urlscan.io logo urlscan.io
SecurityTrails logo

ba.n1info.com Open in urlscan Pro
104.18.11.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ba.n1info.com/
Effective URL: https://ba.n1info.com/
Submission: On November 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 13 countries across 64 domains to perform 530 HTTP transactions. The main IP is 104.18.11.188, located in and belongs to CLOUDFLARENET, US. The main domain is ba.n1info.com. The Cisco Umbrella rank of the primary domain is 243520.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2022. Valid for: a year.
This is the only time ba.n1info.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.10.188 13335 (CLOUDFLAR...)
100 104.18.11.188 13335 (CLOUDFLAR...)
3 104.26.14.10 13335 (CLOUDFLAR...)
4 104.18.226.52 13335 (CLOUDFLAR...)
2 172.67.206.57 13335 (CLOUDFLAR...)
4 46.19.15.13 51790 (SIEL)
2 23.36.163.230 20940 (AKAMAI-ASN1)
2 46.19.9.50 51790 (SIEL)
1 4 141.95.172.71 16276 (OVH)
13 142.250.185.168 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 23.205.226.58 16625 (AKAMAI-AS)
7 216.239.34.178 15169 (GOOGLE)
3 13.107.219.45 8075 (MICROSOFT...)
3 185.60.216.19 32934 (FACEBOOK)
2 99.86.8.13 16509 (AMAZON-02)
3 8 87.250.251.119 13238 (YANDEX)
7 65.9.66.83 16509 (AMAZON-02)
3 34.249.188.76 16509 (AMAZON-02)
2 96.16.135.39 16625 (AKAMAI-AS)
4 104.17.24.14 13335 (CLOUDFLAR...)
1 146.59.30.96 16276 (OVH)
3 104.16.86.20 13335 (CLOUDFLAR...)
1 3.219.86.100 14618 (AMAZON-AES)
24 142.250.185.162 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
4 46.19.9.11 51790 (SIEL)
2 46.19.9.32 51790 (SIEL)
3 3 37.157.4.25 198622 (ADFORM)
2 3 46.19.11.36 51790 (SIEL)
4 4 109.206.182.78 50245 (SERVEREL-AS)
2 109.206.161.115 50245 (SERVEREL-AS)
2 23.3.108.242 16625 (AKAMAI-AS)
1 185.60.216.35 32934 (FACEBOOK)
1 34.251.7.23 16509 (AMAZON-02)
1 3 13.32.28.197 16509 (AMAZON-02)
1 99.86.1.2 16509 (AMAZON-02)
2 142.251.5.154 15169 (GOOGLE)
2 142.250.185.234 15169 (GOOGLE)
8 185.97.52.29 51790 (SIEL)
1 46.19.11.65 51790 (SIEL)
2 172.217.16.132 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
4 172.217.16.195 15169 (GOOGLE)
3 52.224.31.34 8075 (MICROSOFT...)
2 104.26.9.169 13335 (CLOUDFLAR...)
2 162.19.138.82 16276 (OVH)
24 37.157.6.245 198622 (ADFORM)
1 9 35.244.159.8 15169 (GOOGLE)
7 185.184.8.90 204995 (RTB-HOUSE...)
3 12 185.89.210.122 29990 (ASN-APPNEX)
7 213.19.162.41 3356 (LEVEL3)
7 72.251.249.14 32475 (SINGLEHOP...)
7 178.250.0.165 44788 (ASN-CRITE...)
7 81.17.55.113 60781 (LEASEWEB-...)
7 104.18.33.19 13335 (CLOUDFLAR...)
7 212.77.99.29 12827 (WIRTUALNA...)
7 104.22.55.206 13335 (CLOUDFLAR...)
3 99.86.3.236 16509 (AMAZON-02)
1 52.51.156.2 16509 (AMAZON-02)
18 37.157.6.236 198622 (ADFORM)
16 142.250.186.162 15169 (GOOGLE)
2 142.250.186.66 15169 (GOOGLE)
11 142.250.185.97 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
11 178.250.0.130 44788 (ASN-CRITE...)
1 54.71.217.198 16509 (AMAZON-02)
1 104.22.53.86 13335 (CLOUDFLAR...)
1 18.190.65.196 16509 (AMAZON-02)
5 142.250.186.130 15169 (GOOGLE)
1 99.86.4.122 16509 (AMAZON-02)
1 65.9.66.21 16509 (AMAZON-02)
24 142.250.185.65 15169 (GOOGLE)
1 178.250.2.129 44788 (ASN-CRITE...)
1 178.250.0.138 44788 (ASN-CRITE...)
1 142.250.184.206 15169 (GOOGLE)
1 142.250.185.174 15169 (GOOGLE)
7 14 142.250.186.98 15169 (GOOGLE)
3 7 185.80.39.216 27381 (CASALE-MEDIA)
2 4 18.203.49.121 16509 (AMAZON-02)
31 142.250.185.102 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 204.79.197.200 8068 (MICROSOFT...)
1 178.250.0.160 44788 (ASN-CRITE...)
2 4 142.250.185.198 15169 (GOOGLE)
7 178.250.0.139 44788 (ASN-CRITE...)
1 178.250.2.150 44788 (ASN-CRITE...)
4 216.58.212.130 15169 (GOOGLE)
3 143.204.215.77 16509 (AMAZON-02)
11 52.10.37.64 16509 (AMAZON-02)
2 178.250.0.157 44788 (ASN-CRITE...)
2 2 18.195.166.51 16509 (AMAZON-02)
1 66.155.71.149 13768 (COGECO-PEER1)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 185.86.137.108 201081 (SMARTADSE...)
1 185.29.134.248 30419 (MEDIAMATH...)
2 2 52.223.40.198 16509 (AMAZON-02)
3 185.86.139.57 201081 (SMARTADSE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 3.122.182.165 16509 (AMAZON-02)
1 1 178.250.2.151 44788 (ASN-CRITE...)
530 94
1    104.18.10.188 (None, )

ASN13335 (CLOUDFLARENET, US)
ba.n1info.com
100    104.18.11.188 (None, )

ASN13335 (CLOUDFLARENET, US)
ba.n1info.com
3    104.26.14.10 (United States)

ASN13335 (CLOUDFLARENET, US)
lib.wtg-ads.com
4    104.18.226.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    172.67.206.57 (United States)

ASN13335 (CLOUDFLARENET, US)
linker.ba
4    46.19.15.13 (Slovenia)

ASN51790 (SIEL, SI)
PTR: cex2.irv.si
ba.contentexchange.me
tracker_ba.contentexchange.me
2    23.36.163.230 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-230.deploy.static.akamaitechnologies.com
consent.cookiebot.com
2    46.19.9.50 (Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130C26.rDNS.SiEL.si
ug.contentexchange.me
4    141.95.172.71 (France)

ASN16276 (OVH, FR)
PTR: ns3214334.ip-141-95-172.eu
gars.hit.gemius.pl
13    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.monadplug.com
2    23.205.226.58 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-226-58.deploy.static.akamaitechnologies.com
consentcdn.cookiebot.com
7    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    13.107.219.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
2    99.86.8.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-13.fra6.r.cloudfront.net
static.chartbeat.com
8    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
7    65.9.66.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-83.fra56.r.cloudfront.net
script.dotmetrics.net
3    34.249.188.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-188-76.eu-west-1.compute.amazonaws.com
tentacles.smartocto.com
2    96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com
tags.bkrtx.com
4    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu
ls.hit.gemius.pl
3    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    3.219.86.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-86-100.compute-1.amazonaws.com
ping.chartbeat.net
24    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googletagservices.com
securepubads.g.doubleclick.net
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    46.19.9.11 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trafex.serv.si
hb.contentexchange.me
2    46.19.9.32 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trfx.serv.si
collector_sr.contentexchange.me
3    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
3    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
4    109.206.182.78 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.182.78.serverel.net
sync2.adnetwork.agency
2    109.206.161.115 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.115.serverel.net
sync1.adnetwork.agency
2    23.3.108.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-242.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
1    34.251.7.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-7-23.eu-west-1.compute.amazonaws.com
api.smartocto.com
3    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    99.86.1.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-2.fra6.r.cloudfront.net
d3div1mtym39ic.cloudfront.net
2    142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
2    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
8    185.97.52.29 (Slovenia)

ASN51790 (SIEL, SI)
PTR: cex1.vsn.serv.si
images4.contentexchange.me
1    46.19.11.65 (Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130B41.rDNS.SiEL.si
www.contentexchange.me
2    172.217.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f4.1e100.net
www.google.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.google.de
4    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
fonts.gstatic.com
3    52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
2    104.26.9.169 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
24    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
waytogrow-d.openx.net
eu-u.openx.net
us-u.openx.net
7    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
12    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
7    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
7    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
7    81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
7    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
7    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
7    104.22.55.206 (None, )

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
3    99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    52.51.156.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-156-2.eu-west-1.compute.amazonaws.com
ingestion.smartocto.com
18    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
16    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
adservice.google.de
pagead2.googlesyndication.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com
11    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
cdn.ampproject.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
11    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    54.71.217.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-217-198.us-west-2.compute.amazonaws.com
id.sharedid.org
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    18.190.65.196 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-65-196.us-east-2.compute.amazonaws.com
prod.uidapi.com
5    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.de
googleads.g.doubleclick.net
1    99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net
wrappers.geoedge.be
1    65.9.66.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-21.fra56.r.cloudfront.net
rumcdn.geoedge.be
24    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
tpc.googlesyndication.com
1    178.250.2.129 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    178.250.0.138 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
encrypted-tbn3.gstatic.com
1    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
encrypted-tbn2.gstatic.com
14    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    18.203.49.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-49-121.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
31    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
s0.2mdn.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
4    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
7    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
1    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
googleads4.g.doubleclick.net
3    143.204.215.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-77.fra53.r.cloudfront.net
static.adsafeprotected.com
11    52.10.37.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-37-64.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    18.195.166.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-166-51.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    213.155.156.181 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    3.122.182.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-182-165.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
Apex Domain
Subdomains		 Transfer
101 n1info.com
ba.n1info.com — Cisco Umbrella Rank: 243520
6 MB
45 googlesyndication.com
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
281 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
ad.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
bid.g.doubleclick.net — Cisco Umbrella Rank: 859
286 KB
45 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4184
adx.adform.net — Cisco Umbrella Rank: 3009
s1.adform.net — Cisco Umbrella Rank: 4236
track.adform.net — Cisco Umbrella Rank: 2405
c1.adform.net — Cisco Umbrella Rank: 865
457 KB
31 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
816 KB
24 contentexchange.me
ba.contentexchange.me — Cisco Umbrella Rank: 448910
ug.contentexchange.me — Cisco Umbrella Rank: 55455
tracker_ba.contentexchange.me
hb.contentexchange.me — Cisco Umbrella Rank: 38169
collector_sr.contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 20211
images4.contentexchange.me — Cisco Umbrella Rank: 45496
www.contentexchange.me — Cisco Umbrella Rank: 72976
662 KB
19 criteo.net
static.criteo.net — Cisco Umbrella Rank: 590
pix.eu.criteo.net — Cisco Umbrella Rank: 4492
csm.eu.criteo.net — Cisco Umbrella Rank: 4579
401 KB
18 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 995
static.adsafeprotected.com — Cisco Umbrella Rank: 674
dt.adsafeprotected.com — Cisco Umbrella Rank: 601
198 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 689
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
8 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 814
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 7412
ads.eu.criteo.com — Cisco Umbrella Rank: 4506
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 5718
gum.criteo.com — Cisco Umbrella Rank: 434
dis.criteo.com — Cisco Umbrella Rank: 786
57 KB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
339 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
10 KB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1523
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1182
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615
13 KB
9 openx.net
waytogrow-d.openx.net — Cisco Umbrella Rank: 31162
eu-u.openx.net — Cisco Umbrella Rank: 2309
us-u.openx.net — Cisco Umbrella Rank: 585
11 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1292
h.clarity.ms — Cisco Umbrella Rank: 138098
c.clarity.ms — Cisco Umbrella Rank: 2038
23 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
region1.google-analytics.com — Cisco Umbrella Rank: 1166
106 KB
7 connectad.io
i.connectad.io — Cisco Umbrella Rank: 8137
2 KB
7 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 9765
585 B
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
4 KB
7 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 607
4 KB
7 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5233
1 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
310 KB
7 dotmetrics.net
script.dotmetrics.net — Cisco Umbrella Rank: 31828
50 KB
6 gstatic.com
fonts.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
102 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 410
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 704
5 KB
6 adnetwork.agency
sync2.adnetwork.agency — Cisco Umbrella Rank: 43682
sync1.adnetwork.agency — Cisco Umbrella Rank: 44139
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 370
109 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7999
2 KB
5 smartocto.com
tentacles.smartocto.com — Cisco Umbrella Rank: 16882
api.smartocto.com — Cisco Umbrella Rank: 15065
ingestion.smartocto.com — Cisco Umbrella Rank: 13628
22 KB
5 gemius.pl
gars.hit.gemius.pl — Cisco Umbrella Rank: 32400
ls.hit.gemius.pl — Cisco Umbrella Rank: 7893 Failed
22 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 121
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 300
50 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 3478
consentcdn.cookiebot.com — Cisco Umbrella Rank: 3945
100 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3046
onesignal.com — Cisco Umbrella Rank: 1008
141 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 554
cdn.id5-sync.com — Cisco Umbrella Rank: 1318
18 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 3269
adservice.google.de — Cisco Umbrella Rank: 5200
1 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 467
5 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2237
144 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
138 KB
3 wtg-ads.com
lib.wtg-ads.com — Cisco Umbrella Rank: 25471
221 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5967
647 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1118
2 KB
2 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 18752
rumcdn.geoedge.be — Cisco Umbrella Rank: 2224
64 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2541
24 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 679
512 B
2 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 4801
32 KB
2 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1415
30 KB
2 linker.ba
linker.ba — Cisco Umbrella Rank: 191453
2 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 575
35 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1886
577 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 602
429 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 10838
555 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2702
173 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 926
191 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 330
554 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3379
3 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3158
904 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3470
8 KB
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
40 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1187
201 B
1 monadplug.com
cdn.monadplug.com — Cisco Umbrella Rank: 71954
18 KB
530 64
Domain Requested by
101 ba.n1info.com 1 redirects ba.n1info.com
31 s0.2mdn.net ba.n1info.com
s0.2mdn.net
s1.adform.net
24 tpc.googlesyndication.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
ba.n1info.com
cdn.ampproject.org
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
s0.2mdn.net
18 s1.adform.net hb.contentexchange.me
track.adform.net
s1.adform.net
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
ba.n1info.com
17 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ba.n1info.com
15 pagead2.googlesyndication.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
fw.adsafeprotected.com
s0.2mdn.net
www.googletagservices.com
14 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
14 adx.adform.net lib.wtg-ads.com
13 www.googletagmanager.com ba.n1info.com
www.googletagmanager.com
cdn.monadplug.com
12 ib.adnxs.com 3 redirects lib.wtg-ads.com
googleads.g.doubleclick.net
11 dt.adsafeprotected.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
11 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
lib.wtg-ads.com
10 track.adform.net 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
s1.adform.net
8 images4.contentexchange.me ba.n1info.com
7 pix.eu.criteo.net ads.eu.criteo.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 i.connectad.io lib.wtg-ads.com
7 ssp.wp.pl lib.wtg-ads.com
7 htlb.casalemedia.com lib.wtg-ads.com
7 prg.smartadserver.com lib.wtg-ads.com
7 bidder.criteo.com lib.wtg-ads.com
7 ap.lijit.com lib.wtg-ads.com
7 fastlane.rubiconproject.com lib.wtg-ads.com
7 prebid-eu.creativecdn.com lib.wtg-ads.com
7 waytogrow-d.openx.net lib.wtg-ads.com
7 www.googletagservices.com lib.wtg-ads.com
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
7 script.dotmetrics.net ba.n1info.com
script.dotmetrics.net
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ba.n1info.com
consent.cookiebot.com
6 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
consent.cookiebot.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 mc.yandex.com 2 redirects ba.n1info.com
4 googleads4.g.doubleclick.net ba.n1info.com
4 ad.doubleclick.net 2 redirects 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
4 fw.adsafeprotected.com 2 redirects ba.n1info.com
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
4 googleads.g.doubleclick.net 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
ba.n1info.com
4 fonts.gstatic.com fonts.googleapis.com
4 sync2.adnetwork.agency 4 redirects
4 hb.contentexchange.me tracker_ba.contentexchange.me
ba.n1info.com
hb.contentexchange.me
4 cdnjs.cloudflare.com cdn.monadplug.com
ads.eu.criteo.com
ba.n1info.com
consent.cookiebot.com
4 gars.hit.gemius.pl 1 redirects ba.n1info.com
gars.hit.gemius.pl
3 rtb-csync.smartadserver.com
3 static.adsafeprotected.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
3 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
3 h.clarity.ms www.clarity.ms
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 match.contentexchange.me 2 redirects ba.n1info.com
3 cdn.jsdelivr.net lib.wtg-ads.com
hb.contentexchange.me
3 tracker_ba.contentexchange.me ba.contentexchange.me
tracker_ba.contentexchange.me
consent.cookiebot.com
3 tentacles.smartocto.com www.googletagmanager.com
tentacles.smartocto.com
consent.cookiebot.com
3 mc.yandex.ru 1 redirects ba.n1info.com
3 connect.facebook.net ba.n1info.com
connect.facebook.net
consent.cookiebot.com
3 www.clarity.ms ba.n1info.com
www.clarity.ms
3 cdn.onesignal.com ba.n1info.com
cdn.onesignal.com
consent.cookiebot.com
3 lib.wtg-ads.com ba.n1info.com
lib.wtg-ads.com
2 match.adsrvr.org 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 c.clarity.ms 1 redirects
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 id5-sync.com lib.wtg-ads.com
cdn.id5-sync.com
2 script.4dex.io lib.wtg-ads.com
script.4dex.io
2 www.google.com ba.n1info.com
securepubads.g.doubleclick.net
2 fonts.googleapis.com tracker_ba.contentexchange.me
securepubads.g.doubleclick.net
2 stags.bluekai.com tags.bkrtx.com
2 sync1.adnetwork.agency ba.n1info.com
2 dmp.adform.net 2 redirects
2 collector_sr.contentexchange.me ba.n1info.com
2 tags.bkrtx.com ba.n1info.com
2 static.chartbeat.com ba.n1info.com
2 consentcdn.cookiebot.com consent.cookiebot.com
2 ug.contentexchange.me ba.n1info.com
consent.cookiebot.com
2 consent.cookiebot.com ba.n1info.com
consent.cookiebot.com
2 linker.ba ba.n1info.com
linker.ba
1 dis.criteo.com 1 redirects
1 match.sharethrough.com
1 dsp.adfarm1.adition.com 1 redirects
1 us-u.openx.net
1 eu-u.openx.net 1 redirects
1 sync.mathtag.com
1 ssbsync.smartadserver.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
1 c1.adform.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 c.bing.com 1 redirects
1 encrypted-tbn2.gstatic.com ba.n1info.com
1 encrypted-tbn3.gstatic.com ba.n1info.com
1 ads.eu.criteo.com 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com ba.n1info.com
1 rumcdn.geoedge.be hb.contentexchange.me
1 wrappers.geoedge.be hb.contentexchange.me
1 prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 ingestion.smartocto.com tentacles.smartocto.com
1 www.google.de ba.n1info.com
1 www.contentexchange.me ba.n1info.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d3div1mtym39ic.cloudfront.net ba.n1info.com
1 api.smartocto.com tentacles.smartocto.com
1 www.facebook.com ba.n1info.com
1 region1.google-analytics.com www.googletagmanager.com
1 ping.chartbeat.net ba.n1info.com
1 onesignal.com cdn.onesignal.com
1 ls.hit.gemius.pl gars.hit.gemius.pl
consent.cookiebot.com
1 cdn.monadplug.com ba.n1info.com
1 ba.contentexchange.me ba.n1info.com
530 113

This site contains links to these domains. Also see Links.

Domain
www.admedo.com
www.internedservices.nl
www.sportradar.com
www.bidswitch.com
www.cookiebot.com
pulsepoint.com
www.beeswax.com
www.cognitoforms.com
crimtan.com
www.dailymotion.com
policies.google.com
www.id5.io
www.linkedin.com
www.poll-maker.com
www.quiz-maker.com
rubiconproject.com
script.dotmetrics.net
smartadserver.com
www.tiktok.com
vk.com
www.home.neustar
yandex.com
privacy.microsoft.com
www.contentexchange.me
www.casalemedia.com
www.gemius.pl
help.mail.ru
www.quantcast.com
www.scorecardresearch.com
www.sofascore.com
twitter.com
www.rhythmone.com
unruly.co
improvedigital.com
www.acuityads.com
site.adform.com
www.we-are-adot.com
www.criteo.com
www.amobee.com
adgear.com
www.adition.com
www.appnexus.com
www.mediamath.com
www.antvoice.com
travelaudience.com
www.thetradedesk.com
www.amazon.com
policies.oath.com
cms.brid.tv
www.blis.com
www.oracle.com
chartbeat.com
www.adobe.com
www.facebook.com
help.instagram.com
www.sovrn.com
www.melia.com
www.xaxis.com
www.openx.com
policy.pinterest.com
pubmatic.com
www.redditinc.com
zetaglobal.com
liveramp.com
www.seedtag.com
www.simpli.fi
www.sitescout.com
www.snap.com
www.stackadapt.com
www.tapad.com
tidaltv.com
exponential.com
www.dataxu.com
policies.yahoo.com
connectadrealtime.com
www.rackspace.com
smartocto.com
www.indexexchange.com
www.index.hr
ba-8nqof7qzeod2et99kimwqegbnmsmjnby.n1info.com
www.youtube.com
www.instagram.com
rs.n1info.com
n1info.hr
n1info.si
tracker_ba.contentexchange.me
apps.apple.com
play.google.com
www.unitedmedia.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-08 -
2023-08-08		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2022-05-31 -
2023-06-04		 a year crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-04 -
2023-06-06		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-15 -
2023-06-17		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.smartocto.com
R3		 2022-10-31 -
2023-01-29		 3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-10 -
2023-03-15		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
ingestion.smartocto.com
Amazon		 2022-11-10 -
2023-12-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
id.sharedid.org
Amazon		 2022-11-08 -
2023-12-07		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh

This page contains 28 frames:

Primary Page: https://ba.n1info.com/
Frame ID: 57AB942A6CF102529C7E327EDDD71832
Requests: 318 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: DA57F893471B0FDFEB8B0380DABDA358
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 863AFB179659EA842F75CDB5AC70B764
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: C0FCFAE8C9654FC48C712508CA7DA55D
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/93709?ret=html&phint=__bk_t%3DVijesti%20-%20N1%20Bosna%20i%20Hercegovina&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fba.n1info.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=97655203
Frame ID: 61DA4625AD877A40F47CFA5DBEF65360
Requests: 2 HTTP requests in this frame

Frame: https://hb.contentexchange.me/hbscript
Frame ID: 363D1D47BFA11CD775E1E5D8081786E2
Requests: 6 HTTP requests in this frame

Frame: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2882B3B6757EF9AFC759C55DB750FD70
Requests: 2 HTTP requests in this frame

Frame: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7687F58D2761F039E31579742F1C591A
Requests: 21 HTTP requests in this frame

Frame: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23F4864E196CB3A35663D51D0B5CB83D
Requests: 8 HTTP requests in this frame

Frame: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 150520A3917B1F41CBE69B046B11EA20
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Frame ID: D01C25AB2ACB2BB2A96C6FA5DE87EE09
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOHQmqMDGMTqkNQBMAE&v=APEucNUDH-oGozTs_2-0sa2K3uuxHB1wIBDE7ZBr7aMfka61z9uHqtypgSYXYQE3x0wtT-UyB-vs0qeo50VGO-X16EBDJGT6x3g0tRB3Tba5HSEXkZBCGcNKQv4pTnPf95qOfwhjPWZdCFGuaFz-O3bcVy4op4eko3RcsdrQBVAk5i1Ie_5tzd0
Frame ID: 95A05E3727016641D1874710361EE561
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 05D28F97EA94F2A44272DB309661C064
Requests: 17 HTTP requests in this frame

Frame: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D66E11DC6A2C220192A3B3B434DAC134
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNWFKG_73oxgGWzDblhDAbrtjux_G4iCCAYZW18mR7ZxIkpChzW5Wy1LWWXz4yvzTbC2GvoDrvhQIZdVPJ7HQBleh86b0cM1tBP76fP1KpzEVFNAndLtBk0u1VZbXGwiUzuCHYjo1HyZ8GdojyBQTGBvfbuz5neuuUOo2IigCIDkvFt9Sos
Frame ID: 428D963E5B6A26424347B2BE17B40990
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Frame ID: 57593E86EDEF25C408C7C2D3A2CC8251
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C582AA26B4A348B21DC8BD1D1F50A3CC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8E8D54D1085F9C9FAAFC378905FFAF52
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8F02E591B44B20BA91B3D3B88709775F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0F027A09043CC641D8C608DFBA2A91CF
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0THoP-u-1SKavOT4UWQCtSRlXUD3uw4Ffq9Ji3RXGKimHIIV0ZVL20Da_jpBq6hwh8TACSVSykNV8z0n8tMujITgrhzu66CUnOrvZgTOwAmMUT7_i46GT5ObMvApgbT6UBLjEJQczC70g3VL8UZ3D2dEylCYm-sGHfnRLlADTeWH2XZaujMu7tpAUjKUz83fbX79M6h-HkPz4mC-UeYs-8Ex0caZoMYIfJKmdJqcLDMlkwhRUOLB3_zBULS9ND9iQkYMJbfjmLs6mxIMmdq1Vsd6Fhau5zebPJk6VCm4S9ctabLmYOB2RUlQ8H_xiB5t6Ca4zN-W4WYU&sai=AMfl-YQLnZX2r5HmcvQ4rEP0j_xMRZpTFy_EBpTFocZgHfE5n8c4u38tPLS0sPbtJztqgPsftsAPtcHPbKvvZYBX7HWHbMYbh4fJ6mz6Ln0pn9ibpj3qG6nyW2X1pibGbAu6&sig=Cg0ArKJSzChpw6tEguXwEAE&uach_m=[UACH]&adurl=
Frame ID: 7D0B14908FE09C187F4A3D5C72F1FE73
Requests: 7 HTTP requests in this frame

