR_gDwOjRFo4Mly1aBjOurPkG4aVxFPcDx9FfNlmWGwl-7idg2W-582vJkAn5GpZW0bhYyIp4nvMDSmtLBvBnAIxiQ_E3gQL4XKf5559Yx92d0dAVNlep0foC4m8paUfBkbAGA6jibVLigig586WyKOXbvmIISU-YzyWRbudY0DAOB6QrkarkEe8AE7ryh-qIE4AQBiAWtj4yfS5IFBAgEGAGSBQQIBRgEoAYugAeZsrqoBKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEEJ3iNNIIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOljghabJwfqEA5oJkwJodHRwczovL3d3dy5lbnBhbC5kZS9hcnRpa2VsNC93YWVybWVwdW1wZS1mdXItMGV1LWFuemFobHVuZy11bmQtNzAtZm9lcmRlcnVuZy1zby1yZXZvbHV0aW9uaWVydC1kaWVzZXMtdW50ZXJuZWhtZW4tZGVuLWRldXRzY2hlbi1tYXJrdD91dG1fc291cmNlPWdkbl93cCZ1dG1fY2FtcGFpZ249MjAxOTc4Njk0ODUmdXRtX3Rlcm09MTQ2ODIyMTU5OTgyJnV0bV9jb250ZW50PTY5Mzc2MTA1NDI4OCZ1dG1fcGxhY2VtZW50PWJlZHJhdC54eXomdXRtX2RldmljZT1jJmRldmljZW1vZGVsPYAKA8gLAeINEwjRsabJwfqEAxU44bsIHbD9D-a4E-QD2BMN0BUBgBcBshcfCh0IABIUcHViLTU1MjY3OTAwNTg5MTc4ODcYip6dAbIYCRICzl4YLiIBAA&sigh=Et2jIsc3eew&uach_m=%5B%5D&ase=2&nis=5&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
adview
pagead2.googlesyndication.com/pagead/ Frame 4D13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CD0LtkHj2ZduSMcbE7_UPycGdwAyv086bdri6keLHEduMzZiMDhABIJa_sKABYJWCgICwB6AB2d2JxgPIAQmpApzIbW2TRLI-4AIAqAMByAMKqgTtAU_Q5-0A-S-TCrM7iYnLdciNCFv86-W-a5aXyb1FHU8WHwdCjjBU3EINMBgMLFZZV_tiwCFwnWjvVD5ubwf9RuhDioxgGSF8HwGfDoYkcJVQWAPl7m14sxBgGujipD-T9E3UBqZZLfoC8rR1rIrDyOyT4WOk8mrRPsi4owhuyo08k0fNtMbawoFHK047Nt7hdbm4VUbFlkab2rGaER8SBoADupKGx7aVYV2RsBcYHsf5Ja9WbuP0HGM8MsRojUeGLH6OYcZNLeOVPg83AuxfTBBjlT_kK-JESQqTYKNge-5CTNX-DV70_9KkFb8dzsAE7ejwtMID4AQBiAXSlofWL5IFBAgEGAGSBQQIBRgEoAYugAePovY5qAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQjYcC0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WPnApsnB-oQDmgk1aHR0cHM6Ly93d3cuaGF1c2ZyYWdlLmRlL2FydGlrZWwvZGVyLWZlaGxlci1iZWktc29sYXKACgPICwHiDRMIguemycH6hAMVRuK7CB3JYAfI2BMMiBQV0BUBgBcBshcfCh0IABIUcHViLTU1MjY3OTAwNTg5MTc4ODcYip6dAbIYCRICzl4YLiIBAOgYAQ&sigh=rc-EO_0jyKI&uach_m=%5B%5D&ase=2&nis=5&template_id=5000&cbvp=2
Requested by
Host: bedrat.xyz
URL: http://bedrat.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B4C2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?psASVw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 04:58:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403130101&jk=2868621071018607&bg=!xsWlxYrNAAY_ejuoH3o7ADQBe5WfOB1_UMKpeO89s_JUnE7k27Bbze8HPnHxmIaspiJ5PM0zgKOmzhYbVJxDnNhMSCVtAgAAADlSAAAAAmgBB5kCv6RhCXYtV8ccFMeNf6ngOk_Blz8DzIPpyw1RUpQzJM1skez3VOucb6pOjlezdBQyid3xPrQXJzwDCxtR_fbnsJR7a8Kr89vCeK6mbCsXk--idWsoOW7iONgju2o_F2Oyx5UCqjIHg-bJAGMjXDQQhzizuS1LIb3wUetlHi8RRkqkVx1iTm4h6NoM31FYv5QZUTDTp5azxjZ5KFmw1fZE_poNqVbBYPNou18OBjb2_9JNZSGfkWdPP98UY-B8RNDC56XHWouuBysW0lOYPA55zfRBGLXu-_8iEbumJzabKwSf25CwOvwrtTodde4AkvkIC1IjleUZbapjgzjc7Ak4dQYCQbpOUZg-b04xlM6WOAQdWdT2UcJWTDjKnmHBaTfcggvybJVcDj7w0sta060W8BLIcahLlLgaB4VZNY35FfR_r5qCvROekveo8FhUsB6CeSU5bVSdPynWzukArftlkWPGof-N6sBKkiDk-BQ_YisGBHYmcbIvjVmff1u1abxJDUXVp6chmue9rNd90Q5Fo55vuz3bYmx0MZaHPEevAiuUEDHHmA9QJw5ho5mphY32ZCQRDHRHGf3v270m80_WzrcO4kdrfx2ePCXoNROj67DBwzOn77b9ch_buTJnv3StcYvNULyuBU9LYxNn7COPmord1bprTktdeMCKUgayCkU5SUFYc95jFc-DJCY_mFa18ZXSu203O5sVJcVwKFAao1JF78-W7fxmaJSb9-zo7sBkMzR1Ikp_O9fE9RZQrOtqVSDZ5INrq6bau4yYJrQyn_INdmLvFoA6p9TjV0poNUq69jTK83OJ0nIWA6QNX53027XUpPqJ-vWt9yW9JyJJgx_beV5Lpugl_cKZMLPtV6wrPmm_vpXk5dRf4DL_EBBw7-OL_KlH-I3IxyHuj8siYpVfWiJZxMGzBNRhwrKpzMk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 