Frame: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7AEB7D9F5803DCA0782C9ED16CE58D7
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Frame ID: 2A8AE9FB96BF29E9C30521BD366B9140
Requests: 23 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ba.n1info.com
Frame ID: 16C736CFA4305D0D2DF26E48E51BB599
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2104702/12048958/main/12048958.js?ADFassetID=12048958&bv=1537
Frame ID: FD544243626981D35551B99BDD3C41F8
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F576DE35707244067700A1B739B659B0
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2104702/12046857/12046857.js?ADFassetID=12046857&bv=257
Frame ID: F512A4BD97C7460C0492894724BCCB6E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 472CC5EEC1415615D5BC59C94F6B6634
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vijesti - N1 Bosna i Hercegovina

Page URL History Show full URLs

  1. http://ba.n1info.com/ HTTP 301
    https://ba.n1info.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

530
Requests

94 %
HTTPS

0 %
IPv6

64
Domains

113
Subdomains

94
IPs

13
Countries

11120 kB
Transfer

19861 kB
Size

82
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ba.n1info.com/ HTTP 301
    https://ba.n1info.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152
  • https://dmp.adform.net/serving/cookie/match?party=1219&cid=638605c8bc516d33ca9a3905&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=638605c8bc516d33ca9a3905&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
  • https://match.contentexchange.me/adform/751203180882331689
Request Chain 153
  • https://sync2.adnetwork.agency/image?pbjs=1 HTTP 302
  • https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
  • https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex HTTP 301
  • https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
Request Chain 159
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9837.HQ_bitwOD2Gu9qavgSUWjlf3izNxnwjvduyZKaaM-GNEZtqAznAP5sZo4AI62VPg.m0cDxMzGSBttTyWsbhseXrpTUk0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9837.POlYMikk5tbeqKadPaTSBxvnKqybWCq188TFwziHJNNtlnYuNkaRqD44iZKrkZteOem4i8eu8VXUn_0nWjv3_Q%2C%2C.0pBnJpgSLcsRdZCmMkI_YSduwPc%2C
Request Chain 168
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 190
  • https://mc.yandex.com/watch/71048401?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A260648366990%3Ahid%3A980084466%3Az%3A0%3Ai%3A20221129131449%3Aet%3A1669727690%3Ac%3A1%3Arn%3A129170025%3Arqn%3A1%3Au%3A1669727690750919842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C32%2C82%2C55%2C310%2C0%2C%2C343%2C99%2C%2C%2C%2C824%3Acpf%3A1%3Ans%3A1669727687820%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669727691%3At%3AVijesti%20-%20N1%20Bosna%20i%20Hercegovina&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A260648366990%3Ahid%3A980084466%3Az%3A0%3Ai%3A20221129131449%3Aet%3A1669727690%3Ac%3A1%3Arn%3A129170025%3Arqn%3A1%3Au%3A1669727690750919842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C32%2C82%2C55%2C310%2C0%2C%2C343%2C99%2C%2C%2C%2C824%3Acpf%3A1%3Ans%3A1669727687820%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669727691%3At%3AVijesti%20-%20N1%20Bosna%20i%20Hercegovina&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
Request Chain 297
  • https://sync2.adnetwork.agency/image?pbjs=1 HTTP 302
  • https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
  • https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex HTTP 301
  • https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9L4PJlu2Yixol392QAD4Y&google_cver=1
Request Chain 354
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4YFzApPPf0B8sszMUHZ.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAjz7PEL1DlfnLV_2w8fQJk&google_cver=1
Request Chain 356
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
Request Chain 364
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=1042DED1BDF04D628FCCFB232BB3DBF8&RedC=c.clarity.ms&MXFR=2C0A48C20F6267D7340E5AA90B62694D HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=1042DED1BDF04D628FCCFB232BB3DBF8&MUID=2423EEF8E0E16007343BFC93E18A6160
Request Chain 381
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352114581;dc_trk_aid=543221330;dc_trk_cid=181811941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=8451 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352114581;dc_pre=CKCj26-80_sCFY-K_QcdFvUNbg;dc_trk_aid=543221330;dc_trk_cid=181811941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=8451
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1
Request Chain 399
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4YFzApPPf0B8sszMUHZ.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENyFoFl83jClvWh631l-OYo&google_cver=1
Request Chain 401
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
Request Chain 407
  • https://fw.adsafeprotected.com/rfw/st/1190396/65998078/4.js?adContainerId=brand_safety_ywWGY5SrLM3d7_UPjM-dmAE&cbFunctionName=goog_wrapCb_ywWGY5SrLM3d7_UPjM-dmAE&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fba.n1info.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fba.n1info.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:28a8be3c-e7e4-6c55-84eb-3c31a2bdd451,c:vmuBO2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-f7pb7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1190396-65998078%7C181%7C182%7C191%7C1a%7C1b%7C1c1,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:25,oid:cf15bc10-6fe7-11ed-806b-424707855ea4,v:19.8.366,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ywWGY5SrLM3d7_UPjM-dmAE&cbFunctionName=goog_wrapCb_ywWGY5SrLM3d7_UPjM-dmAE&true_pb=
Request Chain 419
  • https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQfoCl54np8Ez78vQ2e2hlwgFYsy3m6k2XYWJN6h1wMyzYI8xMSYkE9rV9umTudlHyJpelLjbCLXfODRbZJbWjoeceWwHanpFz1qESqRQAoCZ_4OcWFzBKnUHGOt6r6N5ISwCUXeBNEe_W-5aXDzuAAqu41UTZC82J6Sus0-No3zyEZwj14pon5bcdgYD2cxIRpbbF2jWaotDh4tw8OkXCccLL2hXZ0VGSTzg80AJvFAsLOPGte5NmkJ9ovzZqPFOAt7JBBJ0LoOzE_vzTxgO6SLqLsPKyUI5_ojgm5-dKJy9zc_2dHHcAwI5KFvOcZNspvbYXK20q_8j1X9l_Odp2aV4Cp23-xtTwhp774Q8LSChGObvC8TmSZFDb6qkiRDSLTKLt7kOP5Ers5HY_Pg5-pctrwzbzwkz9dsMZfshlTbV_HdtCvZwCnwQ3SHnXraDCCKQS_RiwKmLZpxQrsSADaZOSgjmH0aoULkUqxh9N5lWGLLxlrmg9b1z3XRdTtL9kf6e5pd2xSN7nxz5ZBzqkuA-LuDe84UxG-4v6L--FjK1E3kWS54if2vrFOUGB70iKyQBDoelKFc7zy0o5GOXe5Ruuotd0pXFod9WNkd9GSKMQR1E-VfzzKbfF-0iGRde7Zv2cw45S6vQjnOp62bf3E2c-Q_0QzkDQzab5OXHhIJcKtcOg5y9HpkeWo5kRsT4WR0PuP6Y9fTi_ZZtzJh8x6qtKd5_Xz8Vgn_yA5WAXoP7UTyqWf9ywr3P4GgWzohUjPkE9Tsa64Gu66YogB8ChYee6SqiqpWhfRhAQRcetdJmrDpjVgjvrAbCaueg8OXdLYDmYVv0TNyy3eN-kCMq7s5duiC6A1UuL2T8MBY1MCL1RcHZEF2KS8N9xPZZndONXGFQW41cc44pqDStW9K3D9OCiEU-aqUDlr9hrblMFzbOENQCLZHXnmmoscEaEC8dmZWNI2jOGXyOH7JmhPE-Q_YCiPiHDRpPrZL7rQUb5RP-b1xUSJqi2GV4f_fvHliQdE-B8TEhxgKDFGvkssiCF9ZYcHTlsEzcHnOJHgDd3DXnn4K51Skc8yuGN2ew5le-5vWjhYKezOnFo-jFodAeAy0n-a9aSS5sc1QlNGxv69PSBqobfuSfWRfmt17IUzPDqLMJ4T3Tgcc-6DlGchptoj-Du1sEWXcv8tXpm-wfAtSM01TUAL3e9tZqoYtfX3dfATwG2umoBmq4_9o6_RyGmXDubXA98_Q2IpbQBZ_CrjSa2IJYk7BWneSBmDhmAq_QYErWqezcSmqrm_xIQVeTRDvQu1AH7_Ghpp80znGoR021hL2SHXA28M3mbthKxeS21VYp8qF8CwEbWvLpAsWer94qeCQSODXv6bWd6-li_kkeUwJMB_XjTg6jNoLUeYORTE5z8LlS2rKSpj9ecSolvYMsYX9IahUQEcUIqe6qf9H4S7DgZJHCPXn4OWydSybQWW-bzqn81_SHLbOVgLg-6UiL5iZb9J1N4e1N9HLE5onembAw_QMlCXZjI6xppANgQoHWlHjvvZ0odpSeCJnlzcLpt1vyI-qP8WSL3yLAd7LutG5MUr979-yq_LdtEbnoNQRRCCz-s-jxtAetdTnxOIOE5KiZNHz9iAC6jkwjVYy22hEDMDO1XfYFLRUuYMqzbK1RFzUCNniRd5SOsRG51i8oWiIcJ93tl7oTdRz5MEK2kJbFGGdfbGC051wZ1pPv0p38DCGlh2zZZeSTRSNmWXoG92kf3qm5XmDFm2bFTYV5njhnWA6GFtLaQu5csYFBrwx1O8ZIkwXs1cm0ryi1tJyC2kc93hEyWXYTMiKseqFh1ioQk8MDW5kyhPg5VePGCEk1olOlOEkzjykEKAIaDiuXBYwvsHADDKvQN_gcy3gWIo51YPCH83IHJyxTkLTKWFCbrCIqAbQMtwG-nVr7ekeHqdBPDuWD4Kt9i0FWaI3JZn1tFwj911JrafNDbPhZjSgxD0SvoCsdQJoFSYRB1I7zvVZtGHdEObULXHA0i5RbuotzrZey2zbFSbN8fv9BM3P2glMoC5LZbfQx7sq35jfLfpmjWsZR41zt_kkLMGTyt5fiU5ewEweH_m2mE_hqQvkHZdG6axCWUF30hpKPAcYJLxmH2r3Sz4QcRs88f2Z4jrni3obY7HjDDJVHWuUKPoHkt9LmD8XDgOP1dbVgm0K9Uhqxm4mb1C1Z2S4s1wwRDjo8TbgWBTU2CTPnovFVccw_3rveFkrmJnc7a5haO6mnzuctg9bhMw8MOZvQ3F3lFwhmgz_QZjB8Vgs49ETofhRMpfWVCBpVTb7aWOF9I6n7rvxZL7zXxFMpTAPmAvWE7PnwMOf4hC7TVM7WTqRBzolkqrk-syrbvygks1klhOwYjRAhuzdRoaYh242MiO0w5e7CI5fUMayHwPeHhP9TqodSw10PzO3qmXJpBT650Ds_K3_GNR8j1ZCSrKi3NkvWXXoHY9L5Ldac3TvdyDOLl1JVRgSIuXovtBclgXZ8LwcqJ4328vfg9RtbxiQOrjgfZ2re-zxv3cJW2PHBiY-KdOQYTsaTEErdqaLelddvPWWkYea5Qy7J6Wm3JLWEmaDVWok1hR1i2ZD5x6uB6xqomcFkfoihStJ-WUVuijAfwl9NcQW7cGJ2Wkd2JYIVBUrYOPLK61ZY0mK9touY3mND2t6gZqwuOczxmv8afqoMq7mBMzdjLUoPfS002C86LYsiA04gk_XLveJQ5YWEAfUYmwxpM2RdNdwV0ajqKDioyNEpBWD7fueEttFEsFV-Yfo_DoM0pJcqjQ3vwTqqE3OToVqQDRTuc853WyhzuA5k5A3cOjQDrUI4aWiOSmbwi8drPh8YK9-32z9lDi4CRWQG7YIDgMwsOWVa7JorBFm-SAJsvE_9-qdra31hE_gnMNqXb5K5MlUBnbi1GeFluNBLLiMrLOrLihVXTn3JjkF1PE3CVPGB_N7rlWP8bcUOiP1p0d3mSQcgfxP96HnwjBmpu2VYIK0Uf5ZZ9IFYcxzjVguUXoo6bEM-d7s81M9GMIjNEFX2m00Ah2DdZfB-5bxNBUT95Q2zzTvzBQxBrICjaciMjn0g2RhyfTr2ZD_DeLAXL_psXJQitFFHe_5QFnrW0N3IrvVVkHUTRJCE8DFIDfniFSnjQqJsfjl4iQ9sGZirnfmcNsmScXWFLqwcKWLW6mzhSdpBuLv4DIb1OgoNYFcS7lCWeEmFJn0hZRblKNVJ8GoHOPOqXOsc1jERzvfFQ2zXEnPnYOc0DmqNsTLV0oWjOnWnAkmMcR7q5Hl7LT4ZaZgXE03ZvisLjCV27thjSx07Dy8LOnYHFAb4WX8DWnTdrC-Md2QXRZQIoJ9mqL_1CzdBu_UKKKx2GebJj164mu6nPMD46AS32IkZcHQHXpZY5hRK4a1Ne9iTmE1onMHN1RFSLtly__66i6sZNEWb1mgVw1vpliTRV72aEoz9jI1uzKdXns5iddQR4MA846NJqOE3CRPIiMSCDRVz2lIWTuqa55E84Hmqt3xMWtnwmQy8Cxl4PYgfXgf2YQUTJzqBy06UupVYaQwgEEjsA6tujfRE6TOvfvUCJQbtkLG_i_v6RaXJilavOPg2ZnnQnzdk_S6kwxWIWAqIbcuDu_3RnM9v0DTk9vBgBIBNgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-5845685380979936&ias_chanId=1&ias_placementId=17668765392&bidurl=https://ba.n1info.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g8YxwYnQEkb0rf-H6cB8mB&adsafe_url=https%3A%2F%2Fba.n1info.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fba.n1info.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c78623e2-b186-5c67-36c0-d5191a578926,c:vmuBPq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-72sx5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:toA7eBf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C191%7C1a%7C1b%7C1c*.1103447-64557517%7C1c1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:cf1ee3be-6fe7-11ed-a9fe-325fc79019c7,v:19.8.366,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQfoCl54np8Ez78vQ2e2hlwgFYsy3m6k2XYWJN6h1wMyzYI8xMSYkE9rV9umTudlHyJpelLjbCLXfODRbZJbWjoeceWwHanpFz1qESqRQAoCZ_4OcWFzBKnUHGOt6r6N5ISwCUXeBNEe_W-5aXDzuAAqu41UTZC82J6Sus0-No3zyEZwj14pon5bcdgYD2cxIRpbbF2jWaotDh4tw8OkXCccLL2hXZ0VGSTzg80AJvFAsLOPGte5NmkJ9ovzZqPFOAt7JBBJ0LoOzE_vzTxgO6SLqLsPKyUI5_ojgm5-dKJy9zc_2dHHcAwI5KFvOcZNspvbYXK20q_8j1X9l_Odp2aV4Cp23-xtTwhp774Q8LSChGObvC8TmSZFDb6qkiRDSLTKLt7kOP5Ers5HY_Pg5-pctrwzbzwkz9dsMZfshlTbV_HdtCvZwCnwQ3SHnXraDCCKQS_RiwKmLZpxQrsSADaZOSgjmH0aoULkUqxh9N5lWGLLxlrmg9b1z3XRdTtL9kf6e5pd2xSN7nxz5ZBzqkuA-LuDe84UxG-4v6L--FjK1E3kWS54if2vrFOUGB70iKyQBDoelKFc7zy0o5GOXe5Ruuotd0pXFod9WNkd9GSKMQR1E-VfzzKbfF-0iGRde7Zv2cw45S6vQjnOp62bf3E2c-Q_0QzkDQzab5OXHhIJcKtcOg5y9HpkeWo5kRsT4WR0PuP6Y9fTi_ZZtzJh8x6qtKd5_Xz8Vgn_yA5WAXoP7UTyqWf9ywr3P4GgWzohUjPkE9Tsa64Gu66YogB8ChYee6SqiqpWhfRhAQRcetdJmrDpjVgjvrAbCaueg8OXdLYDmYVv0TNyy3eN-kCMq7s5duiC6A1UuL2T8MBY1MCL1RcHZEF2KS8N9xPZZndONXGFQW41cc44pqDStW9K3D9OCiEU-aqUDlr9hrblMFzbOENQCLZHXnmmoscEaEC8dmZWNI2jOGXyOH7JmhPE-Q_YCiPiHDRpPrZL7rQUb5RP-b1xUSJqi2GV4f_fvHliQdE-B8TEhxgKDFGvkssiCF9ZYcHTlsEzcHnOJHgDd3DXnn4K51Skc8yuGN2ew5le-5vWjhYKezOnFo-jFodAeAy0n-a9aSS5sc1QlNGxv69PSBqobfuSfWRfmt17IUzPDqLMJ4T3Tgcc-6DlGchptoj-Du1sEWXcv8tXpm-wfAtSM01TUAL3e9tZqoYtfX3dfATwG2umoBmq4_9o6_RyGmXDubXA98_Q2IpbQBZ_CrjSa2IJYk7BWneSBmDhmAq_QYErWqezcSmqrm_xIQVeTRDvQu1AH7_Ghpp80znGoR021hL2SHXA28M3mbthKxeS21VYp8qF8CwEbWvLpAsWer94qeCQSODXv6bWd6-li_kkeUwJMB_XjTg6jNoLUeYORTE5z8LlS2rKSpj9ecSolvYMsYX9IahUQEcUIqe6qf9H4S7DgZJHCPXn4OWydSybQWW-bzqn81_SHLbOVgLg-6UiL5iZb9J1N4e1N9HLE5onembAw_QMlCXZjI6xppANgQoHWlHjvvZ0odpSeCJnlzcLpt1vyI-qP8WSL3yLAd7LutG5MUr979-yq_LdtEbnoNQRRCCz-s-jxtAetdTnxOIOE5KiZNHz9iAC6jkwjVYy22hEDMDO1XfYFLRUuYMqzbK1RFzUCNniRd5SOsRG51i8oWiIcJ93tl7oTdRz5MEK2kJbFGGdfbGC051wZ1pPv0p38DCGlh2zZZeSTRSNmWXoG92kf3qm5XmDFm2bFTYV5njhnWA6GFtLaQu5csYFBrwx1O8ZIkwXs1cm0ryi1tJyC2kc93hEyWXYTMiKseqFh1ioQk8MDW5kyhPg5VePGCEk1olOlOEkzjykEKAIaDiuXBYwvsHADDKvQN_gcy3gWIo51YPCH83IHJyxTkLTKWFCbrCIqAbQMtwG-nVr7ekeHqdBPDuWD4Kt9i0FWaI3JZn1tFwj911JrafNDbPhZjSgxD0SvoCsdQJoFSYRB1I7zvVZtGHdEObULXHA0i5RbuotzrZey2zbFSbN8fv9BM3P2glMoC5LZbfQx7sq35jfLfpmjWsZR41zt_kkLMGTyt5fiU5ewEweH_m2mE_hqQvkHZdG6axCWUF30hpKPAcYJLxmH2r3Sz4QcRs88f2Z4jrni3obY7HjDDJVHWuUKPoHkt9LmD8XDgOP1dbVgm0K9Uhqxm4mb1C1Z2S4s1wwRDjo8TbgWBTU2CTPnovFVccw_3rveFkrmJnc7a5haO6mnzuctg9bhMw8MOZvQ3F3lFwhmgz_QZjB8Vgs49ETofhRMpfWVCBpVTb7aWOF9I6n7rvxZL7zXxFMpTAPmAvWE7PnwMOf4hC7TVM7WTqRBzolkqrk-syrbvygks1klhOwYjRAhuzdRoaYh242MiO0w5e7CI5fUMayHwPeHhP9TqodSw10PzO3qmXJpBT650Ds_K3_GNR8j1ZCSrKi3NkvWXXoHY9L5Ldac3TvdyDOLl1JVRgSIuXovtBclgXZ8LwcqJ4328vfg9RtbxiQOrjgfZ2re-zxv3cJW2PHBiY-KdOQYTsaTEErdqaLelddvPWWkYea5Qy7J6Wm3JLWEmaDVWok1hR1i2ZD5x6uB6xqomcFkfoihStJ-WUVuijAfwl9NcQW7cGJ2Wkd2JYIVBUrYOPLK61ZY0mK9touY3mND2t6gZqwuOczxmv8afqoMq7mBMzdjLUoPfS002C86LYsiA04gk_XLveJQ5YWEAfUYmwxpM2RdNdwV0ajqKDioyNEpBWD7fueEttFEsFV-Yfo_DoM0pJcqjQ3vwTqqE3OToVqQDRTuc853WyhzuA5k5A3cOjQDrUI4aWiOSmbwi8drPh8YK9-32z9lDi4CRWQG7YIDgMwsOWVa7JorBFm-SAJsvE_9-qdra31hE_gnMNqXb5K5MlUBnbi1GeFluNBLLiMrLOrLihVXTn3JjkF1PE3CVPGB_N7rlWP8bcUOiP1p0d3mSQcgfxP96HnwjBmpu2VYIK0Uf5ZZ9IFYcxzjVguUXoo6bEM-d7s81M9GMIjNEFX2m00Ah2DdZfB-5bxNBUT95Q2zzTvzBQxBrICjaciMjn0g2RhyfTr2ZD_DeLAXL_psXJQitFFHe_5QFnrW0N3IrvVVkHUTRJCE8DFIDfniFSnjQqJsfjl4iQ9sGZirnfmcNsmScXWFLqwcKWLW6mzhSdpBuLv4DIb1OgoNYFcS7lCWeEmFJn0hZRblKNVJ8GoHOPOqXOsc1jERzvfFQ2zXEnPnYOc0DmqNsTLV0oWjOnWnAkmMcR7q5Hl7LT4ZaZgXE03ZvisLjCV27thjSx07Dy8LOnYHFAb4WX8DWnTdrC-Md2QXRZQIoJ9mqL_1CzdBu_UKKKx2GebJj164mu6nPMD46AS32IkZcHQHXpZY5hRK4a1Ne9iTmE1onMHN1RFSLtly__66i6sZNEWb1mgVw1vpliTRV72aEoz9jI1uzKdXns5iddQR4MA846NJqOE3CRPIiMSCDRVz2lIWTuqa55E84Hmqt3xMWtnwmQy8Cxl4PYgfXgf2YQUTJzqBy06UupVYaQwgEEjsA6tujfRE6TOvfvUCJQbtkLG_i_v6RaXJilavOPg2ZnnQnzdk_S6kwxWIWAqIbcuDu_3RnM9v0DTk9vBgBIBNgAQ
Request Chain 476
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&google_cver=1&google_push=ASkJ3FbYUuj2sKTBDJHYXpyK6m-Kon3vKVc7eeAcX4yxJgcghGRwOM-k_W2yPAiFs79P19zHvuOR4emAP8ul3QMmrCLLvBgSV_3V HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&google_cver=1&google_push=ASkJ3FbYUuj2sKTBDJHYXpyK6m-Kon3vKVc7eeAcX4yxJgcghGRwOM-k_W2yPAiFs79P19zHvuOR4emAP8ul3QMmrCLLvBgSV_3V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VEFNRzN1MVIxUDAwclA1&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&google_cver=1&google_push=ASkJ3FbYUuj2sKTBDJHYXpyK6m-Kon3vKVc7eeAcX4yxJgcghGRwOM-k_W2yPAiFs79P19zHvuOR4emAP8ul3QMmrCLLvBgSV_3V
Request Chain 479
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGeGl2VwnRLV7HB1se2PQEc&google_cver=1&google_push=ASkJ3FZkryc3f7zCXklWMlnZAAxt3FLz4OYqpBPJHj8qCu57FXHeqMXjr5SnBQE56sBhd_VIbO5-To5pEgHjsmNk6hu3_U5ByrKl HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WYUvuSOcTz-Laqn9wwmB0A2&google_push=ASkJ3FZkryc3f7zCXklWMlnZAAxt3FLz4OYqpBPJHj8qCu57FXHeqMXjr5SnBQE56sBhd_VIbO5-To5pEgHjsmNk6hu3_U5ByrKl
Request Chain 480
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHHzszvuVgnYRMvxVo9Tsgs&google_cver=1&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHDzYRP0LG HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHHzszvuVgnYRMvxVo9Tsgs&google_cver=1&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHDzYRP0LG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHDzYRP0LG
Request Chain 481
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGb5_G12lhbX_HivnOsI5-U&google_cver=1&google_push=ASkJ3FaviuvUBqzRMhmwqn2Ig4Kgpvo70gWB3A1NsmPQbMLJcvCdL_7LsSVff90aiJV3yCM7xSbyHXfYn6b_Uqm6gH04J7YRy3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMjAzMTgwODgyMzMxNjg5&google_push=ASkJ3FaviuvUBqzRMhmwqn2Ig4Kgpvo70gWB3A1NsmPQbMLJcvCdL_7LsSVff90aiJV3yCM7xSbyHXfYn6b_Uqm6gH04J7YRy3g
Request Chain 485
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352130629;dc_trk_aid=543416410;dc_trk_cid=182025848;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=9375 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352130629;dc_pre=CMThkbC80_sCFdVx4Aod0DYN2w;dc_trk_aid=543416410;dc_trk_cid=182025848;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=9375
Request Chain 528
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=2e92f153-7736-4874-ba40-06a594973432&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Request Chain 529
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9e03f451-42d1-4b9a-bb2e-cbadf365c8c9&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXvJw3go1-tJsY8nLAmdNs&google_cver=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Request Chain 530
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7171425838958770328&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Request Chain 532
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=24da0498-dfdb-4c36-9321-225aaf37776d&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Request Chain 538
  • https://gars.hit.gemius.pl/_1669727698765/rexdot.js?l=100&sendf=8&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=jqAaczyuxpqYCGIXAXLQfyEusnmU2VK2jb_c2HIx_xH.S7.saN3R9zhB0tviijii7E4.PxcT_Sc94RkL.oV2a2jvkgNh/yRHKftQsbwvj0/&fpdata=-TURNEDOFF&ltime=903&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638605c82d87aaf8 HTTP 301
  • https://gars.hit.gemius.pl/__/_1669727698765/rexdot.js?l=100&sendf=8&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=jqAaczyuxpqYCGIXAXLQfyEusnmU2VK2jb_c2HIx_xH.S7.saN3R9zhB0tviijii7E4.PxcT_Sc94RkL.oV2a2jvkgNh/yRHKftQsbwvj0/&fpdata=-TURNEDOFF&ltime=903&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638605c82d87aaf8

530 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ba.n1info.com/
Redirect Chain
  • http://ba.n1info.com/
  • https://ba.n1info.com/
397 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351155e0ca67e2fa9869dad9b0c5a83defaa2a59c5be7865c1933e9f2766153a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
771b9bc30e0490b2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Nov 2022 13:14:48 GMT
link
<https://ba.n1info.com/wp-json/>; rel="https://api.w.org/" <https://ba.n1info.com/wp-json/wp/v2/pages/4328109>; rel="alternate"; type="application/json" <https://ba.n1info.com/>; rel=shortlink
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-fastcgi-cache
HIT

Redirect headers

CF-RAY
771b9bc11cf26987-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 29 Nov 2022 13:14:47 GMT
Expires
Tue, 29 Nov 2022 14:14:47 GMT
Location
https://ba.n1info.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Exo2-Regular.woff2
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/Exo2-Regular.woff2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29efbdb1613dd373678cc6e8e6e6f4cf003ce3d076c2be27e456e93dfa601c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
4167
etag
"63848151-90dc"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
771b9bc39ee490b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37084
Exo2-Medium.woff2
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/Exo2-Medium.woff2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5770308d93a1b620a7d57ab0b2f951ffc405085067423d4fff082db95669bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
4167
etag
"63848151-91cc"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
771b9bc39f0290b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37324
Exo2-Bold.woff2
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/Exo2-Bold.woff2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d6222f139b4071e1fc7a0a79c0da03b2b1c5ba857ea46d547528112ec8614e7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
4167
etag
"63848151-94c8"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
771b9bc39f0390b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38088
Exo2-SemiBold.woff2
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/Exo2-SemiBold.woff2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
749b53442e109557196c6dfd92754eb8e6e61cd51cb0d3986b7f6bd886a9aba8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
1279
etag
"63848151-9478"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
771b9bc39f0590b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38008
Exo2-ExtraBold.woff2
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/Exo2-ExtraBold.woff2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd0070ca4819270200c94b6ea5ec82c771a71719a1d3c9e41ccd8d95544070e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
1417
etag
"63848151-94f4"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
771b9bc3bf1390b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38132
scss-united-cloud-social-share.css
ba.n1info.com/wp-content/plugins/united-cloud-social-share/dist/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/plugins/united-cloud-social-share/dist/assets/css/scss-united-cloud-social-share.css?ver=1669628185
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9526e3aeee2668af9e8c36ead5afc4e2291875435d04dd10a9761e9b331776
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:36:25 GMT
server
cloudflare
age
415
etag
W/"63848119-946"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cf-ray
771b9bc39ee990b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
scss-ucnewsportal-n1-social-share.css
ba.n1info.com/wp-content/plugins/united-cloud-social-share/dist/assets/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/plugins/united-cloud-social-share/dist/assets/css/scss-ucnewsportal-n1-social-share.css?ver=1669628185
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9666cf216dafc01b31655395c3398c51ad1e80c0792db67ddbb9693bbac0e73
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:36:25 GMT
server
cloudflare
age
415
etag
W/"63848119-fcc"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cf-ray
771b9bc39eec90b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wpp.css
ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/css/ 		1 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.2.2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951c201eceb26489dc9b4cc8ea4e408ae957410ea32b0fc7d4845d851886739f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:44 GMT
server
cloudflare
age
4388
etag
W/"638480b4-4c1"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cf-ray
771b9bc39ef890b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.css
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/ 		627 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1669628241
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ac8a9ce40a22fc1ccd820bb87721fa79c1f406d0cd38b4c9bbe5664dbcee2e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
415
etag
W/"63848151-9cd32"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cf-ray
771b9bc39efa90b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sassy-social-share-public.css
ba.n1info.com/wp-content/plugins/sassy-social-share/public/css/ 		34 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.11
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:44 GMT
server
cloudflare
age
4388
etag
W/"638480b4-87d9"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cf-ray
771b9bc39eff90b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sassy-social-share-svg.css
ba.n1info.com/wp-content/plugins/sassy-social-share/admin/css/ 		109 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.11
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:44 GMT
server
cloudflare
age
4388
etag
W/"638480b4-1b42e"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cf-ray
771b9bc39f0090b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wpp-4.2.0.min.js
ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/js/ 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:44 GMT
server
cloudflare
age
4383
etag
W/"638480b4-47b"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cf-ray
771b9bc3bf1490b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ba.n1info.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:48 GMT
server
cloudflare
age
4388
etag
W/"638480b8-15db1"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cf-ray
771b9bc3bf1690b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
ba.n1info.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:48 GMT
server
cloudflare
age
4388
etag
W/"638480b8-2bd8"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cf-ray
771b9bc3bf1790b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
add-manager-variables.js
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/ 		0
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/add-manager-variables.js?ver=1669628241
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
415
etag
"63848151-0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
cf-ray
771b9bc3bf1a90b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
generate-menu.js
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/ 		229 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/generate-menu.js?ver=1669628241
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b213596f8c6a75d05e3649be5e43a6cf193cfe4cedb2233295e915606d9b148d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
415
etag
W/"63848151-39565"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cf-ray
771b9bc3bf1c90b2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lib.min.js
lib.wtg-ads.com/ 		493 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/lib.min.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4766e328fae56d6b79bc8ed7555235951617fb38a72ed02e387bfe938ddbe3d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
294355
last-modified
Tue, 25 Oct 2022 05:05:58 GMT
server
cloudflare
etag
W/"63576eb6-7b45b"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfzwU1n6GCQsmVX7g6USDENTUvIHTsF%2FPsr7Sj97RbdVWuAXKAmf2Kszp8PhJcRN%2BxVGG2WjoSDTd5P4IiEvl0HLGWtEiLbVEUu8wCumx77V%2BTPOVfLeu3tKuZvNNwFNVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
771b9bc4baf0bb44-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 26 Nov 2022 06:28:53 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1108
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
771b9bc498ac9152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 02 Dec 2022 13:14:48 GMT
lw.js
linker.ba/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linker.ba/lw.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.206.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b7e0680a588ae3dba8658a482aaae69dbe9981136719abaf301ecb25223637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 09:03:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
878
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDo4Tm00TXsbIB6PvjVjJSPraRaxQUwbm2sjY64%2F%2FnXIqksuPfjMcqSUr0QKtcxRXoqfzg%2FH%2BVNd9sYHenf5R%2F9VJtjEUdsQPzPFbtb2ZNAv3BOzTOvVHnXjUj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
771b9bc4cdb2161b-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tracker.js
ba.contentexchange.me/static/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.contentexchange.me/static/tracker.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.15.13 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex2.irv.si
Software
nginx/1.21.6 /
Resource Hash
ef75b52f7f33b51ddc94e2dba3c793056f8b92c978aebee3eba56160a35aaffd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx/1.21.6
x-xss-protection
1; mode=block
content-type
text/javascript; charset=utf-8
logo-header.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/logo-header.svg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
791dbe935d023cd588ac612b8fff2bda30ed626a73fcead815c9e31710826fe2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
709
etag
W/"63848151-67f"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
771b9bc46e5dbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo-white.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/logo-white.svg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60230e4a926befe53988ed6cacfadb185f864adfc951ef3324f5fc2ccadf54b8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
2668
etag
W/"63848151-67f"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
771b9bc46e60bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app-store.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/app-store.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa65d5b06b7a9bb87c9f8986e54f764df108c030fa7205994a2333c800d55c96
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
2668
etag
"63848151-1bd5"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc46e62bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7125
google-play.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/google-play.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c5751cf511ce5ef1475a104f8bf2b43e6c5fad4315a00d84c4f3bce403d16a6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
2668
etag
"63848151-227f"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc46e63bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8831
n1-cnn-logo.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/n1-cnn-logo.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c40aaec97fbe3e31ffabe9947721438b0f9a858faf61dfd5f89b98168ecef5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
589
etag
"63848151-3697"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc46e67bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13975
email-decode.min.js
ba.n1info.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Nov 2022 13:35:09 GMT
server
cloudflare
etag
W/"637cd00d-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
771b9bc41dd9bb56-FRA
expires
Thu, 01 Dec 2022 13:14:48 GMT
app.js
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/ 		395 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7495f069489170c6dd7ad4a71310a1836f5f5b0417cfc58b3dfa8e61df5e7572
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
589
etag
W/"63848151-62ab6"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cf-ray
771b9bc42ddfbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sassy-social-share-public.js
ba.n1info.com/wp-content/plugins/sassy-social-share/public/js/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.11
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:44 GMT
server
cloudflare
age
6768
etag
W/"638480b4-ab5b"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cf-ray
771b9bc45e4abb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
ba.n1info.com/wp-includes/js/ 		1 KB
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:34:48 GMT
server
cloudflare
age
1260
etag
W/"638480b8-592"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cf-ray
771b9bc46e5abb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
uc.js
consent.cookiebot.com/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a540cc5945aea6d81f7705af39fc8868fe7e72bcbf2f0396ace451451109e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 07:34:39 GMT
etag
"db2e3fe144fed81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=984
accept-ranges
bytes
content-length
31705
expires
Tue, 29 Nov 2022 13:31:12 GMT
tracker.js
ug.contentexchange.me/static/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ug.contentexchange.me/static/tracker.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
2E130C26.rDNS.SiEL.si
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
9649384f82539d23da2a9d4923f91058536f34cef5952d520157656c52699b10
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:37 GMT
strict-transport-security
max-age=15768000
server
nginx/1.10.0 (Ubuntu)
content-type
text/javascript; charset=utf-8
xgemius.js
gars.hit.gemius.pl/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gars.hit.gemius.pl/xgemius.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.95.172.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3214334.ip-141-95-172.eu
Software
GHC /
Resource Hash
e70adcd31bc54c86975b907975bf0957771f299aa3d7f57c2642495441053a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 11:36:49 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
17204
expires
Wed, 30 Nov 2022 01:14:48 GMT
gtm.js
www.googletagmanager.com/ 		192 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
04c01db8c7edffe053f2f6e039d16d4171d690474753b20b40f32157c413e975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58780
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:48 GMT
hood.js
cdn.monadplug.com/format/native/js/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.monadplug.com/format/native/js/hood.js?v=122102913
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8494dc370c184b5aa8f397a70cc6646e56c56924098c1d02eb3f067e183db60e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Jan 2022 11:49:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6
etag
W/"1430b-5d56129180120"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd0QTvqTuQcZBiEJN0B0h4iD27q6bqj5SdogtOkW0PRLV75vdj4P%2Bk0m2VLpHV2Y%2BbtNO9yPqdoNNBI1GGfyC3R27F4i2lCYhuIdkihCGILVS7gHimuVcrhrS94rvlhkCj0Q2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2678400
cf-ray
771b9bc4ce1c9945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
10
svg-sprite.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 		44 KB
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/svg-sprite.svg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc63f7b67c742b65068070ad7035f6bae252b8d85f6d88ea36edc2596a78442
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
7016
etag
W/"63848151-aec7"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
771b9bc46e69bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
web-responsive-menu
ba.n1info.com/wp-json/menus/v1/menus/ 		36 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ba.n1info.com/wp-json/menus/v1/menus/web-responsive-menu
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/generate-menu.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b19b336ae37187fe586d8764fbc4e370f0799ef3625b039efb4763383d058a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fastcgi-rest-cache
HIT
server
cloudflare
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://ba.n1info.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
771b9bc46e6cbb56-FRA
1669711357-sa-anes-podic-clf-291122.10_23_52_23.Still001-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669711357-sa-anes-podic-clf-291122.10_23_52_23.Still001-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05844e1731e3c884da07c1c590a647504d327f66e8ef8c28c88bea6183c25668
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 08:42:39 GMT
server
cloudflare
age
106
etag
"6385c5ff-23b9"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc49ed0bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9145
1669714750-2022-11-28T175602Z_1475928851_UP1EIBS1DTCCR_RTRMADP_3_SOCCER-WORLDCUP-BRA-SWI-REPORT-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669714750-2022-11-28T175602Z_1475928851_UP1EIBS1DTCCR_RTRMADP_3_SOCCER-WORLDCUP-BRA-SWI-REPORT-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf25cdfe2fc605cabbd4e4ddc260d118bc14114e201bc74b4d32c3289605881
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 09:39:14 GMT
server
cloudflare
age
3752
etag
"6385d342-47d2"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc49ee0bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18386
1669716837-AT5A6183-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669716837-AT5A6183-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e3410bcb61ecd4f61c037c9b57cfdfd87ef8c2fab38548817f1df3464d80b8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 10:14:04 GMT
server
cloudflare
age
2668
etag
"6385db6c-27e5"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc49ee4bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10213
1669721526-radionica-1-scaled.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		403 KB
403 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669721526-radionica-1-scaled.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
060237f074936b54a16597afe583ce7b32245528a39c59ff8e4a52745207cf6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 11:32:17 GMT
server
cloudflare
age
5263
etag
"6385edc1-64bec"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc49ee8bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
412652
cfd1e577214e502fded6.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/cfd1e577214e502fded6.svg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1545187c9f91f90bfbea1b9b7a3d4261073594d2c8bf6cd0046fc5f6144e38bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1669628241
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
4761
etag
W/"63848151-869"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
771b9bc4bf20bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5cc0869293747b42a18c.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/5cc0869293747b42a18c.svg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbc1f1a9dc92e26cf270a0688ebf392c73a9cfbca2422202a68027abbf2834c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1669628241
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
REVALIDATED
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
content-encoding
br
etag
W/"63848151-f69"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
771b9bc4bf24bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f98430d636aa8b39c3f4.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/ 		71 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/f98430d636aa8b39c3f4.svg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fdf57f497409b8db132cf82de62196ff3150122580acb6c094cb9b5d1380fc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1669628241
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:37:21 GMT
server
cloudflare
age
57
etag
W/"63848151-11bd8"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
771b9bc4cf2bbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1669483837-image00010-1200x800.jpeg
ba.n1info.com/wp-content/uploads/2022/11/26/ 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/26/1669483837-image00010-1200x800.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65deea7d3a9ca3e91b046ae25243edbbff6d994da52f281fb8123b0742eaa3a7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sat, 26 Nov 2022 17:30:49 GMT
server
cloudflare
age
214
etag
"63824d49-421b6"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52816bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
270774
1669716780-AT5A6153-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669716780-AT5A6153-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22e92032232c57932296e3a24ba79f56decde028845d49709f98f208ccbd059
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 10:13:07 GMT
server
cloudflare
age
765
etag
"6385db33-7f53"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5281abb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32595
1668163787-sebija-izetbegovic-skupstina-ks-2-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/11/1668163787-sebija-izetbegovic-skupstina-ks-2-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a83a2df2c44eb00deba4a466d6867e7ec194152f7200d1e4a6488d0617d450f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 11 Nov 2022 10:49:48 GMT
server
cloudflare
age
5619
etag
"636e28cc-4450"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5281dbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17488
1669723252-2022-11-27T180446Z_2059520973_UP1EIBR1E7VE7_RTRMADP_3_SOCCER-WORLDCUP-CRO-CAN-REPORT-768x506.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669723252-2022-11-27T180446Z_2059520973_UP1EIBR1E7VE7_RTRMADP_3_SOCCER-WORLDCUP-CRO-CAN-REPORT-768x506.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbb9541c46241c398f891b49ffe015780b6eef33363eb929530477910e2ff2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:01:17 GMT
server
cloudflare
age
4047
etag
"6385f48d-218e4"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5281fbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
137444
jasenko-tufekcic-203435-540x304.jpeg
ba.n1info.com/wp-content/uploads/2018/07/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2018/07/jasenko-tufekcic-203435-540x304.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cda4d47d62644aeccdcf6ba57cf18949b666fae190b3f2786dbf15fee47abe6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 16 Dec 2020 17:31:26 GMT
server
cloudflare
age
3184
etag
"5fda446e-816d"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52821bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33133
1638115331-download-163811492118218459665572413202272021-11-28_15-04-42-063-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/11/28/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2021/11/28/1638115331-download-163811492118218459665572413202272021-11-28_15-04-42-063-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4040b256517d8b2f661bcc9a465e9ec8328558c06b421cd8953bc831238016
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 28 Nov 2021 16:02:12 GMT
server
cloudflare
age
1704
etag
"61a3a804-b18d"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52823bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45453
1669721933-1669720042-facebook-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669721933-1669720042-facebook-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c7b5560131883cc58d9d2b7b2da3726c2284bfffa900417b7f2d24f82e3edd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 11:38:55 GMT
server
cloudflare
age
4761
etag
"6385ef4f-a44e"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52825bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42062
1669280094-ARD-4072-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/24/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/24/1669280094-ARD-4072-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a850ac168696a4c6ad04c569817f0405aca5da1c24fca0a0465007f7e412ce
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 24 Nov 2022 08:55:02 GMT
server
cloudflare
age
6785
etag
"637f3166-a09a"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52827bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41114
1669726208-profimedia-0740905456-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669726208-profimedia-0740905456-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73675bf96bf60a5c4608857f63b27ecca13e6ded891b492fe1750f99bfb6295b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:50:16 GMT
server
cloudflare
age
1122
etag
"63860008-5c74"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52829bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23668
1667645802-vucic-ig-511-550x360.png
ba.n1info.com/wp-content/uploads/2022/11/05/ 		273 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/05/1667645802-vucic-ig-511-550x360.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1039d38c88f07c3bc488482908a6149b9b08423c19be6a286ce38f6e9b51a692
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 10:56:45 GMT
server
cloudflare
age
214
etag
"6366416d-444d2"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc5282cbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
279762
1669719695-IMG_20221129_104015-scaled-e1669719731232-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669719695-IMG_20221129_104015-scaled-e1669719731232-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda076d84c1c128a35760885641893bbf4d7cedb2d41bb9a5cbe56d797c39c43
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 11:02:14 GMT
server
cloudflare
age
106
etag
"6385e6b6-17b37"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5282ebb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
97079
1669720342-dodik-i-djeca-550x360.png
ba.n1info.com/wp-content/uploads/2022/11/29/ 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669720342-dodik-i-djeca-550x360.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c4d190f9eb7a44795ff5772c1f504fadbe7538a28ae61ccaf3e9baa58e73e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 11:12:29 GMT
server
cloudflare
age
6688
etag
"6385e91d-406c2"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc52832bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
263874
1669724994-Vragolasti-Denis-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669724994-Vragolasti-Denis-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e932716fcd14e54f1050f0ebd4aca9ce02a1d3d4ee80d35fc9caf1b83245c59
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:29:57 GMT
server
cloudflare
age
1627
etag
"6385fb45-12a2"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52835bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4770
1669726591-profimedia-0740922540-scaled-e1669726788857-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669726591-profimedia-0740922540-scaled-e1669726788857-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1173705b5ad6c6150d9e471db5f1176d61402f6cd480d727a214b8d061688f9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:59:49 GMT
server
cloudflare
age
213
etag
"63860245-466b"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52838bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18027
the-wolf-of-wall-street-margot-robbie-and-leonardo-dicaprio-180856-175x117.jpeg
ba.n1info.com/wp-content/uploads/2018/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2018/01/the-wolf-of-wall-street-margot-robbie-and-leonardo-dicaprio-180856-175x117.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c443e28e9a0c2b2d9e32da1817c45076cc871ec13fbe8af360f92daf3e14d65
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 17 Dec 2020 02:26:50 GMT
server
cloudflare
age
3750
etag
"5fdac1ea-1c14"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5283bbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7188
1669626178-N1-940x528-TH-cizmice-PR1-1-175x117.png
ba.n1info.com/wp-content/uploads/2022/11/28/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669626178-N1-940x528-TH-cizmice-PR1-1-175x117.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9d4728dba07db796ecec27c7a6dacd4df482f44852e9bce54eef2e280a917
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 09:03:00 GMT
server
cloudflare
age
4169
etag
"63847944-5a04"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc52840bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23044
1669414147-16-9-blurana-pozadina.mp4.00_01_23_07.Still001-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/25/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/25/1669414147-16-9-blurana-pozadina.mp4.00_01_23_07.Still001-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d477f817703268b28def4e51ffd507a6f40bd8816275fedee7ca21be09f1b3b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 25 Nov 2022 22:09:10 GMT
server
cloudflare
age
4761
etag
"63813d06-b72c"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52844bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46892
1668840403-vladorama-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/19/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/19/1668840403-vladorama-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d3ffb95092ec94b83f5f47e8745b2c189dd3a13bf7feb2208214c74d6b521c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sat, 19 Nov 2022 06:46:43 GMT
server
cloudflare
age
4761
etag
"63787bd3-8620"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52845bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34336
1668112685-naginjanaje-550x360.png
ba.n1info.com/wp-content/uploads/2022/11/10/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/10/1668112685-naginjanaje-550x360.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb535e6c76d13724a276de833eda5448234d67180dc5df9a667db3b8514c39cd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 20:38:09 GMT
server
cloudflare
age
4761
etag
"636d6131-300d9"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc5284abb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196825
1667482901-FOBIJA000-550x360.png
ba.n1info.com/wp-content/uploads/2022/11/03/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/03/1667482901-FOBIJA000-550x360.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd404f8274a78ad004e3b031fc3065cbb1b953956103aa5982019d570dd4896
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Thu, 03 Nov 2022 13:41:58 GMT
server
cloudflare
age
4761
etag
"6363c526-34d57"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc5284dbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
216407
1667645802-vucic-ig-511.png
ba.n1info.com/wp-content/uploads/2022/11/05/ 		732 KB
732 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/05/1667645802-vucic-ig-511.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ed833cd86d4c365ef135ac98a29cdb161292c765899ab0c112eae9ea0987f0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 10:56:42 GMT
server
cloudflare
age
209
etag
"6366416a-b6fb2"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc5284fbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
749490
1669663302-shutterstock_397630249-768x512.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669663302-shutterstock_397630249-768x512.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a0aa9c228561784f0b76145ec242b68d967943a4569e022097d1ef1fcbbde04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 19:21:54 GMT
server
cloudflare
age
4145
etag
"63850a52-de3d"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52851bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56893
1669657997-1669655693-andrej-plenkovic-900x506-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669657997-1669655693-andrej-plenkovic-900x506-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87605f97c08a293e3056b49a1dd625d75812d6d1b8cc699a2e004b8e3ba28846
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 17:53:20 GMT
server
cloudflare
age
1017
etag
"6384f590-b103"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52853bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45315
1667561890-milanovic-550x360.jpeg
ba.n1info.com/wp-content/uploads/2022/11/04/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/04/1667561890-milanovic-550x360.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7147c3e27d2395eda678a84f970e06fca08af0753de991596e5743fa7a98c06
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 04 Nov 2022 11:38:17 GMT
server
cloudflare
age
3953
etag
"6364f9a9-649a"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52856bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25754
1669056081-1669053838-000_327C8DD-900x600-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/21/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/21/1669056081-1669053838-000_327C8DD-900x600-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2faa6174878c7411f389bb07dd922a19ffa214a875b13c21b67c3bb5b406f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 21 Nov 2022 18:41:22 GMT
server
cloudflare
age
4062
etag
"637bc652-7364"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52858bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29540
1669625911-irina-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669625911-irina-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb1594cbb989b25497242af569883075f2209667caedcd9e94cd470357593b4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 08:58:33 GMT
server
cloudflare
age
1569
etag
"63847839-885b"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5285bbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34907
1669622393-panter-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669622393-panter-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6dc752c776430781d356f762287fb7d553df14e076162817320615cdfb4736
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 07:59:54 GMT
server
cloudflare
age
3651
etag
"63846a7a-8203"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5285dbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33283
1669659594-2022-11-28T120421Z_1479408695_UP1EIBS0XJ8EQ_RTRMADP_3_SOCCER-WORLDCUP-CMR-SRB-REPORT-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669659594-2022-11-28T120421Z_1479408695_UP1EIBS0XJ8EQ_RTRMADP_3_SOCCER-WORLDCUP-CMR-SRB-REPORT-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ed2ff6c13460978436c34f4b5e578e33727656b688504efb77a3ecd53d39d24
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 18:19:56 GMT
server
cloudflare
age
180
etag
"6384fbcc-3df0"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52860bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15856
medicinski-fax-29971-175x117.jpeg
ba.n1info.com/wp-content/uploads/2015/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2015/06/medicinski-fax-29971-175x117.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7461b246ae0182196d3092a5e40ec270c1685bddcf28118a882bae51d5daac42
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 16 Dec 2020 20:07:10 GMT
server
cloudflare
age
6903
etag
"5fda68ee-2386"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52862bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9094
1668163721-SEBIJA-IZETBEGOVIC-SKUPSTINA-KS-175x117.jpeg
ba.n1info.com/wp-content/uploads/2022/11/11/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/11/1668163721-SEBIJA-IZETBEGOVIC-SKUPSTINA-KS-175x117.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff4b5944197f5a245036c6096b676c9cf398a4d0fed4b11beb61b8a2cf8892f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 11 Nov 2022 10:48:46 GMT
server
cloudflare
age
4874
etag
"636e288e-1d10"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52865bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7440
1669659026-saudin-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669659026-saudin-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d603997b48d9bdb94db835793dc7f9299e3496bd7f1803260b383505c61c778a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 18:10:28 GMT
server
cloudflare
age
2751
etag
"6384f994-2581"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52867bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9601
1637593947-Dizajn-bez-naslova-12-175x117.png
ba.n1info.com/wp-content/uploads/2021/11/22/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2021/11/22/1637593947-Dizajn-bez-naslova-12-175x117.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a5a34c5aae42c5748c1630e651b9e6b319408bb4ea3a2091521c08083a51d65
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
REVALIDATED
last-modified
Mon, 22 Nov 2021 15:12:28 GMT
server
cloudflare
etag
"619bb35c-c70f"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc52868bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50959
1668065475-diploma-sebija-senat-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/10/1668065475-diploma-sebija-senat-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2abca3763edb10f04d00c3ce560c4b6cad28dbecd8419e27ca18e21391226b74
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 10 Nov 2022 07:31:16 GMT
server
cloudflare
age
2719
etag
"636ca8c4-1e6d"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5286bbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7789
1669725703-2022-11-23T000000Z_1044135538_UP1EIBN1MB9TT_RTRMADP_3_SOCCER-WORLDCUP-BEL-CAN-REPORT-750x500.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669725703-2022-11-23T000000Z_1044135538_UP1EIBN1MB9TT_RTRMADP_3_SOCCER-WORLDCUP-BEL-CAN-REPORT-750x500.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e6c39ca4e5a35d2b7425c6542e999aa7109b66ef72566a55dd797025c7eda4b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Tue, 29 Nov 2022 12:41:45 GMT
server
cloudflare
etag
"6385fe09-16abe"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc5286ebb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92862
1650620885-AT5A3145-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/04/22/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/04/22/1650620885-AT5A3145-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19272f6d3c019a9941a76e3eb25e724f89b733f99f326280395c8e27495eb695
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 22 Apr 2022 09:48:10 GMT
server
cloudflare
age
2752
etag
"626279da-15ca"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52870bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5578
1669723791-maria-bobrova-Xp2mD-wQOfg-unsplash-scaled-e1669723891828-175x117.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669723791-maria-bobrova-Xp2mD-wQOfg-unsplash-scaled-e1669723891828-175x117.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa6e6b6d5f01a156bc7893a7ec28b778aeb66b02d5a692afc1cbc19d6e26a57
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:11:33 GMT
server
cloudflare
age
3475
etag
"6385f6f5-1503"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52873bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5379
1669723252-2022-11-27T180446Z_2059520973_UP1EIBR1E7VE7_RTRMADP_3_SOCCER-WORLDCUP-CRO-CAN-REPORT-300x198.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669723252-2022-11-27T180446Z_2059520973_UP1EIBR1E7VE7_RTRMADP_3_SOCCER-WORLDCUP-CRO-CAN-REPORT-300x198.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eb8e321b1bc76c270d333f53b798903af7439d037df86348eda7ad10a3a7946
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:01:15 GMT
server
cloudflare
age
3775
etag
"6385f48b-8048"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52875bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32840
1669705217-shutterstock_1929112481-1000x564.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669705217-shutterstock_1929112481-1000x564.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d8e0a002b249e53e1adf57e16edae56f8e8b747f791a0c58c7a68f0a5b997c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 07:00:17 GMT
server
cloudflare
age
5854
etag
"6385ae01-14507"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc52877bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83207
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame DA57 		627 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30364158
content-encoding
gzip
content-length
392
content-type
text/html
date
Tue, 29 Nov 2022 13:14:48 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Wed, 15 Nov 2023 23:44:06 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
configuration.js
consentcdn.cookiebot.com/consentconfig/729d2675-1276-4b08-83ce-5ec1c0b68cb5/ba.n1info.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/729d2675-1276-4b08-83ce-5ec1c0b68cb5/ba.n1info.com/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c563b6218b0f4989b8de94e9fe94ac4878d88e3c1d0a8f72762d05ea35b65039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 13:33:33 GMT
server
AkamaiNetStorage
etag
"b94a1c66b5e2be1196d1a5dcd254f59f:1668432813.574564"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=40846
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
1651
expires
Wed, 30 Nov 2022 00:35:34 GMT
cc.js
consent.cookiebot.com/729d2675-1276-4b08-83ce-5ec1c0b68cb5/ 		275 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/729d2675-1276-4b08-83ce-5ec1c0b68cb5/cc.js?renew=false&referer=ba.n1info.com&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4662b69107f6c77b93f5efae512a526df00ae9881360562d01c5747626458c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 13:14:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
content-length
66938
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
1669636033-SA-.00_01_55_24.Still002-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669636033-SA-.00_01_55_24.Still002-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54060db83e49763f64477ffbd51ec2a34e40a91b1c0807a6a3f1fdfe983c88ac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 11:47:16 GMT
server
cloudflare
age
4760
etag
"63849fc4-86a6"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a5abb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34470
1669635690-SA-.00_01_06_16.Still001-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669635690-SA-.00_01_06_16.Still001-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e678a34d935a6a8b74ad2a0fbcfc8504443c31e21d8f12abe34c3f44913d4059
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 11:41:33 GMT
server
cloudflare
age
4760
etag
"63849e6d-b5cb"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a60bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46539
1669585802-NIKOLA-550x360.png
ba.n1info.com/wp-content/uploads/2022/11/27/ 		266 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/27/1669585802-NIKOLA-550x360.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5517bc68270f0b2b7602c7a3dbff959f3fa9026bf7b33e9bc15a6815edce69ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Sun, 27 Nov 2022 21:50:13 GMT
server
cloudflare
age
4760
etag
"6383db95-427a9"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc65a62bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
272297
1668439641-zagadjen-zrak-sarajevo-5-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/14/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/14/1668439641-zagadjen-zrak-sarajevo-5-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b469a7a46d7f4261acdf866b60de0c5f3216eed6081229b4de7dca0dcab73c7e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 14 Nov 2022 15:27:24 GMT
server
cloudflare
age
4760
etag
"63725e5c-2e40"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a65bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11840
1669724655-zoran-pavlovic-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669724655-zoran-pavlovic-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e6564d5860837325e74f41ecc2e710d136829e2ddb90f92aad4581b669a91f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:24:18 GMT
server
cloudflare
age
2446
etag
"6385f9f2-11090"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a68bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
69776
1669722570-utakmica-srbija-kamerun-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669722570-utakmica-srbija-kamerun-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd65c9e713aab76687e4486c6c0c4116f7446924c4094248152da08187f2de0d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 11:49:32 GMT
server
cloudflare
age
4049
etag
"6385f1cc-dab3"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a69bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55987
1669723090-nd-1-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669723090-nd-1-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163d8bc5b9d16a7224a59b509a8f74fe7a182fa478c852d6563a08291239b828
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 11:58:13 GMT
server
cloudflare
age
4049
etag
"6385f3d5-c741"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a6bbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51009
1669671810-nerma-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669671810-nerma-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d397821afe79df6bc7243638b79deea58cfe58ea35a57af38fa93b957325b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 21:43:32 GMT
server
cloudflare
age
2773
etag
"63852b84-c716"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a6dbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50966
1669663754-dnevnik-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669663754-dnevnik-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c869f274afd036b8418c780b09473a327dbf68b4f254b7074d5dd14280a7c04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 19:29:16 GMT
server
cloudflare
age
1703
etag
"63850c0c-9357"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a6fbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37719
1669663059-tiro-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669663059-tiro-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4271e79969552a80c34be48c5a741d7a6178827b732b072629e485e9ff7641d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 19:17:40 GMT
server
cloudflare
age
1350
etag
"63850954-6f8c"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a70bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28556
1669662251-cutahija-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/28/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/28/1669662251-cutahija-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4f214434204b0f69f2ff931b16c9725121c4a0e9817891212dfd44a5d452c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 19:04:12 GMT
server
cloudflare
age
5986
etag
"6385062c-7ab7"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a71bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31415
1669325294-bbbb-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/24/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/24/1669325294-bbbb-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29934d0983a31746a0114dbb7b6b0ce2bac20e7a58addea7ccd4d3ac139544b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 24 Nov 2022 21:28:17 GMT
server
cloudflare
age
4760
etag
"637fe1f1-c912"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc65a72bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51474
1664796254-AT5A8625-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/10/03/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/10/03/1664796254-AT5A8625-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23e2e35f1d3ed66e9a5b85671b932f088ea89f996c645e95e58c581c92974c6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 03 Oct 2022 11:24:19 GMT
server
cloudflare
age
1350
etag
"633ac663-bdd6"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc67a9abb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48598
1660902258-AA-20220819-28683290-28683279-ERESUNDSKI_MOST_IMPRESIVNO_ZDANJE_KOJE_SPAJA_SVEDSKU_I_DANSKU-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/08/19/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/08/19/1660902258-AA-20220819-28683290-28683279-ERESUNDSKI_MOST_IMPRESIVNO_ZDANJE_KOJE_SPAJA_SVEDSKU_I_DANSKU-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a78ed8ad2965d49c1594db81e0fca507ab140104c7439a6536758daae8b2155d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 19 Aug 2022 11:43:23 GMT
server
cloudflare
age
1350
etag
"62ff775b-78c2"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68ab0bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30914
1660654128-Image-4-550x360.jpeg
ba.n1info.com/wp-content/uploads/2022/08/16/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/08/16/1660654128-Image-4-550x360.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b507cdf3dec53bd5af9acc7b8d7ddf1d29d611a3fb8803499c614f31441cbe7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 16 Aug 2022 14:47:51 GMT
server
cloudflare
age
4760
etag
"62fbae17-15e4c"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68ab1bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
89676
1659105721-1659102849-1659086437-AA-20220729-28527067-28527051-TURKIYE_PODNI_MOZAIK_U_GUINNESSOVOJ_KNJIZI_SVJETSKIH_REKORDA-768x432-750x422-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/07/29/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/07/29/1659105721-1659102849-1659086437-AA-20220729-28527067-28527051-TURKIYE_PODNI_MOZAIK_U_GUINNESSOVOJ_KNJIZI_SVJETSKIH_REKORDA-768x432-750x422-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a37358c11882b5b4483286b5984677dd11fd85f84eb91122ac6866376e1e9c1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 29 Jul 2022 14:41:49 GMT
server
cloudflare
age
1350
etag
"62e3f1ad-c562"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68ab4bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50530
1669365045-image00002-550x360.jpeg
ba.n1info.com/wp-content/uploads/2022/11/25/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/25/1669365045-image00002-550x360.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9161cdbce2dd417afe6ba4fa809f3b05a0afb0e13cf52055979c25529264040d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 25 Nov 2022 08:31:12 GMT
server
cloudflare
age
4760
etag
"63807d50-d80d"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68ab8bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55309
1669282475-davor-dragicevic-svjetlo-na-kraju-tunela-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/24/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/24/1669282475-davor-dragicevic-svjetlo-na-kraju-tunela-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd927aa467ed6783acad28d90791e6ce4cff168434c4bc44e0065f72e816083
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 24 Nov 2022 09:34:36 GMT
server
cloudflare
age
4760
etag
"637f3aac-9b49"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68abcbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39753
1668515392-AT5A2987-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/15/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/15/1668515392-AT5A2987-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd91ab610e73c9efb3a030c514e0398bd0fc36c2ae470bc08659ea635540d323
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 15 Nov 2022 12:30:00 GMT
server
cloudflare
age
4760
etag
"63738648-65c6"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68abebb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26054
1667814323-AA-20221106-29366558-29366541-TRKA_OLDTIMERA_U_LONDONU_UCESTVOVALO_VISE_OD_350_VOZILA_PROIZVEDENIH_PRIJE_1905_GODINE-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/07/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/07/1667814323-AA-20221106-29366558-29366541-TRKA_OLDTIMERA_U_LONDONU_UCESTVOVALO_VISE_OD_350_VOZILA_PROIZVEDENIH_PRIJE_1905_GODINE-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bc5b64a74d7d84673f302f1b914a7e6a0feb73ce4a4209152d7194d001a8a7c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 07 Nov 2022 09:45:30 GMT
server
cloudflare
age
1350
etag
"6368d3ba-10611"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68ac7bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67089
1667369639-AT5A5782-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/02/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/02/1667369639-AT5A5782-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f2ad2f4f3160b674a3dda2d973516946b5186ef40f09880e1e341b5f1b2c2b5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 02 Nov 2022 06:14:08 GMT
server
cloudflare
age
4760
etag
"63620ab0-700b"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68acbbb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28683
1666716714-skup-banjaluka-550x360.png
ba.n1info.com/wp-content/uploads/2022/10/25/ 		266 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/10/25/1666716714-skup-banjaluka-550x360.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd16335c24534cb686cb6b742b6b10f228fe32b6c9072021ccb77aaab3d19d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Tue, 25 Oct 2022 16:52:01 GMT
server
cloudflare
age
4760
etag
"63581431-426b2"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
771b9bc68acebb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
272050
1666627587-image00012-550x360.jpeg
ba.n1info.com/wp-content/uploads/2022/10/24/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/10/24/1666627587-image00012-550x360.jpeg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a5264c7e4b7ead753a1fb9b647b950336ccf2659b311a3ac7a976b9a870b34
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 24 Oct 2022 16:06:56 GMT
server
cloudflare
age
1350
etag
"6356b820-d952"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68ad0bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55634
1665428417-310322641_834304850951412_3196741626817975122_n-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/10/10/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/10/10/1665428417-310322641_834304850951412_3196741626817975122_n-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67aadc95e1663793f12d034c7b5a985ea06bd020b007b0ff657099e1d73abf4b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 10 Oct 2022 19:00:19 GMT
server
cloudflare
age
1350
etag
"63446bc3-bdd8"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc68ad2bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48600
1669725703-2022-11-23T000000Z_1044135538_UP1EIBN1MB9TT_RTRMADP_3_SOCCER-WORLDCUP-BEL-CAN-REPORT-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669725703-2022-11-23T000000Z_1044135538_UP1EIBN1MB9TT_RTRMADP_3_SOCCER-WORLDCUP-BEL-CAN-REPORT-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe94d6664946c6463d2ac305de897e7135df0dcf121359c34ee87f0235efe7f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:41:45 GMT
server
cloudflare
age
1122
etag
"6385fe09-eb03"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc69ae0bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60163
1650620885-AT5A3145-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/04/22/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/04/22/1650620885-AT5A3145-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759b1559d5f7b15a94b6962455abfe6d4d95c717bb4094be3ffa0dc92b36d399
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 22 Apr 2022 09:48:11 GMT
server
cloudflare
age
2446
etag
"626279db-6f7c"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc69ae2bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28540
1669723791-maria-bobrova-Xp2mD-wQOfg-unsplash-scaled-e1669723891828-550x360.jpg
ba.n1info.com/wp-content/uploads/2022/11/29/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.n1info.com/wp-content/uploads/2022/11/29/1669723791-maria-bobrova-Xp2mD-wQOfg-unsplash-scaled-e1669723891828-550x360.jpg
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/js/app.js?ver=1669628241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
359aec9c030d015e48df904a4179c81c52cc8cb983d65251ad770bb3cc5cb0e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 12:11:33 GMT
server
cloudflare
age
3572
etag
"6385f6f5-b94d"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
771b9bc69ae4bb56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47437
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1108
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
771b9bc6fa6e9094-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 02 Dec 2022 13:14:48 GMT
fpdata.js
gars.hit.gemius.pl/ 		279 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gars.hit.gemius.pl/fpdata.js?href=ba.n1info.com
Requested by
Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.95.172.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3214334.ip-141-95-172.eu
Software
GHC /
Resource Hash
08487b6b4baadd62d1a93ed1b6cb9f3442b69f9526634cbeba8f1c9c5a24be4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
279
expires
Thu, 29 Dec 2022 13:14:48 GMT
lsget.html
ls.hit.gemius.pl/ Frame 863A 		0
0
lw.css
linker.ba/widget/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://linker.ba/widget/lw.css
Requested by
Host: linker.ba
URL: https://linker.ba/lw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff5fa1db0fde492c288e40fa43601e1d144003e2fc33de53d6b55099d3679ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 10:09:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4591
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o267d51CudB276g63OP3BfG%2FfZJWXZqwSdKL7L5GlDgzgtu%2BNlKwI6pL6WnN%2F6kRERNDnxenay150T%2F3YuB8DPI0W%2BVvvmyH0n48jwPouK2rU5an8qgLu0tilD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
771b9bc74df75b44-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
standard.publisher.config.min.js
lib.wtg-ads.com/publisher/ba.n1info.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/publisher/ba.n1info.com/standard.publisher.config.min.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b008e0404de46c8d0bcdb138615868da1975146cb971b0ff6e21a92fd3c98e9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342978
last-modified
Fri, 25 Nov 2022 13:57:56 GMT
server
cloudflare
etag
W/"6380c9e4-9340"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1X3U70WN5Z5Z5cxswYddXAaFrPGoFXWefw6PGI%2Bp%2BTflyn5h2fMXiTTV1%2Bmgksk9qzGcyS86RZqCfQiKh5wb87No2AcmxgKziSAi%2FMS%2FhReugZEHh%2B8efPS9XMbJTxH7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
771b9bc71f62bb44-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Fri, 25 Nov 2022 16:58:30 GMT
optimize.js
www.google-analytics.com/gtm/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-MQ4MQV5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c5b7a22af89b9b8b7d8e7128c2e64194e9b59ba2f86135243ebca2bd33ac9f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43997
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:48 GMT
45bgd8wg0l
www.clarity.ms/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/45bgd8wg0l
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.219.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5225336b845641f51f0ef67b91af970c67a717514952557796a51219a1100c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
application/x-javascript
date
Tue, 29 Nov 2022 13:14:48 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0yAWGYwAAAADXYg3tMdwNTIg6/n3IH9GARlJBMjMxMDUwNDE4MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 29 Nov 2022 13:14:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
LuLD9aUTRF1pfbI/l2A8gxAgOscGnDig25wThLB1W5vxCkfLeJ9FZEkbQhEpB8mWia6CR5eIL+Urn+Owbb+zPA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-13.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:49:17 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
1531
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cy8P3Hcjcyr5qz-Na3ex6q6fTHgJl85awWXfP6Hu--sUsjRCTu1-kA==
expires
Tue, 29 Nov 2022 14:49:17 GMT
tag.js
mc.yandex.ru/metrika/ 		209 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 17:04:33 GMT
etag
"6384bff1-11e96"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73366
expires
Tue, 29 Nov 2022 14:14:49 GMT
door.js
script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/door.js?id=2420
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
d68612cc92380eb66e77e1ba86b72c89a72c51cb7b8469e746bb4594670454ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-C1
etag
"2420...218.2022112913"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
L2h_qkXrVKYqv-ExIK1LNOJFBicywxrOBsI4zUzcZRq-vcHvFAN04Q==
door.js
script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/door.js?id=2429
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
36262942d3d2108762f6b03a229c3495c146b9abdfa53ebcda4b191d2968937b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-C1
etag
"2429...218.2022112913"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
t68woiuTSU29v1ECzGHDfVgCSpdxomjHwqkWOXrIvK4YC5Kgldkh5g==
tentacle.js
tentacles.smartocto.com/ten/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/tentacle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.188.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-188-76.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
748f098f044ff2324f32b50ef3991dfcf2b27fe41d0e5950a52e79e22a0cb531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 11:39:50 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=60, public
expires
Tue, 29 Nov 2022 13:15:49 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-135-39.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 29 Nov 2022 13:14:48 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Tue, 06 Dec 2022 13:14:48 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EPGS7W0SPD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8eef616e3f59087acf14c19bd6b373bef7d25dad71e19d91107901648c5d846a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75980
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Nov 2022 13:14:48 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-56928PS&cv=18&v=3&t=t&pid=782372&rv=b90&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=85&dl=ba.n1info.com%2F&tdp=GTM-56928PS;34489849;0;0;0&z=0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=GTM-56928PS&cv=18&v=3&t=t&pid=782372&rv=b90&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=85&dl=ba.n1info.com%2F&tdp=GTM-56928PS;34489849;0;0;0&z=0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:48 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-56928PS&cv=18&v=3&t=t&pid=782372&rv=b90&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=85&z=0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-56928PS&cv=18&v=3&t=t&pid=782372&rv=b90&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=85&tr=1gaawc.1opt.1cl.1cl.1cl.1cl.1tl.1tl.1tl.1tl.1tg.1tg.1tg.1tg.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1html.1html.5html&ti=1gaawc.1opt.1cl.1cl.1cl.1cl.1tl.1tl.1tl.1tl.1tg.1tg.1tg.1tg.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html&z=0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
boot
tracker_ba.contentexchange.me/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new
Requested by
Host: ba.contentexchange.me
URL: https://ba.contentexchange.me/static/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.15.13 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex2.irv.si
Software
nginx/1.21.6 /
Resource Hash
19960cb7b30118c5004765157e0882439da93d0444401d4b6d05ad596c9979b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx/1.21.6
etag
W/"638605c8bc516d33ca9a3905"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
content-length
18306
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162781796-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ed5a7dfc58623228bbb29d42eddb64333e1c1db36ac4c83c159dc01e8796f40b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43633
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:48 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162781796-7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f1c1ea9b4265a39ea8c2b6c87368403339cca63dd59777237e5c353142aff2fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43631
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:48 GMT
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.min.js
Requested by
Host: cdn.monadplug.com
URL: https://cdn.monadplug.com/format/native/js/hood.js?v=122102913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1103622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11066
last-modified
Mon, 04 May 2020 16:11:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9d-9079"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suSZCNAy8%2BgU4gGFDocOfMtyTvMR7E8XeznbbgsyZnLNM78o0V7xln4eMNGSfGkK1pVamgpF%2Bq1SC393ZOEITYQi8RtQ1oApF%2Fzflgs2UYamoGIncWn3Q0KUUlUJNODcEX5DiQer"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
771b9bc8c8cf6963-FRA
expires
Sun, 19 Nov 2023 13:14:49 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162781796-6
Requested by
Host: cdn.monadplug.com
URL: https://cdn.monadplug.com/format/native/js/hood.js?v=122102913
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0deca67b61d1ff6e984979a861ed4299d4e588cacf287cdac989e8f444f5a5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43614
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:48 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-56928PS&cv=18&v=3&t=t&pid=782372&rv=b90&es=1&e=gtm.dom&eid=3&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=85&z=0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:48 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-56928PS&cv=18&v=3&t=t&pid=782372&rv=b90&es=1&e=gtag.config&eid=5&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=85&z=0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
web
onesignal.com/api/v1/sync/df388f2d-fdc3-41aa-8ac7-d63f8176ebe6/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/df388f2d-fdc3-41aa-8ac7-d63f8176ebe6/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be2dcd0750392c2617a6cc07d3ebae33aac8c1cd812f8324f32cf38f7e264e0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1365
cf-polished
origSize=6466
status
200 OK
x-envoy-upstream-service-time
30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1eca329f-515e-4ccf-a2f3-b03a9a5e0b3e
x-runtime
0.028169
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"e741862010b9f04606460092f2988fa4"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
771b9bc8caa59152-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 29 Nov 2022 14:14:49 GMT
lsget.html
ls.hit.gemius.pl/ Frame C0FC 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
0aa134e279eec37f2f91739edd89ff4c21288bb9de59fdddcbbeeefad414edb0