62FE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucFYiHz4I2U5Bmxt38aiefZja1Qmu_TLw24PdylmYtYQJCk635cE8hlCd1f0a3tXK_q6x94gSAeHlAoS4_SLua6fZoyAh304dVqyTvXS_aC3Z3Dfvr6L9usSVt3_6FOlCHtAZdAwux22fsbaGMUJjrE6laJAdB1qje09TSjzk&sig=Cg0ArKJSzAtb8GtfNwROEAE&id=ampim&o=315,228&d=970,400&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=332&tls=1332&g=100&h=100&tt=1332&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Mar 2024 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D13 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyPu9r6kPSIgLIkLAI-3mUcYOL1FJV6_hbCARchIC8pyfZ1TCDvlR_-TXGiLdT28DSb0y6D27h5pXL1742FW_H7XQFyIo-6GTttmas3GLPJjRyUVo96mkHkVzlR9Nb3WI58K1dYNl1uTg9Ccdw3Ug4fezykA9CrsjcTamy0X0&sig=Cg0ArKJSzE7OToIoJKrEEAE&id=ampim&o=298,1211&d=1005,124&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=136&tls=1454&g=55.645161867141724&h=100&tt=1454&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bedrat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Mar 2024 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer function| gtag object| _wpemojiSettings undefined| $ function| jQuery object| _0xc27e function| _0xe42c function| yvvcmfkugrerjjzruxtvjgwqmdrkhrdkrmoxlxyywznkmkxczhycdbmtuvvtvnbvxeboubemgcefiycefiy function| hasClass function| addClass function| removeClass function| bfvilgywwzrenrulfudgbmnynlyrzhcczzowtbmckdatzyzwwuywesemhrrubjvhcenxvxhwacefiycefiy function| kzkaljvqjjsmdncuwzmahmycwpdelmalqrlvjzxhmytdsmdmwhlqvnpjrefmuctinglbldlnfvqwfnvqcefiycefiy function| chp_ads_blocker_detector function| fairAdblock function| adsBlocked function| checkMultiple function| init object| google_tag_manager object| google_tag_data object| gaGlobal object| gptadslots object| googletag object| gptAdSlots object| interstitialSlot object| swv object| wpcf7 function| WOW string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| ggeac object| google_js_reporting_queue object| anchorSlot_2 object| gaplugins object| gaData number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle number| google_unique_id object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

6 Cookies

Domain/Path Name / Value
bedrat.xyz/ Name: PHPSESSID
Value: ve8p2ft08dq4v6rfrcuj1ki28v
.bedrat.xyz/ Name: _ga_TVT7LVX7RY
Value: GS1.1.1710651535.1.0.1710651535.0.0.0
.bedrat.xyz/ Name: _ga
Value: GA1.2.468316868.1710651536
.bedrat.xyz/ Name: _gid
Value: GA1.2.909998025.1710651536
.bedrat.xyz/ Name: _gat_gtag_UA_170273213_1
Value: 1
.bedrat.xyz/ Name: __eoi
Value: ID=e13ecb50013dda89:T=1710651536:RT=1710651536:S=AA-AfjYKozkKM5fUaVmuutsDSLdb