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2725
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:49 GMT
etag
PRIVATE7520710249
expires
Thu, 29 Dec 2022 13:14:49 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221129
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c45d2a8b0133c0c10802abb2510b8ee51f1bb2a745288a1944af4f9a508fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26203
x-jsd-version
1.0.1538
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-zSB71lydrnWHanna+LyL9m8KH40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLDUsIZ%2BeO7sFbsUKJfs7ne5kJr%2F17HBQcpvb4a0DLrpvryyeLLlBllqEel%2FGhKg2It2bv6PV4QAcNhR%2FqOFOvqGAa%2FrT5PT6%2F88SmD2gurpIyJbkl3r%2F297mrzWU2qQGEA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
771b9bc8f9a99a12-FRA
1394148837682749
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1394148837682749?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
e90e35d282fd28c8613233147718464914cd6afadcaa22af50648ac545286162
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 29 Nov 2022 13:14:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85977
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
RgTRgoFCPoYq9SfTJZDcOBtqrFbi/nfnp70TI66h8/luA7NiMMg5hmmScM9X13TUrh3ckomNloOZSRBA/1XTiA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=ba.n1info.com&p=%2F&u=CN5dXBC4kSTPCRQigl&d=ba.n1info.com&g=66131&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10715&o=1700&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1317&t=BFfxJTBueYggBFMCBYBdpC39CrHCuO&V=136&i=Vijesti%20-%20N1%20Bosna%20i%20Hercegovina&tz=0&sn=1&sv=JT5BOCRuXx5GC9B2BAdPXay2kvH&sd=1&im=067b2fff&_
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.86.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-86-100.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
548e73c652d334e7e64e974f5da120a864a13a7c125203f127f74de64526887d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27238
x-xss-protection
0
server
sffe
etag
"1406 / 29 of 1000 / last-modified: 1669723501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 29 Nov 2022 13:14:49 GMT
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
280865333e4cb34a25edf5eef36e6d09915d94b783322e3869f2f23b341fe02f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37466
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:49 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-51336095-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e394a0ebe3b6b4f621902ac726cf312d38577d8a51e8415995bc49bbeceaab9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43715
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:49 GMT
collect
region1.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EPGS7W0SPD&gtm=2oeb90&_p=1950824012&cid=1659247189.1669727689&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669727689&sct=1&seg=0&dl=https%3A%2F%2Fba.n1info.com%2F&dt=Vijesti%20-%20N1%20Bosna%20i%20Hercegovina&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPGS7W0SPD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 11:24:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6605
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 29 Nov 2022 13:24:44 GMT
truncated
/ 		973 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea058413a6122efaf3fb58216d79bd6886a87e206304a50c4a3b0e477bc3941c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
hit.gif
script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.dotmetrics.net/hit.gif?id=2420&url=https%3A%2F%2Fba.n1info.com%2F&dom=ba.n1info.com&r=1669727689338&pvs=1&pvid=f820211c-fa7f-4a53-8e1a-2577c65f66b5&c=true&tzOffset=0
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
dotmetrics-hit-status
01 OK
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
oAot884opfuxMY--TJAFRbWPvjPNP35U9gd2f6TRIgOkRXe_j6ZurQ==
fpjs_v3.js
hb.contentexchange.me/template/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.contentexchange.me/template/fpjs_v3.js
Requested by
Host: tracker_ba.contentexchange.me
URL: https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trafex.serv.si
Software
nginx/1.14.1 /
Resource Hash
f531e3e24fb22510e9ff3d3e06f72e4837cfc10fc86e45f4a4059ddc8941669c

Request headers

Referer
https://ba.n1info.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
last-modified
Tue, 22 Nov 2022 09:37:48 GMT
server
nginx/1.14.1
etag
"637c986c-8232"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
33330
collect
collector_sr.contentexchange.me/ba/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector_sr.contentexchange.me/ba/collect?event=pageview&gdpr=2&pv=5724f654-e506-4e2a-9704-8b9b7e969bc0&url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&user_id=638605c8bc516d33ca9a3905&new=true&tz=0&cs=UTF-8&ns=1669727688895&req_ts=1669727688164&res_ts=1669727688246&ts=1669727689350&screen=1200x1600x24
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.9.32 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trfx.serv.si
Software
nginx/1.16.1 /
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx/1.16.1
content-type
image/gif
751203180882331689
match.contentexchange.me/adform/
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1219&cid=638605c8bc516d33ca9a3905&redirect=https://match.contentexchange.me/adform/__ADFUID__
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=638605c8bc516d33ca9a3905&redirect=https://match.contentexchange.me/adform/__ADFUID__
  • https://match.contentexchange.me/adform/751203180882331689
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/751203180882331689
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-length
0
server
nginx/1.16.1

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://match.contentexchange.me/adform/751203180882331689
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bex
sync1.adnetwork.agency/dmp/sync/
Redirect Chain
  • https://sync2.adnetwork.agency/image?pbjs=1
  • https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA]
  • https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex
  • https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
HTTP/1.1
Server
109.206.161.115 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.161.115.serverel.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 29 Nov 2022 13:14:50 GMT

Redirect headers

location
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
date
Tue, 29 Nov 2022 13:14:49 GMT
server
nginx/1.16.1
clarity.js
www.clarity.ms/eus-c/s/0.6.43/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/45bgd8wg0l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.219.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
etag
"1d9026a431ead4c"
x-azure-ref
0yQWGYwAAAAA20Xk/i+cFRoWxsaweWcOQRlJBMjMxMDUwNDE4MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
93709
stags.bluekai.com/site/ Frame 61DA 		71 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/93709?ret=html&phint=__bk_t%3DVijesti%20-%20N1%20Bosna%20i%20Hercegovina&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fba.n1info.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=30163759
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.108.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

bk-server
20d6
content-length
71
content-type
text/html
date
Tue, 29 Nov 2022 13:14:49 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-n
S
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1394148837682749&ev=PageView&dl=https%3A%2F%2Fba.n1info.com%2F&rl=&if=false&ts=1669727689649&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669727689646.1796608688&it=1669727689097&coo=false&exp=c1&rqm=GET
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 29 Nov 2022 13:14:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
3gJvDt2kPsJpfriQo-7skd2hh9uyj
tracker_ba.contentexchange.me/widget/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker_ba.contentexchange.me/widget/3gJvDt2kPsJpfriQo-7skd2hh9uyj?gdpr=2
Requested by
Host: tracker_ba.contentexchange.me
URL: https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.15.13 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex2.irv.si
Software
nginx/1.21.6 /
Resource Hash
83ddc7870c5e7bb9ca5e4560b6c790d2ce40ae17897475529cdc0c9479e46d81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
unsafe-url
x-content-type-options
nosniff
server
nginx/1.21.6
content-type
text/javascript; charset=utf8
access-control-allow-origin
*
cache-control
private, max-age=0, must-revalidate, no-store, no-cache
x-xss-protection
1; mode=block
script.js
script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/Scripts/script.js?v=218
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/door.js?id=2420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
br
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 10:10:26 GMT
server
Kestrel
x-amz-cf-pop
FRA56-C1
etag
"1d903daccec6877"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
jDI_wCpxQWyzjA3rP1L4KLJFhICimiep9y-eMCwVusUdt3pPDWV7aA==
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9837.HQ_bitwOD2Gu9qavgSUWjlf3izNxnwjvduyZKaaM-GNEZtqAznAP5sZo4AI62VPg.m0cDxMzGSBttTyWsbhseXrpTUk0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9837.POlYMikk5tbeqKadPaTSBxvnKqybWCq188TFwziHJNNtlnYuNkaRqD44iZKrkZteOem4i8eu8VXUn_0nWjv3_Q%2C%2C.0pBnJpgSLcsRdZCmMkI_YSduwPc%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9837.POlYMikk5tbeqKadPaTSBxvnKqybWCq188TFwziHJNNtlnYuNkaRqD44iZKrkZteOem4i8eu8VXUn_0nWjv3_Q%2C%2C.0pBnJpgSLcsRdZCmMkI_YSduwPc%2C
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9837.POlYMikk5tbeqKadPaTSBxvnKqybWCq188TFwziHJNNtlnYuNkaRqD44iZKrkZteOem4i8eu8VXUn_0nWjv3_Q%2C%2C.0pBnJpgSLcsRdZCmMkI_YSduwPc%2C
date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1950824012&t=pageview&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=Vijesti%20-%20N1%20Bosna%20i%20Hercegovina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAAI~&jid=1303073955&gjid=455023839&cid=1659247189.1669727689&tid=UA-51336095-6&_gid=938808586.1669727690&_r=1&gtm=2wgb9056928PS&cd1=0&cd3=2021-06-01T12%3A11%3A39%2B00%3A00&cd4=&cd5=&cd7=(not%20set)&z=1614358254
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1950824012&t=pageview&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=Vijesti%20-%20N1%20Bosna%20i%20Hercegovina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CjAAUABQAAAACAAM~&jid=567952954&gjid=721021500&cid=1659247189.1669727689&tid=UA-162781796-7&_gid=453490437.1669727690&_r=1&gtm=2oub90&did=dMWZhNz&gdid=dMWZhNz&z=213403514
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1950824012&t=pageview&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=Vijesti%20-%20N1%20Bosna%20i%20Hercegovina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CjAAUABQAAAACAAM~&jid=61653689&gjid=2084256400&cid=1659247189.1669727689&tid=UA-162781796-6&_gid=894091185.1669727690&_r=1&gtm=2oub90&did=dMWZhNz&gdid=dMWZhNz&z=439807744
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1950824012&t=event&_s=2&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=Vijesti%20-%20N1%20Bosna%20i%20Hercegovina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=error&ea=invalid_widget_id&el=native%20*%20https%3A%2F%2Fba.n1info.com%2F%20*%2011797-100929-101861&_u=4CjAAUABQAAAACAAM~&jid=&gjid=&cid=1659247189.1669727689&tid=UA-162781796-7&_gid=453490437.1669727690&gtm=2oub90&cd1=native&cd2=11797-100929-101861&cd3=https%3A%2F%2Fba.n1info.com%2F&cd4=N%2FA&cd5=v%3D2.1&did=dMWZhNz&gdid=dMWZhNz&z=600076537
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37938
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 17:04:33 GMT
etag
"6384bff1-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 29 Nov 2022 14:14:49 GMT
tentacles
api.smartocto.com/api/brands/ 		1 KB
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.smartocto.com/api/brands/tentacles?i=as6npffbnk9qj2qp9fxu3n5b6wpfk4rr
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.7.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-7-23.eu-west-1.compute.amazonaws.com
Software
/ SmartOcto
Resource Hash
189433fa983a405badda1a13854ac9f53c87d386deda1723f3028b57c83de640

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 13:14:40 +0000
max-age
10
x-powered-by
SmartOcto
vary
Accept-Encoding
x-cache
HIT from SmartOcto Cache
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ba.n1info.com
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:44:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Nov 2023 12:44:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		206 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ba.n1info.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
f28e74a7de5325321a658a83e95a80ae5d9ccf26538c8c6c841dc4f5c5960b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:49 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Server
99.86.1.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:56:06 GMT
content-encoding
br
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1124
x-amz-server-side-encryption
AES256
etag
W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
aPckMFAzIyOCZh4NmXkzd_VM6eDi_6VC53Sah0Ra0J05RNHOFBGIHg==

Redirect headers

date
Mon, 28 Nov 2022 22:41:20 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 daa2f44af77ac5ed09ff4b0024dfcd5c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
52409
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
cbImd7SLNy7XpaewTqZvuHBaSfq4fFfK8qFifWJscmPKa-ZaoW_GnQ==
prebid_6.12.0.js
lib.wtg-ads.com/prebid/ 		420 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e54d09aefdcf93b7d7e00e7e3dc528d82bf9fd89370e0e7f5f253a4fb09930b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290832
last-modified
Tue, 05 Apr 2022 07:54:55 GMT
server
cloudflare
etag
W/"624bf5cf-68e1c"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jb1GtaFsRfBK5RCtj0qVIjQ8PQv1TdS%2FKHGkdxUokNi4puwk9q4XCy9Y%2BJ5OAMZ%2BE9k7S4AgMFHwwaZW94q7P3I2P85p2oEsTRfqLSrCb70WswzLo2QOUxguWSgBcrjyrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=10800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
771b9bccfa7fbb44-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 26 Nov 2022 07:27:37 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-51336095-6&cid=1659247189.1669727689&jid=1303073955&gjid=455023839&_gid=938808586.1669727690&_u=YADAAEAAQAAAACAAI~&z=555864303
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 29 Nov 2022 13:14:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Exo+2:wght@600&display=swap
Requested by
Host: tracker_ba.contentexchange.me
URL: https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
5b68046c35ee8af8cd0494315d3978d822c265242d2484e294cb8b2385b5172d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:25:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 13:14:49 GMT
/
images4.contentexchange.me/fit/magic/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401250%2F800x550%2Fsebija-izetbegovic.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
8a0ffc58f014a73b9c8ceccccd165dd7b98b8edff9bcd37854db4900efe2d890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
/
images4.contentexchange.me/fit/magic/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401212%2F800x550%2F20210108_2_46250825_61358760_Web.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
8df0ad7afaece822d7d4e1984534d3c68fa1dcc60622b6d83911f2bc293eaa03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
/
images4.contentexchange.me/fit/magic/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401191%2F800x550%2FPitch-invador.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
620de612a584bdb7bbde11ee03071806e29259eb0a4bba223f0398545bbca69e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
/
images4.contentexchange.me/fit/magic/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401227%2F800x550%2FWhatsapp-ruka.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
02ef7a7894c90c45474bd08a852a58f20cd8176989c2bf4f001bbdec26eaa9b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
/
images4.contentexchange.me/fit/magic/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401262%2F800x550%2FGradskoVijece-Prosinac4.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
b445975f208e85a144de14dea72259f43e2da137fe56b2e9fbfd14afcc99730b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
/
images4.contentexchange.me/fit/magic/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401182%2F800x550%2Fkuhano-vino.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
29f64c686fe63f32baf9470e6db4e890b77b88c5b58e88560437535b766c30a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
/
images4.contentexchange.me/fit/magic/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401221%2F800x550%2Firan%2520team.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
d509e758948dccb55f4ff51961d9b699306299c520db8033d0299b58cda70240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
/
images4.contentexchange.me/fit/magic/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstorage.bljesak.info%2Farticle%2F401200%2F800x550%2FEdukacija-Ljubuski-1.jpg&size=400x209
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
8a233af1d0f7a3c7f78d33d23edfb96a8204d7cac61ee9cc13f2c060976a37a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:50 GMT
cache-control
max-age=31536000
content-type
image/jpeg; charset=utf-8
server
nginx/1.16.1
x-cache-status
HIT
expires
Wed, 29 Nov 2023 13:14:50 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
ce_thumb.png
www.contentexchange.me/static/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contentexchange.me/static/ce_thumb.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.19.11.65 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
2E130B41.rDNS.SiEL.si
Software
nginx /
Resource Hash
8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
last-modified
Mon, 19 Jan 2015 12:15:40 GMT
server
nginx
etag
"54bcf56c-950"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2384
expires
Thu, 31 Dec 2037 23:55:55 GMT
3gJvDt2kPsJpfriQo
hb.contentexchange.me/widget/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.contentexchange.me/widget/3gJvDt2kPsJpfriQo?domain=ba.n1info.com
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trafex.serv.si
Software
nginx/1.14.1 /
Resource Hash
2346a0e6f414698984efac6b133868928fb82e533360d88f6bc6ab1bb932e94a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx/1.14.1
content-length
14912
vary
Origin
x-xss-protection
1; mode=block
content-type
text/plain; charset=utf-8
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51336095-6&cid=1659247189.1669727689&jid=1303073955&_u=YADAAEAAQAAAACAAI~&z=673538852
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51336095-6&cid=1659247189.1669727689&jid=1303073955&_u=YADAAEAAQAAAACAAI~&z=673538852
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingestion.js
tentacles.smartocto.com/ten/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/ingestion.js
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.188.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-188-76.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b645f1f59a2f6a6baecc074226cf72aed2549ce20770c6ad088a617908c0c0fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 08:32:12 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=60, public
expires
Tue, 29 Nov 2022 13:15:49 GMT
7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsOdC_.woff2
fonts.gstatic.com/s/exo2/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v20/7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsOdC_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
9f73a6d4157095f93bed3c6cbad789a2bb3c80a7fb6f96452f9a54df3c86b996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 08:15:21 GMT
x-content-type-options
nosniff
age
17969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15648
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:19:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 08:15:21 GMT
7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsN9C_nps.woff2
fonts.gstatic.com/s/exo2/v20/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v20/7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsN9C_nps.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
e8a459ac5c3ba61111c2bf7c7db5a770102cc6eaa9278366245e01d4be2a0204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:23:10 GMT
x-content-type-options
nosniff
age
485500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11344
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 22:23:10 GMT
collect
h.clarity.ms/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:50 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
SiteEvent.dotmetrics
script.dotmetrics.net/ 		398 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MjQyMCwiZmwiOnRydWUsImRvbSI6ImJhLm4xaW5mby5jb20iLCJsc28iOm51bGwsInVybCI6Imh0dHBzOi8vYmEubjFpbmZvLmNvbS8iLCJydXJsIjoiIiwicHZpZCI6ImY4MjAyMTFjLWZhN2YtNGE1My04ZTFhLTI1NzdjNjVmNjZiNSIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1669727690438
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/Scripts/script.js?v=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
42fc64c3fd340d26050a5ecb1ec631d8815ce425a8ee31cf03c58ceee80b87b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
8KZHBv_y-8CU9aMlozkCWSiLSjr9YwCBmjyLjtgWuBANfEVOI2eLdw==
1
mc.yandex.com/watch/71048401/
Redirect Chain
  • https://mc.yandex.com/watch/71048401?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.com/watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3A...
461 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A260648366990%3Ahid%3A980084466%3Az%3A0%3Ai%3A20221129131449%3Aet%3A1669727690%3Ac%3A1%3Arn%3A129170025%3Arqn%3A1%3Au%3A1669727690750919842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C32%2C82%2C55%2C310%2C0%2C%2C343%2C99%2C%2C%2C%2C824%3Acpf%3A1%3Ans%3A1669727687820%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669727691%3At%3AVijesti%20-%20N1%20Bosna%20i%20Hercegovina&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
d1c32e720f8ec6b0875c6771d7a1cca2229daae604edd06044cfab948ac53e70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 29-Nov-2022 13:14:50 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ba.n1info.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
461
x-xss-protection
1; mode=block
expires
Tue, 29-Nov-2022 13:14:50 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 29-Nov-2022 13:14:50 GMT
location
/watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A260648366990%3Ahid%3A980084466%3Az%3A0%3Ai%3A20221129131449%3Aet%3A1669727690%3Ac%3A1%3Arn%3A129170025%3Arqn%3A1%3Au%3A1669727690750919842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C32%2C82%2C55%2C310%2C0%2C%2C343%2C99%2C%2C%2C%2C824%3Acpf%3A1%3Ans%3A1669727687820%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669727691%3At%3AVijesti%20-%20N1%20Bosna%20i%20Hercegovina&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin
https://ba.n1info.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 29-Nov-2022 13:14:50 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221129
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c45d2a8b0133c0c10802abb2510b8ee51f1bb2a745288a1944af4f9a508fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26204
x-jsd-version
1.0.1538
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-zSB71lydrnWHanna+LyL9m8KH40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxngAUu3VC0%2F28VgnWw4UA5paHAh%2FD91P1A8AP9cmgM6Bb7ig85Gg95EEVtrIo4d7xX3Ini5fifZTuyfjp7M8mR4E6tE8JdL3mAI2GLF5rikFs%2FLwCRAj7xNXHjmNef2HWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
771b9bd2ad0f9b3f-FRA
localstore.js
script.4dex.io/ 		483 B
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 15:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
506619
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wp5RxNKC8GybK3RIe5itkFp3N4RpA6kXvrkPcXFnBvQ8Ns2oQdBtQj4ourx%2BpF4C%2BZioYPBVtcWcttgrzdDh3tCX7Ntzc6yAmDGmYnmIhoZPfUs6kN%2BE6xSFcSGpKL8Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
771b9bd2bbe05b4a-FRA
802.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/802.json
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
0304168b6aaf7466c7fc26104d7d7d627fcc7a3efa6398fc346910db9dca414d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ba.n1info.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ba.n1info.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 29 Nov 2022 13:14:50 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
waytogrow-d.openx.net/w/1.0/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fba.n1info.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=817aaa0f-3b08-45f1-854d-a9353030576d&nocache=1669727690642&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C8174385%2C1%2C%2C%2C&aus=970x250%2C970x180%2C970x90%2C728x90&divids=%252F21876124292%252FN1BIH%252FN1BIH-Billboard-inFeed-1&aucs=&auid=557753092
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1513359af551aa5d164d7318ecd2dda6cece34b76ffd8ba108630ff38047bffd

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ba.n1info.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1682
expires
Mon, 26 Jul 1997 05:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		138 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c26a79d0a9286f138bb994c7e6e274b2311fb4decbf7715d94e3ea18916a4a40
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:50 GMT
AN-X-Request-Uuid
437aec11-68a2-42e6-893a-e209a7b954e2
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ba.n1info.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=438296&zone_id=2512416&size_id=2&alt_size_ids=55%2C57&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,8174385,1,,,&rf=https%3A%2F%2Fba.n1info.com%2F&tk_flint=pbjs_lite_v6.12.0&x_source.tid=817aaa0f-3b08-45f1-854d-a9353030576d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05593703050987564
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
65c4b6f8fb6d6e0414e00d1fa8b902e47efac0cd64f2a35d8ad6767f10171138

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
858bf26ff8b455724239611b09322011c5d05af4445c1e6954848b36eb52a463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ 		23 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0e3a3951abf590eb48c95a3a6f5a1cd375a42dc6db1bcc5d83742248334e3d2a

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Nov 2022 13:14:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ba.n1info.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.12.0&cb=13902494563
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
be90b7299fe5a48b5ba79e56648f350f13da18b58f93ff0ac7ecb40048eb67e0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=847091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217ceaf5ac066c4b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fba.n1info.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218eab84ffc666cf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A180%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%228174385%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b1bc77d30b16a3fd36b68b2939be5571e819adad00d478f17afc4f2c1197ad

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIdXOm1tLUcuM03iwJuNT6BTpXhNFOB8%2B9UcwWe%2BhPhlB9khTbuv%2FZxfFFl09t2YOqy214U%2FUOEbsURYKOLOlMJsmAjE76nEm5jo5hcEJ7iMhIxivU91MVFomvJ%2BEIUrldDShhx%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771b9bd2dfd29195-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.12.0&inver=0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
0000000000000000f9b3ce2135ef6f9c:f6bb64c59de3d882:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
v2
i.connectad.io/api/ 		38 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5313a1a888f3b4aff955ebbae7c3a8c39e03d3aeb29a3e7e703a151122f5b536

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ba.n1info.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
771b9bd2dd069b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=438296&zone_id=2512416&size_id=2&alt_size_ids=55%2C57&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,8174385,1,,,&rf=https%3A%2F%2Fba.n1info.com%2F&tk_flint=pbjs_lite_v6.12.0&x_source.tid=dd0d0163-0842-451f-b861-a787c50fde80&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15876787489779765
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b88f30028de2a4ceb0296d8ca75adeab4d6a61d448ab09c5aa3868a55a77b6d

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		24 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
66624ee7e76cfbea3d717dbfaccfd501f00080e4653341fc1f7caa01de6f1cf1

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Nov 2022 13:14:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ba.n1info.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cygnus
htlb.casalemedia.com/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=847091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2228098d2fde6ecc5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fba.n1info.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229588c746d84773%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A180%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%228174385%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ac3f1fed855a39298510847241f2ea79f82a5e82966c1cbda85734b92d1437

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRqiDfhN0USllVKafHGQ3WmW9yuu0Fh%2FMuRwjy5hHkrYPlsNnZycUkHIenY%2BUHLDdUsU5Ja1kVKfgUM3ZMjGQcvxQub6Qa3AT%2FTZnsKzT6shf9v4c04amX%2FrQeUGQIcnm2t1BnLt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771b9bd2dfd89195-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.12.0&cb=90757406604
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v2
i.connectad.io/api/ 		38 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c773dc0c03143d31a7a0f50f4d69ae9202c29753d42de342d33cc002b8af173e

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ba.n1info.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
771b9bd2dd079b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
arj
waytogrow-d.openx.net/w/1.0/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fba.n1info.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dd0d0163-0842-451f-b861-a787c50fde80&nocache=1669727690671&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C8174385%2C1%2C%2C%2C&aus=970x250%2C970x180%2C970x90%2C728x90&divids=%252F21876124292%252FN1BIH%252FN1BIH-Billboard-inFeed-2&aucs=&auid=557753092
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
01407c7390c6b0c5bef7fdb0f10e932fa875373919b5fcff7af773d7e10abf5f

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ba.n1info.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1682
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.12.0&inver=0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
000000000000000001950d129dc61c0c:d222c1693858c862:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1360fe8efbd1442e5a366cdbac6b6731c1d3f6d57362a44d37da22d7739b99c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:50 GMT
AN-X-Request-Uuid
9a70dd9d-9603-4bc1-bf4e-47a981ac19ca
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ba.n1info.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
d705361157ec3a3d50f5530a85420a5999e56eae1f6569b3a43ed44897d48790

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
54c69db3bd4f5b460b3d6f1467dc7e8e85404c0e4ad2b10a5a7e211d52998b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ba.n1info.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ba.n1info.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 29 Nov 2022 13:14:50 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ba.n1info.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ba.n1info.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 29 Nov 2022 13:14:50 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
waytogrow-d.openx.net/w/1.0/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fba.n1info.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d68a1769-8747-430e-a7dc-e4bae3aa18eb&nocache=1669727690680&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C8174385%2C1%2C%2C%2C&aus=970x250%2C970x180%2C970x90%2C728x90&divids=%252F21876124292%252FN1BIH%252FN1-BIH-Billboard-inFeed-3&aucs=&auid=557753092
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
60c5f23e1eca5fc14e0fbf60e9c606fba5f4e442422a7b06d1ebc1d63956adfa

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ba.n1info.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1653
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.12.0&inver=0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
000000000000000039fb1a5d26772094:7a600267781797b5:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.12.0&cb=66911611606
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=847091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225390f2d166b244b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fba.n1info.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225485a187658de2f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A180%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%228174385%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e36d5eb43776fefa8061f557bf277ba9abdf1117e1484d2f6df5ddc66ce4adc1

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5iwOB3Z0WtgCfo7o8SJqrHxubQoQzPXb5nF2eMrx1zII0%2BJBMGRVg2NtB94y8ebJ7Jl1ZUFya%2FSJp5T4Ar287L7bq4lbFeSgAKc0VN%2F14rF2tqb03VmEVbjaT%2FJnc1MnpK6uyYt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771b9bd2efeb9195-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ 		24 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
20584ea5e23cfa259c1d35d09d0f2408c8cbb6ac40522da90ffc126a3b1e13ed

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Nov 2022 13:14:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ba.n1info.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v2
i.connectad.io/api/ 		38 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b8cd005b7a9b4a1eb1dca12d68c95110cfa6faba7140e1b27d24e7c328fdf

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ba.n1info.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
771b9bd2ed0b9b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
32c7405b518fc46286b149fa379f8d911c05127dad6f8a8494eaed10926522fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=438296&zone_id=2512416&size_id=2&alt_size_ids=55%2C57&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,8174385,1,,,&rf=https%3A%2F%2Fba.n1info.com%2F&tk_flint=pbjs_lite_v6.12.0&x_source.tid=d68a1769-8747-430e-a7dc-e4bae3aa18eb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5495282645308548
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2f5ac802dda6495c6fc363fec22daa17fd539878df9ff6dd1ccb840c8071d503

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
052ca306b1cc2092554cc4cc2ba776dc825f5eeab768df536043b51f529d6e7d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:50 GMT
AN-X-Request-Uuid
7a664566-263d-45cc-994d-0e6c889e03aa
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ba.n1info.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
343360584576429d664ec5cb08d5d2003251a1587a739e3c32cf12b382e55de5

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
ssp.wp.pl/bidder/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.12.0&inver=0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
0000000000000000074ec73034372687:49bfb4e06fa8b540:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
3e79cd45eaa04e9e6b56500ddcdf65071e41af5c88099222651372d26c4a2d0c

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Nov 2022 13:14:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ba.n1info.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v2
i.connectad.io/api/ 		38 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b971ca6bf025b396328992a6b65cb4c97a86b74f0538fcaca703a3120b42e798

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ba.n1info.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
771b9bd2dd089b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arj
waytogrow-d.openx.net/w/1.0/ 		277 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fba.n1info.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2c69b67e-56e1-46ce-a524-bfc1b6988ec3&nocache=1669727690695&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C8174385%2C1%2C%2C%2C&aus=160x600%2C120x600&divids=%252F21876124292%252FN1BIH%252FN1BIHWALLPAPERL&aucs=&auid=557753088
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6f2d020b3bef30ffe4a43c7250bf7e799c5fb27daa3623d92a177599bb3c366f