1 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9bccdaf803b961326c2fbf7babcea57f.safeframe.googlesyndication.com
bedrat.xyz
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:3030::6815:e17
2606:4700:3037::ac43:ca37
2a00:1450:4001:801::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0097eb2267d62a34fa957c3eb923cbfd4e24cc91bd7fdec18572a995a7a521fb
06c9c9a9b053770912ee9ed2d5f7f4c2a7121983dcc79df3aeda47237bb9b46e
079aaf2f516f94dd0d317c61df83204d057256bbe1e4c8d85c8728d84a4876c2
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
2818995a2a0ae6968b69c7f35f80275b13024a6e88d18c00c9fe9b78d9301167
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
390c258a57167a6737ed710888142f45211fd7de1bda9293874e9fab11682fd7
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3cc9f0a43ded7d377db0d0adc2353480322cea5c2b2d8f96df9ed857d0fd006a
43180bee65207adb620fd8fd354b89398b0e6e6dfed3daebe8ebf51539b7195f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b1122098b3f66f2fe2be31c8e7c773eaef3202bd4713dfa9bf320ea31db1ed9
4d7e790edf221be9aa339477962ba8506cc881be69a9a0d0355632cde82893fe
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51ed1f79aeb5a9c25435cb7b6d5335353448d2eefaac75fa24470d93a0d07fde
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5636042e69b59d87ebb2c9e07e01d9d6f8a5829b14db4fcd3293631bac7c1727
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
5a6208ded57dc87709a4589f9b775688d1738499c55f5ebd2527fe6974aedc30
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80f58eac93daba432923053c9be161492b8ddc5ae485c36641295ea5db14a2e9
81439587082c5754e07ca5a49b7431e3bf1d84ba69268320096f97dc6923baba
81e68665ddca68bc176dbdbc37cac3f27d51d42bc19e11c43d859902a410adf5
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a5bdc24639b69507cb88b32448f3b9795e980e6ffcfbee8d7028a52e60a38389
a635364d7cf9a30593c7c7e976d0a6cfe28a817203b5f3448c5064010fe67c4d
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a77afe26d1cac9c363a1cc1ac22aeeaad241f79ecf2bd28b5810668055a0557e
aaafe03a9e642b63a949430cdf0320ac73a1f791d6404ce909264016e4272df6
b368fbabc6db8d68dd27d8fbc31c2211332b91d6dd783744395c2767c333c250
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
ca61d8afe7c7928105198fe2d27e7748e343c6e1425afa0262d2a61f4d41d1d7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d76947c8cf14073f1ddd3d2243a869413b89c0e0fa1aaa9382c5526391ffc63a
d9c8aac2ce3d2280f63316b5de24a48cb5f4fea20ade84d3269b70fa285e198e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e37fd2417c51c45b1cc483b30c2a07d8dc49b28ab3fb753dbc91f4d0684cbd48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f9fdaf576630a01b397fef670d16e58bbc1235e16e15713837b6361ea9af10
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a7b35c683070205142cfa9a454acf622935a920030276fb676c192fe62963f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f81aeb169026b59bc73a0e18d05be0ae7b7916eb1c96f68d07a8b71569c89093
fc57707315ea7ed88ba279020eabb875f32debea06e389cb2a86ea53115d449d
fd203e960c4febcf631c11b74960770314414a61cbda09799d74b604a4c42b64