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ba.n1info.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c186a16099f669961ae7593298d365a8ca4578adf9aba75b26c9b0ebd9b427e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:50 GMT
AN-X-Request-Uuid
c3f373d2-8659-438f-be0b-f5dce1008afc
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ba.n1info.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=438296&zone_id=2512416&size_id=9&alt_size_ids=8&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,8174385,1,,,&rf=https%3A%2F%2Fba.n1info.com%2F&tk_flint=pbjs_lite_v6.12.0&x_source.tid=2c69b67e-56e1-46ce-a524-bfc1b6988ec3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5052116105509079
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cea10a562f29862f65d60fbe691f0e016a8ed4123d305f7c7de3257cda07b80b

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
259
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=847091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%228484909379cdebe%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fba.n1info.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285c9c4a2032ae31%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%228174385%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac34881cf76745b633e4ba90d8475acaad9fa52fbb08cd8faec3f365d4fe179

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA0kNIPJc%2BkjBW40lGpHk%2FfnfS3gKvz2DA%2FDCJLyPn2DMxB3kgc4aV7TPv%2FT8Vok8C3WnCS3Hst0ef5jBXzohb9cSIJpnCxPW9cm7oV0Yj01URVQeq2V8GBnM5YBm3%2F8jW49DioL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771b9bd2efee9195-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.12.0&cb=73699472393
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cefd56807f5cf704def4e028b1655162049c21467d9f71e8b4e252161194121c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
948b75875f0b3fa0d59ac75e332af3a11d89b8bc101a0914ee041068c99c6be8

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ba.n1info.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ba.n1info.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 29 Nov 2022 13:14:50 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
config
c.amazon-adsystem.com/cdn/prod/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fba.n1info.com&pubid=e01babcc-1a26-4bf8-a4b4-551fa47b2e56
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:03:08 GMT
via
1.1 daa2f44af77ac5ed09ff4b0024dfcd5c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
702
x-cache
Hit from cloudfront
access-control-allow-origin
https://ba.n1info.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
8ax-1BtK_dxx3OdVzv4UiD_cLw25nq8JzIpCeVurpwdu0482102IYQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fba.n1info.com%2F&pid=ycLfnQsV3JA8w&cb=0&ws=1600x1200&v=22.1107.1609&t=1200&slots=%5B%7B%22sd%22%3A%22%2F21876124292%2FN1BIH%2FN1BIH-Billboard-inFeed-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x180%22%2C%22970x90%22%2C%22728x90%22%5D%7D%5D&pubid=e01babcc-1a26-4bf8-a4b4-551fa47b2e56&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
E3FEW5J6589GPB0FHCHZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
yXX4iJdv5gnmMe1fp3NbhaXjqwtqI2Mwz32Kgg4RPbFl7CVXrD-6_w==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fba.n1info.com%2F&pid=ycLfnQsV3JA8w&cb=1&ws=1600x1200&v=22.1107.1609&t=1200&slots=%5B%7B%22sd%22%3A%22%2F21876124292%2FN1BIH%2FN1BIH-Billboard-inFeed-2%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x180%22%2C%22970x90%22%2C%22728x90%22%5D%7D%5D&pubid=e01babcc-1a26-4bf8-a4b4-551fa47b2e56&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
04YJQ5DD7RH9WHE21PW2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
_A-BobPjYJdrGeqqslqpieH6wMt6Ixtc7kqk9pxXtpEJbmBoVZo95w==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fba.n1info.com%2F&pid=ycLfnQsV3JA8w&cb=2&ws=1600x1200&v=22.1107.1609&t=1200&slots=%5B%7B%22sd%22%3A%22%2F21876124292%2FN1BIH%2FN1-BIH-Billboard-inFeed-3%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x180%22%2C%22970x90%22%2C%22728x90%22%5D%7D%5D&pubid=e01babcc-1a26-4bf8-a4b4-551fa47b2e56&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
DGD1HH6J42XXVX5PDBQ1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
a0blRjL4rA_Qr8Ojctivp7TBDpx07Cp-3PoDnb1Xsh7E86Z_5m3Eag==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
date
Tue, 29 Nov 2022 03:06:42 GMT
x-amz-cf-pop
FRA56-C2
age
36489
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
K4TQx8M2iKjKk_lujtqo8KZ-TW_Ufu4-9pi2Zl8n7qglDOt_dGWevQ==
hbscript
hb.contentexchange.me/ Frame 363D 		55 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.contentexchange.me/hbscript
Requested by
Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/3gJvDt2kPsJpfriQo?domain=ba.n1info.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trafex.serv.si
Software
nginx/1.14.1 /
Resource Hash
0026cc19602260508aaf1cb5c76469fa7d07929de596633d95e18d8d4170aeca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx/1.14.1
content-length
56806
vary
Origin
x-xss-protection
1; mode=block
content-type
text/plain; charset=utf-8
t
ingestion.smartocto.com/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ingestion.smartocto.com/t?p=0%3Alb28r7si%3ARl5~VOuYf1q_OMrghM2QX9IX0DJ~wSHd&s=0%3Alb28r7si%3ACb1kAUBQMIkRFnEuAIjWWfqzOBzhs~ra&v=0%3AM8QQvxEc5UujHKavcMctrf3Hjorh63j8&e=0%3AM8QQvxEc5UujHKavcMctrf3Hjorh63j80&c=1669727690805&n=t&f=t&l=https%3A%2F%2Fba.n1info.com%2F&i=1600&j=1200&k=1&w=1600&h=1200&t=pageView
Requested by
Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/ingestion.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.156.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-156-2.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ba.n1info.com
Date
Tue, 29 Nov 2022 13:14:50 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
adx.js
s1.adform.net/banners/scripts/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/3gJvDt2kPsJpfriQo?domain=ba.n1info.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000009c67c493cf98fac1-00637b6786-32940f80-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KGT76XD7NB1YN3YV
age
617140
x-amz-id-2
JXOF1ghggeJozDkktoPHET8JPAWbwDr7Y3xPZM0cIrMlweKlOhRca8MxMMSTdmidOiaenh9Drzk=
last-modified
Tue, 22 Nov 2022 09:44:15 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjQ%2F0Id6jIgFPcLgHwotixX4pGFTbZUTuNaPgiYyCW8l3JHx48jpF56uGsV%2BWPVudgAmeGzmaNqpxT6LScsA2YK7xvsI0woqteRUQI%2FspSTJqIYXuADu5q%2FbLq8FbHUB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
771b9bd3da446915-FRA
collect
collector_sr.contentexchange.me/ba/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector_sr.contentexchange.me/ba/collect?event=fp&gdpr=2&pv=5724f654-e506-4e2a-9704-8b9b7e969bc0&fp_js=23336d5f38ecc2e1154605e81cff6570&fp_all=2792731732&fp_hw=1553422717&ts=1669727690867&ns=1669727688246
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.9.32 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trfx.serv.si
Software
nginx/1.16.1 /
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx/1.16.1
content-type
image/gif
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ba.n1info.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ba.n1info.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
waytogrow-d.openx.net/w/1.0/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fba.n1info.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fb6c3d86-38ef-4eba-8b14-bfedea2384f2&nocache=1669727691053&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C8174385%2C1%2C%2C%2C&aus=160x600%2C120x600&divids=%252F21876124292%252FN1BIH%252FN1BIHWALLPAPERR&aucs=&auid=557753088
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5a15b9924fa1dcc8ce4d6e3679f736301380611dfd792e2804ce43c95594124e

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ba.n1info.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1823
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=847091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229587fabbac889e8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fba.n1info.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2296f5471a5d46d17%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%228174385%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6765056d79874bd0bc43c82ee19114017fb028184801df8c39a49ca978b702

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1GysbM2XcDQyeYH%2FKd78t4HfM5Ec4k9TwoVt7XPfYb5L2TF%2FsK3wZjox68exuW8IJ7R9pTpN6Kvmc5ewOeEGupTqmAokNi2AXVPLHFmZApghsElFEQXCIZa9Cyzencpt4GXJiK8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771b9bd53b62bb47-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
ssp.wp.pl/bidder/ 		0
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.12.0&inver=0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
0000000000000000d0d3b3c7e87d344e:a672ad33ba371ce1:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
ad22210b8771222403a491bb9900aa387490f6f2024cab51feacd105cb707a51

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.12.0&cb=99423177042
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=438296&zone_id=2512416&size_id=9&alt_size_ids=8&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,8174385,1,,,&rf=https%3A%2F%2Fba.n1info.com%2F&tk_flint=pbjs_lite_v6.12.0&x_source.tid=fb6c3d86-38ef-4eba-8b14-bfedea2384f2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2671343795260679
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5c7688b1907af3fd2ed193f6dd122ee3bc3d3d87c51dbd0d9b2732c0d2e05699

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
259
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
i.connectad.io/api/ 		39 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2ef14c486fc9cfe09da82714a65ac843191f35a48498b8bcb25b4ae1610e32

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ba.n1info.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
771b9bd53d2c91ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c20a6bce2622b4ade912a5c6ff85153ac6e1f91bfa46887f84009d8243e43eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ 		25 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
997d14d6f42b0db16c58e285534d64509893d3116dd2488f5e6175a125b3fdbf

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Nov 2022 13:14:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ba.n1info.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3671f064e11fcb610a596e9efca38ca1faa433c255c4abdd093183b93a2ed52b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:51 GMT
AN-X-Request-Uuid
107813c6-36dd-4b5c-ac79-f8d65af3a1d1
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ba.n1info.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ba.n1info.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ba.n1info.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063240829019251&correlator=2147236458573455&eid=31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21876124292%2CN1BIH%2CN1BIH-Billboard-inFeed-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&ifi=1&adks=352592611&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.05%26hb_adid%3D16249ada49d2444e%26hb_bidder%3Dadform&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fba.n1info.com%252F%26host%3Dba.n1info.com%26path%3D%252F%26resolution%3D1600%26category%3Dhome%26article_id%3D%26article_url_web%3D%26article_tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1669727691099&lmt=1669727691&dlt=1669727688249&idt=1693&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fba.n1info.com%2F&frm=20&vis=1&psz=3400x0&msz=0x0&fws=1156&ohw=4000&ga_vid=1659247189.1669727689&ga_sid=1669727691&ga_hid=1950824012&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
09e9a495010d3ae94a44a71dc9304e8ff5216e53913948183a4d1cbd52b49cd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10301
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2882 		0
0
container.html
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2882 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Wed, 29 Nov 2023 13:14:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ba.n1info.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ba.n1info.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
waytogrow-d.openx.net/w/1.0/ 		277 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fba.n1info.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fee06d35-b355-4521-8863-1f362da82115&nocache=1669727691126&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C8174385%2C1%2C%2C%2C&aus=750x200&divids=%252F21876124292%252FN1BIH%252FN1BIHFOOTER%252F%252FSTICKY&aucs=&auid=557753100
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b6b8b50f8a3da256dbdd8bd618f3a6e8718bcc6cc9a0b65119eb105108897eef

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ba.n1info.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
50747b37eb3a695e024dea86126c2da52a485bf45176f8e98469beb6cef04b26

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Nov 2022 13:14:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ba.n1info.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
openrtb
adx.adform.net/adx/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=438296&zone_id=2512416&size_id=40&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,8174385,1,,,&rf=https%3A%2F%2Fba.n1info.com%2F&tk_flint=pbjs_lite_v6.12.0&x_source.tid=fee06d35-b355-4521-8863-1f362da82115&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3016614222276679
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
11448ecc103dfc9caee847eb8f26104dad1d25a5e79100151fdc99f0af19e176

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
a7c4f5ec7780573959171598e4cf92ac50545dd8bcf55a5c2a041906c1863cd4

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=847091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22125ce656a17097c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fba.n1info.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22126398cc8071512f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A750%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22750x200%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%228174385%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09221a97c1b1c0789594cfd3204c1730632d2a23510fb6c6b68e1031090f02d6

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ya%2Fr%2F%2F4gAZRYgA7v4yr3RXsqBAGVusZ3Bf0r0d30enRtkb%2BtBQHG0gcMawnKqqIU%2FJ4wZvIIDmQAkU4wI1IVKCsf%2BNyJm4fxA8I5LY3E4V1X0PKMA7MIdQVCJC5mR7CzREvGq2w"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771b9bd59c52bb47-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.12.0&cb=99765793595
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
02e05328b11738adc204d2588d388ffa90331e81ddf94bcd3d0b0cf7b1dc06ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:51 GMT
AN-X-Request-Uuid
652764f1-7528-4051-9118-9866f112b043
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ba.n1info.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		39 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da53188292e2b74fb97ef097ad36b2427056ca26bedb6a5916abf08dcde71d3

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ba.n1info.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
771b9bd59e0791ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.12.0&inver=0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
00000000000000002afeb80c81e8f3a7:976262d93ab3733b:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063240829019251&correlator=1579026966893847&eid=31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21876124292%2CN1BIH%2CN1-BIH-Billboard-inFeed-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&ifi=2&adks=3609671510&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.05%26hb_adid%3D16446e8f0e99617f%26hb_bidder%3Dadform&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fba.n1info.com%252F%26host%3Dba.n1info.com%26path%3D%252F%26resolution%3D1600%26category%3Dhome%26article_id%3D%26article_url_web%3D%26article_tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1669727691143&lmt=1669727691&dlt=1669727688249&idt=1693&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fba.n1info.com%2F&frm=20&vis=1&psz=3400x0&msz=0x0&fws=1156&ohw=4000&ga_vid=1659247189.1669727689&ga_sid=1669727691&ga_hid=1950824012&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7cd37402b662ee9944c11b2f0aa0af2d6df27dc6b32d7396427bb6f383aca25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8050
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ba.n1info.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ba.n1info.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
waytogrow-d.openx.net/w/1.0/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fba.n1info.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=431e95fd-1257-46d9-a6f7-51ae04af5758&nocache=1669727691169&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&schain=1.0%2C1!waytogrow.eu%2C8174385%2C1%2C%2C%2C&aus=970x250%2C970x180%2C970x90%2C728x90&divids=%252F21876124292%252FN1BIH%252FN1-BIH-Billboard-P&aucs=&auid=557753092
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bbe6f09737a0c8c586f5ea24f3c69fc363cedf3794afcbb759e35c1b9d450771

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ba.n1info.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1839
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=438296&zone_id=2512416&size_id=2&alt_size_ids=55%2C57&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rp_schain=1.0,1!waytogrow.eu,8174385,1,,,&rf=https%3A%2F%2Fba.n1info.com%2F&tk_flint=pbjs_lite_v6.12.0&x_source.tid=431e95fd-1257-46d9-a6f7-51ae04af5758&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7390481320858595
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f8f0c9adba4ba4d7eb7cf7f2dca4b82c71035d74d1e453d9a505418a93ffe27a

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		25 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
de622f94d8cf64557610dd4247e09b88b5f04d661c08b26883cda6f67c953604

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Nov 2022 13:14:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ba.n1info.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.12.0&inver=0
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
0000000000000000de64d84329d63d5b:36f8245473a129e7:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
484e0948c10744fa7075ad1d13a6da2fcd66bdfe4f1235edcb4ff683ab8ad511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:51 GMT
AN-X-Request-Uuid
5f6d3656-4c59-4b81-a260-741321025f5c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ba.n1info.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		39 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7bfc0ec1c383cffff45e2328114030c68097d0fa69c96b478543a67147feb5

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ba.n1info.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
771b9bd5de8691ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.12.0&cb=9322651461
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ba.n1info.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ 		37 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=847091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22155ed643b3f3d5c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fba.n1info.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215610bf01ddcb2e7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A180%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22847091%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%228174385%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65065ec0e7a2c35d8f69ceb910923d292bfa8f4f59b050e51ef7096a71da4a42

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6uwuZ%2F%2F%2FfRM%2FPfUBFhlK0KbEYyTCWtf8g4olrAmS0gM9A8E1owq7xVp%2FmzRywkn72elSJ4zwycOmkGVsdbxwcUnr%2BI%2B%2Bd9RbGZG9vARJI0R%2BxGiVqnkskK4oAJx3qDShIajvBF1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771b9bd5ecf1bb47-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
7958fbb91fdef851f42ff8d29d1c265ed5b560e994fe873e0997294aa945b106

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063240829019251&correlator=2241221539697379&eid=31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21876124292%2CN1BIH%2CN1BIHWALLPAPERL&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=360x1080%7C120x600%7C160x600&ifi=3&adks=1475464465&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.08%26hb_adid%3D1652d3eaa20b005d%26hb_bidder%3Dadform&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fba.n1info.com%252F%26host%3Dba.n1info.com%26path%3D%252F%26resolution%3D1600%26category%3Dhome%26article_id%3D%26article_url_web%3D%26article_tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1669727691188&lmt=1669727691&dlt=1669727688249&idt=1693&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fba.n1info.com%2F&frm=20&vis=1&psz=360x-1&msz=0x-1&fws=1156&ohw=4000&ga_vid=1659247189.1669727689&ga_sid=1669727691&ga_hid=1950824012&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a26e9861ecb71bcf67ba4963050ad34d59c1a670ceb4e9f602fe4911ca6d3fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14048
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063240829019251&correlator=2542371474266757&eid=31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21876124292%2CN1BIH%2CN1BIH-Billboard-inFeed-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&ifi=4&adks=3022217948&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.05%26hb_adid%3D1637b8e468035cbb%26hb_bidder%3Dadform&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fba.n1info.com%252F%26host%3Dba.n1info.com%26path%3D%252F%26resolution%3D1600%26category%3Dhome%26article_id%3D%26article_url_web%3D%26article_tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1669727691211&lmt=1669727691&dlt=1669727688249&idt=1693&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fba.n1info.com%2F&frm=20&vis=1&psz=3400x0&msz=0x0&fws=1156&ohw=4000&ga_vid=1659247189.1669727689&ga_sid=1669727691&ga_hid=1950824012&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
1d46ba24c1dcca5785c78f37a72dd53cfbfa7ab25ace161ce106d740cfe69eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12633
x-xss-protection
0
google-lineitem-id
5843299367
pragma
no-cache
server
cafe
google-creative-id
433663074893
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
hb.contentexchange.me/ Frame 363D 		328 KB
328 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.contentexchange.me/prebid
Requested by
Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/hbscript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trafex.serv.si
Software
nginx/1.14.1 /
Resource Hash
6aeff218767565b6839c790c769249836821e4610e2223bb9020fdd03f420969
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx/1.14.1
content-length
335750
vary
Origin
x-xss-protection
1; mode=block
content-type
text/javascript
bex
sync1.adnetwork.agency/dmp/sync/ Frame 363D
Redirect Chain
  • https://sync2.adnetwork.agency/image?pbjs=1
  • https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA]
  • https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex
  • https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
Protocol
HTTP/1.1
Server
109.206.161.115 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.161.115.serverel.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 29 Nov 2022 13:14:51 GMT

Redirect headers

location
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=638605c8bc516d33ca9a3905
date
Tue, 29 Nov 2022 13:14:51 GMT
server
nginx/1.16.1
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063240829019251&correlator=1682921738180189&eid=31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21876124292%2CN1BIH%2CN1BIHFOOTER%2CSTICKY&enc_prev_ius=%2F0%2F1%2F2%2F%2F3&prev_iu_szs=1000x200%7C750x200%7C728x90&ifi=5&adks=3591379633&sfv=1-0-40&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fba.n1info.com%252F%26host%3Dba.n1info.com%26path%3D%252F%26resolution%3D1600%26category%3Dhome%26article_id%3D%26article_url_web%3D%26article_tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1669727691288&lmt=1669727691&dlt=1669727688249&idt=1693&adxs=300&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fba.n1info.com%2F&frm=20&vis=1&psz=0x-1&msz=1000x-1&fws=1668&ohw=4000&ga_vid=1659247189.1669727689&ga_sid=1669727691&ga_hid=1950824012&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4e5c370d25a23abb77a8bb85f6cb0993483781e955dfb7fd5511b891e982759e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12140
x-xss-protection
0
google-lineitem-id
5843299367
pragma
no-cache
server
cafe
google-creative-id
433663074893
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracker.js
ug.contentexchange.me/static/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ug.contentexchange.me/static/tracker.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
2E130C26.rDNS.SiEL.si
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
9649384f82539d23da2a9d4923f91058536f34cef5952d520157656c52699b10
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:40 GMT
strict-transport-security
max-age=15768000
server
nginx/1.10.0 (Ubuntu)
content-type
text/javascript; charset=utf-8
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1111
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
771b9bd70a309094-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 02 Dec 2022 13:14:51 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:48:51 GMT
content-encoding
gzip
age
1466760
x-guploader-uploadid
ADPycdu3Gw5FY_q4NTn97VXYnntJVtAX26caEl7o3n1xhH_sP1GWn03HtLzXWtmuhtpWhoyqDf_pa2Sc5NeIIOZROxkPyfq5tOA6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 12 Nov 2023 13:48:51 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Nov 2022 13:14:51 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.217.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-217-198.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
cache-control
public, max-age=86400
last-modified
Sun, 27 Nov 2022 14:08:01 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
EQE76HEZ6JXKNVQT
age
852
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
771b9bd88b50922f-FRA
x-amz-id-2
j2Lo9VKgAHpQwSAT5fIm1uW/nR6idej/ZE8Ukdqw1cDFcrTXGGuz81VPr7G/Pn5YZKpafV0Orm4=
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-196.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
cache-control
public, max-age=86400
last-modified
Mon, 31 Oct 2022 06:06:26 GMT
accept-ranges
bytes
content-length
3211
vary
accept-encoding
content-type
application/javascript
container.html
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7687 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Wed, 29 Nov 2023 13:14:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:51 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
container.html
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Wed, 29 Nov 2023 13:14:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1505 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Wed, 29 Nov 2023 13:14:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ba.n1info.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ba.n1info.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063240829019251&correlator=1124981748559644&eid=31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21876124292%2CN1BIH%2CN1BIHWALLPAPERR&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=360x1080%7C120x600%7C160x600&ifi=6&adks=3528532790&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.08%26hb_adid%3D17113663254619f4%26hb_bidder%3Dadform&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fba.n1info.com%252F%26host%3Dba.n1info.com%26path%3D%252F%26resolution%3D1600%26category%3Dhome%26article_id%3D%26article_url_web%3D%26article_tags%3D&sc=1&cookie=ID%3D0dc3d7d1e978bc31%3AT%3D1669727691%3AS%3DALNI_MaTL8E5jwZxwsp9rnxrCoefP0e-xQ&gpic=UID%3D00000b8a19ebf5ba%3AT%3D1669727691%3ART%3D1669727691%3AS%3DALNI_MZS91MqXv_cdonybuyUGpmsXJL2TA&abxe=1&dt=1669727691521&lmt=1669727691&dlt=1669727688249&idt=1693&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fba.n1info.com%2F&frm=20&vis=1&psz=360x-1&msz=0x-1&fws=1156&ohw=4000&psts=AMjMPc0IcwBMcdMThUx21w71jJrZm34q7yhJuno8flD5xqahZ70M4AiiXo__k3WR1L_b8kx2wlDYgjleT_lSsdDfRPUpV-SX3KbjjZ6CDfdOrg&ga_vid=1659247189.1669727689&ga_sid=1669727691&ga_hid=1950824012&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YtMWanMwwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi0xZqczDBIAFICCGQSGQoKcHViY2lkLm9yZxi0xZqczDBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YtMWanMwwSABSAghkEhQKBW9wZW54GLPFmpzMMEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
39fe36f34d681cac32c40fdd65fc8f42262a73516c40987cc481a868a346565a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12818
x-xss-protection
0
google-lineitem-id
6168633521
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138414919918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.html
wrappers.geoedge.be/ Frame 363D 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Tue, 29 Nov 2022 00:58:48 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
44164
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
NNvkiCxSl4eeDvOhKINjTBk6n1RhdDpk7Hev07eUW04GQQPVjLRXzg==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 363D 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221129
Requested by
Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c45d2a8b0133c0c10802abb2510b8ee51f1bb2a745288a1944af4f9a508fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26205
x-jsd-version
1.0.1538
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-zSB71lydrnWHanna+LyL9m8KH40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B6oLVPmqIS9tzWWHaO2IGVI2KqD%2FsqDF5XBp0NjvckPfyHvYT0ZFfWWGV5efh0I5%2BPqwpib7ppBq9XwLdY9CdeHqr73q9%2F2Mban97qQCr3GUCuCsq74F5ate5q3vJ9t0uo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
771b9bd849b59b3f-FRA
grumi.js
rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/ Frame 363D 		171 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/grumi.js
Requested by
Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77d05e61761d89d0f0d59c5c6c43cdd72e524b59b81ed9b46b8e83dedc868940

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:57:50 GMT
content-encoding
br
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-version-id
X_2tXslPM.YINcUy8_poTXK3b_QpY_4A
last-modified
Tue, 29 Nov 2022 11:39:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1022
etag
W/"58bd9d07e202e928f9b20458253b575e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
ZJ_mCcCO5WnvUxXZ33DUYZBRH0axfLB0MVW8J-iU9HMgrUkYioq4eA==
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063240829019251&correlator=2402029190316088&eid=31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21876124292%2CN1BIH%2CN1-BIH-Billboard-P&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&ifi=7&adks=2492920840&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.05%26hb_adid%3D1724fd312f068c89%26hb_bidder%3Dadform&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fba.n1info.com%252F%26host%3Dba.n1info.com%26path%3D%252F%26resolution%3D1600%26category%3Dhome%26article_id%3D%26article_url_web%3D%26article_tags%3D&sc=1&cookie=ID%3D0dc3d7d1e978bc31%3AT%3D1669727691%3AS%3DALNI_MaTL8E5jwZxwsp9rnxrCoefP0e-xQ&gpic=UID%3D00000b8a19ebf5ba%3AT%3D1669727691%3ART%3D1669727691%3AS%3DALNI_MZS91MqXv_cdonybuyUGpmsXJL2TA&abxe=1&dt=1669727691595&lmt=1669727691&dlt=1669727688249&idt=1693&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fba.n1info.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=1156&ohw=4000&psts=AMjMPc0IcwBMcdMThUx21w71jJrZm34q7yhJuno8flD5xqahZ70M4AiiXo__k3WR1L_b8kx2wlDYgjleT_lSsdDfRPUpV-SX3KbjjZ6CDfdOrg&ga_vid=1659247189.1669727689&ga_sid=1669727691&ga_hid=1950824012&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YtMWanMwwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi0xZqczDBIAFICCGQSGQoKcHViY2lkLm9yZxi0xZqczDBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YtMWanMwwSABSAghkEhQKBW9wZW54GLPFmpzMMEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d5cf3fef2eee5171e3ebaba47803143d972820ed37a74f39383817da869f22be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12471
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ba.n1info.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.google-analytics.com/gtm/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-MQ4MQV5
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c5b7a22af89b9b8b7d8e7128c2e64194e9b59ba2f86135243ebca2bd33ac9f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43997
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 13:14:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfDnC3ns8FbAnFi9ZAljdd8yY2DV6ySghDnKgSAYrF3mlfQX8n8cWmly6dKwbSyZVWexSVnP-WnHPNQ6mLl_MFYpOyCLTG_2iLoVQoMo2sXp8MROPWskSIE-KPH9EI47jTrddrlcytZnioWGV2HXNP2DC97KUS9xCnHM9aXs61MwUFJP0H6Kit4wH88tt9BlwXcBNY6pIzRft073DxM59O2605nb45ZvJj6EdXYBeSOsYMUbAQdhJomXKgV8p7gmlLhnboS89F5rxLm-y6go4FbithuQCnE8TqqmUCqQARWSs4q6MrsNU1agv0RKSI_E7ksGf225XAb-ud4EapJYMCUcyLY00q5bOt6I_zIg1POo2GchqrHV0tSLRM5xxxMfnOwy6p9nvRum7v6ILwuVn-0IxwcxfbYJ_gnBSB9XNbjUBGPpDc4_JCeZpgmExLa5SkN-UPb8LoiWe47FjT9meVDjC_YhgsAV47RDiAC8Ph-ZdSduuL1b6-oSRQnqGJ70jaj4AHBf5vLVtJrKeGb1JA3snwQOF2TLlPiU9CvmNxiFF0koKIbN8J_4eF_-u-UjYt1Rj3kmGkunB3ZC5wjEgavR0o7FngnlFxJz-ubeZ0RS8VWMXhyufB_zWKRtoVoMPxEaXCoh9Xw1W7ndAbzwsKDz9_WZhR2wEaeO9QrTS2i-J7r_wa-JLl7Q1YEyQbTQviRkhCMjfsiX_ZMIy4PDSM4LgaR2xiCaaPSD4yu_fWDEPd2-mMNbZsKti9CrE-UF5y2hLjgLPX5qa0d--w849cw-yHc3Nz-Dl9Fr9gF95oNT8QTh7XC5JL3fMtu5nlM6B6ylEU28-274IDPk0FQIsoX_mNPDK3OFxp1BuB3qkI-ZEs90y9cUByuZIeFiGEKj-A6cG8XWIJqKCikeD5yevQ1VeqSGcvbH7qH1Xvw0a5qLqvd5fP6J40mju3Lb_vJTMoMZlATriRODv9iRRBIYPTibqmrdM_pts4NMe4X2AXQIDoUtTnbgqzp0Y0_WlKb4q3L_S-R8_CVFdWRSjvzwdaJe8c0QbS4yRJsNMsYvVbvhFdRnk56rh1YKCD6APPF8GKh_BksPeIFzMKf7aEr8WfarpLpy7sIp4jOz-2vA4C22TwgzJFbSXTeXoLo5W-1gQkoYn2lDv85pVHhZsgqO9oRmAFalF8WlHnq6fAL_qGa2YvWycV6GV2tlOl9QK04SC9aUiKYdb6VhOWDtMAXH0p9Xf926sidMCTBBUrqerdpEraJ3ouIyqLREWVllYA&sai=AMfl-YSd8nrU4H7BxbFf_eaLRar71FidndR1imLUBJ_AZm3EuSQea9rKgoafSGBSTGOZfrkyhwccHuM_j5OOOpfF5iF9TyvauelcmYphZQbfTBdJAbYwHajWGVCBKkV_p76DYd2A9VEgAPxqnWUXgiZhA5zX7CbT9uApwXXcUBUDndJaZLkts5aZxrZQ1QnlN1PZ2H0vf94g63Dz0KDSCbK7LkLVjM5ukQ_zzkYPm4NHwOBoPZxaKSQOMcjwmrqFTxPPuYalddafOYILVNEQ9rwrEa7UmFJxZRdPlvFaYzwlzZHJ0w7X6ObHUv-bRGlWvWCl4BlAT0zKz4wb&sig=Cg0ArKJSzCWDLmoSJEPiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Nov 2022 13:14:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:51 GMT
/
track.adform.net/adfscript/ Frame 1505 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59684398;rtbwp=Y4YFywAEHRkKd8CZAALcYhIyKR5fV3_LTr2uXw;rtbdata=nP8urQ73ttYp_enRfZtji-QlYbajIGynKGQ58fjrcMwupRcRSq9UY0dlYceIdlNZ8FjiAZlrHrNlQlEd3KSQ_LMWGyRsdRhExqkM_R8jG9oQirHfBNSYbEW4HKdAnXKftJ4O5-60MG-JbxrYjOJespcZEHH8CgapqM4-vjQWsxJTaixhSYltv5Z9QM3oeu6XhtEIKJmTJuUZxmfHT-Y4GBPWdM9YSG2xu8am9fQCwQH0dLJkiPwhWhHH_a0OjD-J8_a16hUMS42CayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRdV-_tPjuH7n1K_6xTMs53H5vZz3Ug3p20;nofp=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsut5FxnIfCC5KBJmWuS01nxT8PJN7NHB_5USYRg7pXD7ehasY9ugx2z23fPPcEhBTJ3QCdfcc9H_5H6DivrBGGsvlq1jZNBze10AgMwsm_lM_92OpQz8CLQCGE5igFaLHDV6Az4XP6S5p5EGPdi-fmavquj_TZDQssbwVgvZw7qIUXKSYBwUc6Wtu7n6Ch2Bc6hKm3TMitLWNvGQPKaHGNhQr0aeql040hXJgyorl0OfQvHf8EXgh_B4fTgz-ErjRvxRdv8m8pLkFTodxgYh9nUfTaL3IhmrQ1N0dhY7aUMtCx_Ny7wmt7fgCpKlfHrCUpltVmHzxn49jgN-HZBabO1K8qt8b_N4g&sai=AMfl-YSFH4nnEB-8KTSxpV3gNLKCy5Lb5jOIEbBVhD6GW7GkTNRyjgOCvb-7lDFsxsKjOej6OdBv1WmFUsUAeHS__9gTlJ8tvz383SrAExdshdPoEzo27YZ9Owx_bxHEf2ll78fY4ybsx2hzW8a23cS__w&sig=Cg0ArKJSzE_vyE7rWMzuEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKvyBywWGY5m6EJmB3wPiuIuoA8an3O9cvdKFia8LwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAnOjkp2guoI-4AIAqAMBqgSDAk_QBFJ256LlXZF5haSbAGJto2iX789py4mm3cHdr-m1NJ8uiClI-gpJ4uRKQVLTtccRSnZqOuI0nb13ClqtIrn6NN2JkjTx5YQw49lp3mPv34rlNOMFFlvNxx5JjgipUfKGnuc9FzoS00nNmhRetXEPGAGf-Z-0u3DaYL3XTGNmJvWjJbOtk43Wi7E5NnoRs9rPvfkfmr15hxTWPt8C1vVNavIMfO4rO1fLouyzNZWh5OWwEYbhsh_ij3fOQs_zdK5lZmoSUyR5Mf5LH31gMPOgRYshJZ__-IEAkMMPPOo9xuawj4uqfPQVmmsNFuHUMloaJLQAxamblGIsw4x7_xf1oKngBAGABqHLor6YvLaPe6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2mvu6sCjAVu658tKSD0HjToN3RLQ&client=ca-pub-5845685380979936&adurl=
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e18e4cb1e2e4d0e55861fe2c4c46dfdfe73e1d070a859a3d0becc2f9a5b656b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2390
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1505 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:13:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
3689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:13:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1505 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
3158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1505 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 20:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
58575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Nov 2023 20:58:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1505 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 13:14:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 23F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0dD8ywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgScAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLSNqZTJlOef9g-mGgVcZi22b7Xs82ejkmV1xTyDQkU-tNtSTwhX14AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4NDU2ODUzODA5Nzk5MzYYpcN0&sigh=vmtT6bUzUeI&uach_m=[UACH]&cid=CAQSSwDq26N9xEznBEtAvwOMifEiGeojMqD5f37nwX2r0fKrg3RVrP-MP9p1MzCbq77SNSGTOZnKORaUxKDAByGv4Aet0ymx6kg4XF5lIxgBIBM
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 23F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kv79Euv_CsoH-gGdg2ICAgAAACqX-jBdNpnxOx3PkBDKBYZjCuLhaUB4hvldyosAEgAA&wp=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.129 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
177443
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame D01C 		149 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.138 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4099f69b85b3b8b11476d57c606eadf52662b5a74330de2f2c1926cb3d2841f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_Y20mAOT2r365fLF6zZy32c6W1iF7jfIGUH-m3etSv22umNQn6SW9XeA0Ruxso5pqi747xF1Q8sz31hdU0CFErrSlzGabS4R8aq9HCzG9CQ5aLg51sFASDE5pen64Mj6osaXD3EBQ-gpe8iInqVOgh4C8D9M093CqcW_OeiCAQIF6wVODzuUSQqnkPPvrFAi6sB1VfdYK0td6bRqHrNpUS5zXbHESgIROkJQJ-EROFmnBL7rJAhG-xLkUCwMXnqiJZjO9g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
79311951
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 23F4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:13:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
3689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:13:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 23F4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
3158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 23F4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 20:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
58575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Nov 2023 20:58:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 23F4 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 13:14:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 95A0 		624 B
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOHQmqMDGMTqkNQBMAE&v=APEucNUDH-oGozTs_2-0sa2K3uuxHB1wIBDE7ZBr7aMfka61z9uHqtypgSYXYQE3x0wtT-UyB-vs0qeo50VGO-X16EBDJGT6x3g0tRB3Tba5HSEXkZBCGcNKQv4pTnPf95qOfwhjPWZdCFGuaFz-O3bcVy4op4eko3RcsdrQBVAk5i1Ie_5tzd0
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Tue, 29 Nov 2022 13:14:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7687 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJaz7QBUSrpKfWWCQ5JB1LNzwqxFzl65K_cccq9kWAdsyQjKcSxwOfkvbz4kJcmPLNayHJmTt6dCtKOmDhTg0NWHPeug&cry=1&dbm_d=AKAmf-Asb79q9QzxJA2oLaDTlNrSdKU2PbgUNdAsCOaxNWIlKwqIlVmvt_iE3ey9aSFD4FmCH6Z-POPXcjEqWPPFOhwf6z27qeGSxjSE3Qp5Fw-usqb4GmOLM8POrJXsyxPzcyRnvqq_uql46Suno8RZ-iEzQKgVr9XI16K7NZ75pYBnptuupDUMInSSOdUqFMlX_9Ls-PtxbPF08JregaAb5QwGBt-y9jO0883C3zhD2QVYuhgyEeslTwHMd03_xw8amZXrHmMGREjLODVNJOU18i3StYLL-Ce4S4UCOZ5GJ4gfKTarGuhoee6QTHtoIqEZEAdcBt-FVo_sG11tY6L3t8VyU1_Xb5zaJQt9PZYAgeg98MrI54fBe9HRtcwYc0c7jgtusZdc8vjYn_oXHhba-3bIjoxvOwze1aNrNTVTJi0psxSKjjahKDqOrNQWtm2kZYOjqGmML89TcpApcXRiXNb6FVSZyLfyhbGz7uQwCkzh6SH-_tsE7ldlqFUqZMmNEBQU1uxdCnWfAeiid1O995DFAy-spMATXSt-Uv2Wm-bpaXSb8wbRzhKOUYJZScZZe9Wx6ct08tYMtVI2JRgqtrhOC6fkWO9PxB7IXT4C9gXDGE7zTeKf-UOz1HCI9JiXsdXZ3knIDHVZ97w66rUWz4rOuF3nvHhmFP8GdkuF7kKSGZXK-7VfUKr5XgeSjveql0aDC5Gt0iZ6x_jxpy-WBu13iqyV-kuBfMnYoVVkKS8_vR4dMvZlCFgBngxTSpxhRPUWeF0AttY8RL7hNbEkdtGnpRl2xDdk3YkcTTKApJGpWk6a_bJLJsQLZYIeWL0Gu0qGrlcbQlwsPnxRtQfwJ3O3iT05nmIHNpGJWUJbK5rvNDe2VuKvRB1o6BriYzfz5tky94hUCBfttyIw-VWn7dz9uBk9e2KUZkeK4XMl0m_BYFODvPSnbSAGMoRKxZGjkaTRM7PW_tATMQfV2RzGWOgDHk9AGGgPGmxeDNUK34_yOy-iGUgTgv6U7YOhOObZBt1gXra1TP6g4iLJIIzQqOkQexvmCicvttx6JgWyoj1DlACEdHHScL4loOGtJKO6kFo109DLj_j-JLSoeQ8WhSrk6RMp-6eNxq6Ch74SkS4pkfDdJuBD_G5JbFB2mzb4dT10YJSMwpge1f47SP2-1IBoWk1k4km2bmeDbXRCWPaV4fOIf1uCgOK8EtT6Qp9AO3jOHZqfBUsk8_cOcgLDM9YVlVuesdRMbL8AfEcao2zBmp9dTXm4D9yf3wPaE1RoCLZLD6tWeFt8n27wKrOlXz1e-UJTAjHp4PfKe6cKt0B7MAf2YyK2266AI4xCKQhbMyS4vXveDSAZ14qNEc6A4TwX2PFca-hhgvk2J5WYtJs1rE9zPm9nD-Z2A3EXlu7jaIUg-a_6ayTLnNlQsv-1tYsBhiiY49cX0fB-4CZshC_SRA0XMggnVA7Eu2OXDrWmxKybtH7huJhi5DKw3VdN8HqsLfRfEb6nNJqRpoEOnUvreE6TxWXGqHzRTMuwg1PT8Nxdd-atEZ6EuE9oM6KGG4mExaUi4kiXaoUz5LfwTrQoDFXknqyRrzSemDYxuWlTwZJIqUd2TEYUV_vfjOrLVo52iAvZDgQFGIN59LwmSCBJfaI5XRjXmsndQ1wW3FqmsDJYOpHL1YXeSuDryIUu7QSPtNIY-rctKDXdct8pYjpPSvfkFV62YK4w-22uWoCc8yKnOoldnZeLKO4y5y4lgQfVgQyrRSDAEh8BHfGJgeYPc4bSfRefIQw_1wPgi0zi8cViP20OnLbwjOkygQyNJbr9-aEgY5y-FLf_GbjZ5u9jAah4sGh117Op_XDQkZwfGjMZivEmksern288D-8RaPlBDs_iNfAoPvTE0SBqctosXbfKPusXAgmkCchLfLlD3iELwK_KUyxbrX5zPTOuz_4j4iuAPA9fHBA4xN2StTCODbV8foHes24Wj9y25_qkW5nBOX9PVztb8aJMG8PrzdtmvbSIdlwZdL3lJF6I7zaLpcVUkxGMmijKXolHgDZiuTokh6I7S-ONaGZ1pjmjC07DPg2O79t_Xv_uy7QdQV4n_wWX0--eN8r-s-7d6cMAhGgQ4GL4bFZaNOXSjKLByc0TdFuSTed2np4I5m0WGB4J9nhiRYUliTRwh8SPHeeAZV_ynyv4ETjNBDgYGOcqxjIN4qmJ6meU8rHN4D3OIgwX5QemzpqPQ4zZYM6g2FHmD__6dUbVCpmFkbnRB_9e_K3Ci7WDiZWb0-M0i3imF2b64zT-ZCCQGC5KGls8OW0R2HFKUCZb19ah1mRJjcKChkZBTI8H8t5yXZWwKpQe0vOVHsZTKrbnLYEcO5uARu3oe9hQTb3DFBj0hNLBiWoI0dIRszT5NlOQmqDeEr9XMMVQdJXH1xXADoPwjXG-yrixk33Dli-Ojotz5YEypDvKNmijzMxwI08b7GpYbx_Z4OWzsLIoXscRAeG8QJ0zQbEP_2A4HjKnRj9w3Mqowqy3pXdnDxJScPDQvCaDhJgkNu5_We0RtExCcvemcJ4M64lxML7s6nQjrnK1sMsYx0hzeiBpCoXr57fuwIszzrFxxlEHHEQBFNyyglw0D73etVhfZtz-ivFtYm6anQwIYmeQ8muATGV2rk9kHXSq1C9JB65i2S-FOga6Uv1BTGQvxQqcs0pyrLETkIzLvyQ8IsnxicruIfrHJbGuUtL1okZFoYZdW1WPTm3FfqJtZxj2be-BtpMQ0fxbij-_lYkx7XQ0sUl2b93v8BZfhxGcTa64YYSOJVq2EjBhrvx4Gd0hUo5KDNrVnzLfrVIGXYk9txOPDiy7XgFEZ5ZeEl5fAAI8Qk7qJWdpNyZd9cXaIiDFI89G5jkK_j680PA2ffpz10Yy4XpupMg_O5ncwYYOJ9ov39r5ZC8VY1yZaAXVgNS-mftAqK0pw4BQxso1kkS9Ql1hbnZfmYMQMFq_pDCuVlwS-vxrkn7QkiprNO_TtILoVTsQq2q4wR5SitAy32GQy4-aVDEWuhzfIHa5xfUgSdKcvEHlamSPtOLenXGz8APsV2jv7OL8T3azt_tRkIoW7xR4pfHVM_alk_ZJQGzO1z7k3_cpTE5PY_JmY5Waf3JGs-iKswsvr3b_RsXEIqB0iFJ6MzTduCx3l_qpc1edTuJ8jtOfMuYxphcyWetMDh8F70hG7SHjL6eycwYvpxYI4jd2I8Oqrmz4bQ&cid=CAQSTADq26N9vsdeaenCVHZ-Z2nRjkdj4OQgnXGKIlGMhG5UF4685XBEuwGcMo64YQmXxG-LdzoraL_sR-GNoejV2jhVKQZRiPr2io6J-DQYASAT&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b2e88dc15ce201e8bdd8d4ebf8c2509cf1ea29aafe1b0364a19b7e5103977091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37489
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7687 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6tFqr0s0g40Vi8lyV7uUTOTiTwkBGlM-buU01XfisRNTqa8rgQGgxTeL5xaq9Vk3Xvx3QyFWpo89M-yVZx8aYS2zLGe1URkcLsGear9yeNJOZccw
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7687 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:13:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
3689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:13:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7687 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
3158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7687 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 13:14:51 GMT
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
45bgd8wg0l
www.clarity.ms/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/45bgd8wg0l
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.219.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c59c0cb3f8063e579c58ef3092e30a372ca7d9c30d3fc3b1b24c8dd2524b44f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
application/x-javascript
date
Tue, 29 Nov 2022 13:14:51 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0ywWGYwAAAADkwd0hBNcJQqRnWpPQFiXRRlJBMjMxMDUwNDE4MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 05D2 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:43 GMT
age
98528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:43 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 05D2 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:42 GMT
age
98529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 05D2 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:43 GMT
age
98528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:43 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 05D2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:43 GMT
age
98528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:43 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 05D2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:42 GMT
age
98529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:42 GMT
css
fonts.googleapis.com/ Frame 05D2 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 12:47:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 13:14:51 GMT
hr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 05D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/hr.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
41890030c99106ddf45cf2dc51b9ed0241bca57ac0febf325e66c17f825d5738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 21:16:20 GMT
x-content-type-options
nosniff
server
cafe
age
57511
etag
16100059778690108780
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2848
x-xss-protection
0
expires
Tue, 29 Nov 2022 21:16:20 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 05D2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:22:22 GMT
x-content-type-options
nosniff
server
cafe
age
10349
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 30 Nov 2022 10:22:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 05D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxOiIywWGY8KJD9eHrATExz6qwpjWbdqe9qr1EJPvtNOxKhABINnpz3tglYKAgMAHoAHwvcb2A8gBBqkCG787WMFrsT7gAgCoAwHIAwqqBPEBT9Ad43b2ZrARkJV0siqKrds6xTeMNzpNW5QQyyczJMzUoRTK4L9lWv5p2oSdybKjmJ4kQGm2XxU1HGAy0zHap7xWW4gM8WfaU9pyO0lEzo7YkF44V7pbHa0il1lVYxHfG8prl5pm9EiNCGrnJ_Cx7c1ewRt7OlK8z0x1bORzsdzHFtm3ge7WIuX08lnztZM58g61W5tZckvpbd25X-xDACX6C3ff-XCi635Bc_vhBJV2QJ5XSZR3EEiRHtr32cMzrclQvUgphpS5bOwiOYH8f25nxLFJ2UBWRb7uP7T-nzrzUJqHGRoolQCn464xZwcsHMAE1s-J9uMD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB_jBuQmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQ0p4z0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTg0NTY4NTM4MDk3OTkzNhilw3Q&sigh=I5GRRIQJzT8&uach_m=[UACH]&cid=CAQSSgDq26N9b-gASwLoDaO_yQbpMGrNYQJtgMnL5azQ5glU_SgkkDmg0tWVbohs0lHnhhcc2q5Oc1MoMubYm8ZOtHw1eFRbnfReSgjTGAEgEw&template_id=493
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 1505 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59684398;rtbwp=Y4YFywAEHRkKd8CZAALcYhIyKR5fV3_LTr2uXw;rtbdata=nP8urQ73ttYp_enRfZtji-QlYbajIGynKGQ58fjrcMwupRcRSq9UY0dlYceIdlNZ8FjiAZlrHrNlQlEd3KSQ_LMWGyRsdRhExqkM_R8jG9oQirHfBNSYbEW4HKdAnXKftJ4O5-60MG-JbxrYjOJespcZEHH8CgapqM4-vjQWsxJTaixhSYltv5Z9QM3oeu6XhtEIKJmTJuUZxmfHT-Y4GBPWdM9YSG2xu8am9fQCwQH0dLJkiPwhWhHH_a0OjD-J8_a16hUMS42CayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRdV-_tPjuH7n1K_6xTMs53H5vZz3Ug3p20;nofp=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsut5FxnIfCC5KBJmWuS01nxT8PJN7NHB_5USYRg7pXD7ehasY9ugx2z23fPPcEhBTJ3QCdfcc9H_5H6DivrBGGsvlq1jZNBze10AgMwsm_lM_92OpQz8CLQCGE5igFaLHDV6Az4XP6S5p5EGPdi-fmavquj_TZDQssbwVgvZw7qIUXKSYBwUc6Wtu7n6Ch2Bc6hKm3TMitLWNvGQPKaHGNhQr0aeql040hXJgyorl0OfQvHf8EXgh_B4fTgz-ErjRvxRdv8m8pLkFTodxgYh9nUfTaL3IhmrQ1N0dhY7aUMtCx_Ny7wmt7fgCpKlfHrCUpltVmHzxn49jgN-HZBabO1K8qt8b_N4g&sai=AMfl-YSFH4nnEB-8KTSxpV3gNLKCy5Lb5jOIEbBVhD6GW7GkTNRyjgOCvb-7lDFsxsKjOej6OdBv1WmFUsUAeHS__9gTlJ8tvz383SrAExdshdPoEzo27YZ9Owx_bxHEf2ll78fY4ybsx2hzW8a23cS__w&sig=Cg0ArKJSzE_vyE7rWMzuEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKvyBywWGY5m6EJmB3wPiuIuoA8an3O9cvdKFia8LwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAnOjkp2guoI-4AIAqAMBqgSDAk_QBFJ256LlXZF5haSbAGJto2iX789py4mm3cHdr-m1NJ8uiClI-gpJ4uRKQVLTtccRSnZqOuI0nb13ClqtIrn6NN2JkjTx5YQw49lp3mPv34rlNOMFFlvNxx5JjgipUfKGnuc9FzoS00nNmhRetXEPGAGf-Z-0u3DaYL3XTGNmJvWjJbOtk43Wi7E5NnoRs9rPvfkfmr15hxTWPt8C1vVNavIMfO4rO1fLouyzNZWh5OWwEYbhsh_ij3fOQs_zdK5lZmoSUyR5Mf5LH31gMPOgRYshJZ__-IEAkMMPPOo9xuawj4uqfPQVmmsNFuHUMloaJLQAxamblGIsw4x7_xf1oKngBAGABqHLor6YvLaPe6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2mvu6sCjAVu658tKSD0HjToN3RLQ&client=ca-pub-5845685380979936&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Nov 2022 16:21:21 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 05D2 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTPz8vhUgVWs0PKqhxKeDqCxc8JlYQOtxdaH-CVfl0Al4LkpdA&usqp=CAI
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
721f4c021d879982d666e9b40589730f3174cea763c7641e1c9555b299944cd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 12:18:05 GMT
x-content-type-options
nosniff
age
435406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8345
x-xss-protection
0
last-modified
Wed, 10 Jul 2019 09:48:13 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 24 Nov 2023 12:18:05 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 05D2 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQGGsC3vhy570EK-svblO0ctEpsg_RY3kkY-06dITEigsikeO7Iix8VYDEHdNM&usqp=CAI
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
10239ddf3c790d4d6408ab2f4294559c8ede291d339a99b74b75f38589c96e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 18:08:32 GMT
x-content-type-options
nosniff
age
414379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24734
x-xss-protection
0
last-modified
Tue, 28 Dec 2021 17:20:11 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 24 Nov 2023 18:08:32 GMT
truncated
/ Frame 05D2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e34414282fb505678ceaf061ee118b5392c552c68d171a2165a45c8a55971f34

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 23F4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e439ab8ee7e09568a0a3c9ba4f7921129e48f45a5525a4b753e374fe5bb5bf0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 95A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9L4PJlu2Yixol392QAD4Y&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9L4PJlu2Yixol392QAD4Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOHQmqMDGMTqkNQBMAE&v=APEucNUDH-oGozTs_2-0sa2K3uuxHB1wIBDE7ZBr7aMfka61z9uHqtypgSYXYQE3x0wtT-UyB-vs0qeo50VGO-X16EBDJGT6x3g0tRB3Tba5HSEXkZBCGcNKQv4pTnPf95qOfwhjPWZdCFGuaFz-O3bcVy4op4eko3RcsdrQBVAk5i1Ie_5tzd0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9L4PJlu2Yixol392QAD4Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 95A0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4YFzApPPf0B8sszMUHZ.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOHQmqMDGMTqkNQBMAE&v=APEucNUDH-oGozTs_2-0sa2K3uuxHB1wIBDE7ZBr7aMfka61z9uHqtypgSYXYQE3x0wtT-UyB-vs0qeo50VGO-X16EBDJGT6x3g0tRB3Tba5HSEXkZBCGcNKQv4pTnPf95qOfwhjPWZdCFGuaFz-O3bcVy4op4eko3RcsdrQBVAk5i1Ie_5tzd0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 95A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAjz7PEL1DlfnLV_2w8fQJk&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAjz7PEL1DlfnLV_2w8fQJk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOHQmqMDGMTqkNQBMAE&v=APEucNUDH-oGozTs_2-0sa2K3uuxHB1wIBDE7ZBr7aMfka61z9uHqtypgSYXYQE3x0wtT-UyB-vs0qeo50VGO-X16EBDJGT6x3g0tRB3Tba5HSEXkZBCGcNKQv4pTnPf95qOfwhjPWZdCFGuaFz-O3bcVy4op4eko3RcsdrQBVAk5i1Ie_5tzd0
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
AN-X-Request-Uuid
4a2cf20a-35ed-40c1-a397-c0c0ed3e36df
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAjz7PEL1DlfnLV_2w8fQJk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 95A0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOHQmqMDGMTqkNQBMAE&v=APEucNUDH-oGozTs_2-0sa2K3uuxHB1wIBDE7ZBr7aMfka61z9uHqtypgSYXYQE3x0wtT-UyB-vs0qeo50VGO-X16EBDJGT6x3g0tRB3Tba5HSEXkZBCGcNKQv4pTnPf95qOfwhjPWZdCFGuaFz-O3bcVy4op4eko3RcsdrQBVAk5i1Ie_5tzd0
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:51 GMT
AN-X-Request-Uuid
d7bfaab2-2de6-419a-9ce2-397a37bf6b65
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1190396/65998078/ Frame 7687 		238 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1190396/65998078/skeleton.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.49.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-49-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
aa7ffdae3140bdf337a9edb14016f985c272a4bc51a6d22ee548abc7085608c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7687 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 08:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Nov 2022 08:38:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 7687 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJaz7QBUSrpKfWWCQ5JB1LNzwqxFzl65K_cccq9kWAdsyQjKcSxwOfkvbz4kJcmPLNayHJmTt6dCtKOmDhTg0NWHPeug&cry=1&dbm_d=AKAmf-Asb79q9QzxJA2oLaDTlNrSdKU2PbgUNdAsCOaxNWIlKwqIlVmvt_iE3ey9aSFD4FmCH6Z-POPXcjEqWPPFOhwf6z27qeGSxjSE3Qp5Fw-usqb4GmOLM8POrJXsyxPzcyRnvqq_uql46Suno8RZ-iEzQKgVr9XI16K7NZ75pYBnptuupDUMInSSOdUqFMlX_9Ls-PtxbPF08JregaAb5QwGBt-y9jO0883C3zhD2QVYuhgyEeslTwHMd03_xw8amZXrHmMGREjLODVNJOU18i3StYLL-Ce4S4UCOZ5GJ4gfKTarGuhoee6QTHtoIqEZEAdcBt-FVo_sG11tY6L3t8VyU1_Xb5zaJQt9PZYAgeg98MrI54fBe9HRtcwYc0c7jgtusZdc8vjYn_oXHhba-3bIjoxvOwze1aNrNTVTJi0psxSKjjahKDqOrNQWtm2kZYOjqGmML89TcpApcXRiXNb6FVSZyLfyhbGz7uQwCkzh6SH-_tsE7ldlqFUqZMmNEBQU1uxdCnWfAeiid1O995DFAy-spMATXSt-Uv2Wm-bpaXSb8wbRzhKOUYJZScZZe9Wx6ct08tYMtVI2JRgqtrhOC6fkWO9PxB7IXT4C9gXDGE7zTeKf-UOz1HCI9JiXsdXZ3knIDHVZ97w66rUWz4rOuF3nvHhmFP8GdkuF7kKSGZXK-7VfUKr5XgeSjveql0aDC5Gt0iZ6x_jxpy-WBu13iqyV-kuBfMnYoVVkKS8_vR4dMvZlCFgBngxTSpxhRPUWeF0AttY8RL7hNbEkdtGnpRl2xDdk3YkcTTKApJGpWk6a_bJLJsQLZYIeWL0Gu0qGrlcbQlwsPnxRtQfwJ3O3iT05nmIHNpGJWUJbK5rvNDe2VuKvRB1o6BriYzfz5tky94hUCBfttyIw-VWn7dz9uBk9e2KUZkeK4XMl0m_BYFODvPSnbSAGMoRKxZGjkaTRM7PW_tATMQfV2RzGWOgDHk9AGGgPGmxeDNUK34_yOy-iGUgTgv6U7YOhOObZBt1gXra1TP6g4iLJIIzQqOkQexvmCicvttx6JgWyoj1DlACEdHHScL4loOGtJKO6kFo109DLj_j-JLSoeQ8WhSrk6RMp-6eNxq6Ch74SkS4pkfDdJuBD_G5JbFB2mzb4dT10YJSMwpge1f47SP2-1IBoWk1k4km2bmeDbXRCWPaV4fOIf1uCgOK8EtT6Qp9AO3jOHZqfBUsk8_cOcgLDM9YVlVuesdRMbL8AfEcao2zBmp9dTXm4D9yf3wPaE1RoCLZLD6tWeFt8n27wKrOlXz1e-UJTAjHp4PfKe6cKt0B7MAf2YyK2266AI4xCKQhbMyS4vXveDSAZ14qNEc6A4TwX2PFca-hhgvk2J5WYtJs1rE9zPm9nD-Z2A3EXlu7jaIUg-a_6ayTLnNlQsv-1tYsBhiiY49cX0fB-4CZshC_SRA0XMggnVA7Eu2OXDrWmxKybtH7huJhi5DKw3VdN8HqsLfRfEb6nNJqRpoEOnUvreE6TxWXGqHzRTMuwg1PT8Nxdd-atEZ6EuE9oM6KGG4mExaUi4kiXaoUz5LfwTrQoDFXknqyRrzSemDYxuWlTwZJIqUd2TEYUV_vfjOrLVo52iAvZDgQFGIN59LwmSCBJfaI5XRjXmsndQ1wW3FqmsDJYOpHL1YXeSuDryIUu7QSPtNIY-rctKDXdct8pYjpPSvfkFV62YK4w-22uWoCc8yKnOoldnZeLKO4y5y4lgQfVgQyrRSDAEh8BHfGJgeYPc4bSfRefIQw_1wPgi0zi8cViP20OnLbwjOkygQyNJbr9-aEgY5y-FLf_GbjZ5u9jAah4sGh117Op_XDQkZwfGjMZivEmksern288D-8RaPlBDs_iNfAoPvTE0SBqctosXbfKPusXAgmkCchLfLlD3iELwK_KUyxbrX5zPTOuz_4j4iuAPA9fHBA4xN2StTCODbV8foHes24Wj9y25_qkW5nBOX9PVztb8aJMG8PrzdtmvbSIdlwZdL3lJF6I7zaLpcVUkxGMmijKXolHgDZiuTokh6I7S-ONaGZ1pjmjC07DPg2O79t_Xv_uy7QdQV4n_wWX0--eN8r-s-7d6cMAhGgQ4GL4bFZaNOXSjKLByc0TdFuSTed2np4I5m0WGB4J9nhiRYUliTRwh8SPHeeAZV_ynyv4ETjNBDgYGOcqxjIN4qmJ6meU8rHN4D3OIgwX5QemzpqPQ4zZYM6g2FHmD__6dUbVCpmFkbnRB_9e_K3Ci7WDiZWb0-M0i3imF2b64zT-ZCCQGC5KGls8OW0R2HFKUCZb19ah1mRJjcKChkZBTI8H8t5yXZWwKpQe0vOVHsZTKrbnLYEcO5uARu3oe9hQTb3DFBj0hNLBiWoI0dIRszT5NlOQmqDeEr9XMMVQdJXH1xXADoPwjXG-yrixk33Dli-Ojotz5YEypDvKNmijzMxwI08b7GpYbx_Z4OWzsLIoXscRAeG8QJ0zQbEP_2A4HjKnRj9w3Mqowqy3pXdnDxJScPDQvCaDhJgkNu5_We0RtExCcvemcJ4M64lxML7s6nQjrnK1sMsYx0hzeiBpCoXr57fuwIszzrFxxlEHHEQBFNyyglw0D73etVhfZtz-ivFtYm6anQwIYmeQ8muATGV2rk9kHXSq1C9JB65i2S-FOga6Uv1BTGQvxQqcs0pyrLETkIzLvyQ8IsnxicruIfrHJbGuUtL1okZFoYZdW1WPTm3FfqJtZxj2be-BtpMQ0fxbij-_lYkx7XQ0sUl2b93v8BZfhxGcTa64YYSOJVq2EjBhrvx4Gd0hUo5KDNrVnzLfrVIGXYk9txOPDiy7XgFEZ5ZeEl5fAAI8Qk7qJWdpNyZd9cXaIiDFI89G5jkK_j680PA2ffpz10Yy4XpupMg_O5ncwYYOJ9ov39r5ZC8VY1yZaAXVgNS-mftAqK0pw4BQxso1kkS9Ql1hbnZfmYMQMFq_pDCuVlwS-vxrkn7QkiprNO_TtILoVTsQq2q4wR5SitAy32GQy4-aVDEWuhzfIHa5xfUgSdKcvEHlamSPtOLenXGz8APsV2jv7OL8T3azt_tRkIoW7xR4pfHVM_alk_ZJQGzO1z7k3_cpTE5PY_JmY5Waf3JGs-iKswsvr3b_RsXEIqB0iFJ6MzTduCx3l_qpc1edTuJ8jtOfMuYxphcyWetMDh8F70hG7SHjL6eycwYvpxYI4jd2I8Oqrmz4bQ&cid=CAQSTADq26N9vsdeaenCVHZ-Z2nRjkdj4OQgnXGKIlGMhG5UF4685XBEuwGcMo64YQmXxG-LdzoraL_sR-GNoejV2jhVKQZRiPr2io6J-DQYASAT&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
3159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7687 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJaz7QBUSrpKfWWCQ5JB1LNzwqxFzl65K_cccq9kWAdsyQjKcSxwOfkvbz4kJcmPLNayHJmTt6dCtKOmDhTg0NWHPeug&cry=1&dbm_d=AKAmf-Asb79q9QzxJA2oLaDTlNrSdKU2PbgUNdAsCOaxNWIlKwqIlVmvt_iE3ey9aSFD4FmCH6Z-POPXcjEqWPPFOhwf6z27qeGSxjSE3Qp5Fw-usqb4GmOLM8POrJXsyxPzcyRnvqq_uql46Suno8RZ-iEzQKgVr9XI16K7NZ75pYBnptuupDUMInSSOdUqFMlX_9Ls-PtxbPF08JregaAb5QwGBt-y9jO0883C3zhD2QVYuhgyEeslTwHMd03_xw8amZXrHmMGREjLODVNJOU18i3StYLL-Ce4S4UCOZ5GJ4gfKTarGuhoee6QTHtoIqEZEAdcBt-FVo_sG11tY6L3t8VyU1_Xb5zaJQt9PZYAgeg98MrI54fBe9HRtcwYc0c7jgtusZdc8vjYn_oXHhba-3bIjoxvOwze1aNrNTVTJi0psxSKjjahKDqOrNQWtm2kZYOjqGmML89TcpApcXRiXNb6FVSZyLfyhbGz7uQwCkzh6SH-_tsE7ldlqFUqZMmNEBQU1uxdCnWfAeiid1O995DFAy-spMATXSt-Uv2Wm-bpaXSb8wbRzhKOUYJZScZZe9Wx6ct08tYMtVI2JRgqtrhOC6fkWO9PxB7IXT4C9gXDGE7zTeKf-UOz1HCI9JiXsdXZ3knIDHVZ97w66rUWz4rOuF3nvHhmFP8GdkuF7kKSGZXK-7VfUKr5XgeSjveql0aDC5Gt0iZ6x_jxpy-WBu13iqyV-kuBfMnYoVVkKS8_vR4dMvZlCFgBngxTSpxhRPUWeF0AttY8RL7hNbEkdtGnpRl2xDdk3YkcTTKApJGpWk6a_bJLJsQLZYIeWL0Gu0qGrlcbQlwsPnxRtQfwJ3O3iT05nmIHNpGJWUJbK5rvNDe2VuKvRB1o6BriYzfz5tky94hUCBfttyIw-VWn7dz9uBk9e2KUZkeK4XMl0m_BYFODvPSnbSAGMoRKxZGjkaTRM7PW_tATMQfV2RzGWOgDHk9AGGgPGmxeDNUK34_yOy-iGUgTgv6U7YOhOObZBt1gXra1TP6g4iLJIIzQqOkQexvmCicvttx6JgWyoj1DlACEdHHScL4loOGtJKO6kFo109DLj_j-JLSoeQ8WhSrk6RMp-6eNxq6Ch74SkS4pkfDdJuBD_G5JbFB2mzb4dT10YJSMwpge1f47SP2-1IBoWk1k4km2bmeDbXRCWPaV4fOIf1uCgOK8EtT6Qp9AO3jOHZqfBUsk8_cOcgLDM9YVlVuesdRMbL8AfEcao2zBmp9dTXm4D9yf3wPaE1RoCLZLD6tWeFt8n27wKrOlXz1e-UJTAjHp4PfKe6cKt0B7MAf2YyK2266AI4xCKQhbMyS4vXveDSAZ14qNEc6A4TwX2PFca-hhgvk2J5WYtJs1rE9zPm9nD-Z2A3EXlu7jaIUg-a_6ayTLnNlQsv-1tYsBhiiY49cX0fB-4CZshC_SRA0XMggnVA7Eu2OXDrWmxKybtH7huJhi5DKw3VdN8HqsLfRfEb6nNJqRpoEOnUvreE6TxWXGqHzRTMuwg1PT8Nxdd-atEZ6EuE9oM6KGG4mExaUi4kiXaoUz5LfwTrQoDFXknqyRrzSemDYxuWlTwZJIqUd2TEYUV_vfjOrLVo52iAvZDgQFGIN59LwmSCBJfaI5XRjXmsndQ1wW3FqmsDJYOpHL1YXeSuDryIUu7QSPtNIY-rctKDXdct8pYjpPSvfkFV62YK4w-22uWoCc8yKnOoldnZeLKO4y5y4lgQfVgQyrRSDAEh8BHfGJgeYPc4bSfRefIQw_1wPgi0zi8cViP20OnLbwjOkygQyNJbr9-aEgY5y-FLf_GbjZ5u9jAah4sGh117Op_XDQkZwfGjMZivEmksern288D-8RaPlBDs_iNfAoPvTE0SBqctosXbfKPusXAgmkCchLfLlD3iELwK_KUyxbrX5zPTOuz_4j4iuAPA9fHBA4xN2StTCODbV8foHes24Wj9y25_qkW5nBOX9PVztb8aJMG8PrzdtmvbSIdlwZdL3lJF6I7zaLpcVUkxGMmijKXolHgDZiuTokh6I7S-ONaGZ1pjmjC07DPg2O79t_Xv_uy7QdQV4n_wWX0--eN8r-s-7d6cMAhGgQ4GL4bFZaNOXSjKLByc0TdFuSTed2np4I5m0WGB4J9nhiRYUliTRwh8SPHeeAZV_ynyv4ETjNBDgYGOcqxjIN4qmJ6meU8rHN4D3OIgwX5QemzpqPQ4zZYM6g2FHmD__6dUbVCpmFkbnRB_9e_K3Ci7WDiZWb0-M0i3imF2b64zT-ZCCQGC5KGls8OW0R2HFKUCZb19ah1mRJjcKChkZBTI8H8t5yXZWwKpQe0vOVHsZTKrbnLYEcO5uARu3oe9hQTb3DFBj0hNLBiWoI0dIRszT5NlOQmqDeEr9XMMVQdJXH1xXADoPwjXG-yrixk33Dli-Ojotz5YEypDvKNmijzMxwI08b7GpYbx_Z4OWzsLIoXscRAeG8QJ0zQbEP_2A4HjKnRj9w3Mqowqy3pXdnDxJScPDQvCaDhJgkNu5_We0RtExCcvemcJ4M64lxML7s6nQjrnK1sMsYx0hzeiBpCoXr57fuwIszzrFxxlEHHEQBFNyyglw0D73etVhfZtz-ivFtYm6anQwIYmeQ8muATGV2rk9kHXSq1C9JB65i2S-FOga6Uv1BTGQvxQqcs0pyrLETkIzLvyQ8IsnxicruIfrHJbGuUtL1okZFoYZdW1WPTm3FfqJtZxj2be-BtpMQ0fxbij-_lYkx7XQ0sUl2b93v8BZfhxGcTa64YYSOJVq2EjBhrvx4Gd0hUo5KDNrVnzLfrVIGXYk9txOPDiy7XgFEZ5ZeEl5fAAI8Qk7qJWdpNyZd9cXaIiDFI89G5jkK_j680PA2ffpz10Yy4XpupMg_O5ncwYYOJ9ov39r5ZC8VY1yZaAXVgNS-mftAqK0pw4BQxso1kkS9Ql1hbnZfmYMQMFq_pDCuVlwS-vxrkn7QkiprNO_TtILoVTsQq2q4wR5SitAy32GQy4-aVDEWuhzfIHa5xfUgSdKcvEHlamSPtOLenXGz8APsV2jv7OL8T3azt_tRkIoW7xR4pfHVM_alk_ZJQGzO1z7k3_cpTE5PY_JmY5Waf3JGs-iKswsvr3b_RsXEIqB0iFJ6MzTduCx3l_qpc1edTuJ8jtOfMuYxphcyWetMDh8F70hG7SHjL6eycwYvpxYI4jd2I8Oqrmz4bQ&cid=CAQSTADq26N9vsdeaenCVHZ-Z2nRjkdj4OQgnXGKIlGMhG5UF4685XBEuwGcMo64YQmXxG-LdzoraL_sR-GNoejV2jhVKQZRiPr2io6J-DQYASAT&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
3159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:12 GMT
/
track.adform.net/adfserve/ Frame 1505 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59684398;rtbwp=Y4YFywAEHRkKd8CZAALcYhIyKR5fV3_LTr2uXw;rtbdata=nP8urQ73ttYp_enRfZtji-QlYbajIGynKGQ58fjrcMwupRcRSq9UY0dlYceIdlNZ8FjiAZlrHrNlQlEd3KSQ_LMWGyRsdRhExqkM_R8jG9oQirHfBNSYbEW4HKdAnXKftJ4O5-60MG-JbxrYjOJespcZEHH8CgapqM4-vjQWsxJTaixhSYltv5Z9QM3oeu6XhtEIKJmTJuUZxmfHT-Y4GBPWdM9YSG2xu8am9fQCwQH0dLJkiPwhWhHH_a0OjD-J8_a16hUMS42CayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRdV-_tPjuH7n1K_6xTMs53H5vZz3Ug3p20;nofp=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsut5FxnIfCC5KBJmWuS01nxT8PJN7NHB_5USYRg7pXD7ehasY9ugx2z23fPPcEhBTJ3QCdfcc9H_5H6DivrBGGsvlq1jZNBze10AgMwsm_lM_92OpQz8CLQCGE5igFaLHDV6Az4XP6S5p5EGPdi-fmavquj_TZDQssbwVgvZw7qIUXKSYBwUc6Wtu7n6Ch2Bc6hKm3TMitLWNvGQPKaHGNhQr0aeql040hXJgyorl0OfQvHf8EXgh_B4fTgz-ErjRvxRdv8m8pLkFTodxgYh9nUfTaL3IhmrQ1N0dhY7aUMtCx_Ny7wmt7fgCpKlfHrCUpltVmHzxn49jgN-HZBabO1K8qt8b_N4g&sai=AMfl-YSFH4nnEB-8KTSxpV3gNLKCy5Lb5jOIEbBVhD6GW7GkTNRyjgOCvb-7lDFsxsKjOej6OdBv1WmFUsUAeHS__9gTlJ8tvz383SrAExdshdPoEzo27YZ9Owx_bxHEf2ll78fY4ybsx2hzW8a23cS__w&sig=Cg0ArKJSzE_vyE7rWMzuEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKvyBywWGY5m6EJmB3wPiuIuoA8an3O9cvdKFia8LwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAnOjkp2guoI-4AIAqAMBqgSDAk_QBFJ256LlXZF5haSbAGJto2iX789py4mm3cHdr-m1NJ8uiClI-gpJ4uRKQVLTtccRSnZqOuI0nb13ClqtIrn6NN2JkjTx5YQw49lp3mPv34rlNOMFFlvNxx5JjgipUfKGnuc9FzoS00nNmhRetXEPGAGf-Z-0u3DaYL3XTGNmJvWjJbOtk43Wi7E5NnoRs9rPvfkfmr15hxTWPt8C1vVNavIMfO4rO1fLouyzNZWh5OWwEYbhsh_ij3fOQs_zdK5lZmoSUyR5Mf5LH31gMPOgRYshJZ__-IEAkMMPPOo9xuawj4uqfPQVmmsNFuHUMloaJLQAxamblGIsw4x7_xf1oKngBAGABqHLor6YvLaPe6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2mvu6sCjAVu658tKSD0HjToN3RLQ&client=ca-pub-5845685380979936&adurl=;js=1;adfxid=1x;1831;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fba.n1info.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0acf188b877847f05d8aad71df93b047e03795ad7d3ef28a1af0d3c36c378ea0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
5317
expires
-1
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 05D2 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 21:33:43 GMT
x-content-type-options
nosniff
age
315668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 21:33:43 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 05D2 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ba.n1info.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:44:30 GMT
x-content-type-options
nosniff
age
570621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:44:30 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=1042DED1BDF04D628FCCFB232BB3DBF8&RedC=c.clarity.ms&MXFR=2C0A48C20F6267D7340E5AA90B62694D
  • https://c.clarity.ms/c.gif?CtsSyncId=1042DED1BDF04D628FCCFB232BB3DBF8&MUID=2423EEF8E0E16007343BFC93E18A6160
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=1042DED1BDF04D628FCCFB232BB3DBF8&MUID=2423EEF8E0E16007343BFC93E18A6160
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 55B1D74A1D9045CF905C830DF6EF2052 Ref B: FRAEDGE1513 Ref C: 2022-11-29T13:14:52Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=1042DED1BDF04D628FCCFB232BB3DBF8&MUID=2423EEF8E0E16007343BFC93E18A6160
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 29 Nov 2022 13:14:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
LuLD9aUTRF1pfbI/l2A8gxAgOscGnDig25wThLB1W5vxCkfLeJ9FZEkbQhEpB8mWia6CR5eIL+Urn+Owbb+zPA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
container.html
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D66E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Wed, 29 Nov 2023 13:14:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 05D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/hr.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
41890030c99106ddf45cf2dc51b9ed0241bca57ac0febf325e66c17f825d5738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 21:16:20 GMT
x-content-type-options
nosniff
server
cafe
age
57512
etag
16100059778690108780
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2848
x-xss-protection
0
expires
Tue, 29 Nov 2022 21:16:20 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 05D2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:22:22 GMT
x-content-type-options
nosniff
server
cafe
age
10350
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 30 Nov 2022 10:22:22 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:14:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:14:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D01C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 24 Nov 2023 13:14:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D01C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 24 Nov 2023 13:14:52 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame D01C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Svg9k9zcxLb0aY-tLF4OOKXLC6IgXAXr6NliWeViT1UI9cElFpA_ENMsU9LxUY4AR0nV5QeKRmX8ET3SeyBFdaVrww5QJ7wTHP_zgo3X6arRdrsP7dTklhGru_j06rmxCEAPO2QcYRUj4kmNSC_7BLJ9P1bQeuzPIJVADjtwW1Juw34KcFoUKYQxiHjN5tcEu8h9X53kG85nR9d3QCnN8sCzyZJaAPQBOCbKpOUwVBZN7Nw901JSQXnHZagS1F3FcZ4KE-v6rra48H2SR9G4xMcu8sI2baV9HiCx-ESwRbHR3x6_bU5gz_qDh2EyFS74HAprrA0-iWfBTF0o54tTHZgyfP7ipa2xKAXEebc6GYvE25mGSqVsbOUJZgiF9BRs6f9I-Fg5AoWqxB3sfFVZ_Pg9852BItEjXpBDUmL3boR_7BAvDli4vj7PLSVQtenitzI9_g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2955828
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 428D 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNWFKG_73oxgGWzDblhDAbrtjux_G4iCCAYZW18mR7ZxIkpChzW5Wy1LWWXz4yvzTbC2GvoDrvhQIZdVPJ7HQBleh86b0cM1tBP76fP1KpzEVFNAndLtBk0u1VZbXGwiUzuCHYjo1HyZ8GdojyBQTGBvfbuz5neuuUOo2IigCIDkvFt9Sos
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D66E 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGc_txpW8xal6r72HT-SsgSSvJlxif7UG51P4IiXI9_fuTK9SW379OOExMUaPpvEKiUKk9uChzrcHYV-Xif-BZeyieodYZraBmA_aTNgZTDC04YNvwFcnv0SBEP_uKoKtjba6F9_Tplb0iZiwy23MDvKTDcC-a1dD97Vpir2BSzZcMbsw&cry=1&dbm_d=AKAmf-AErUTnQlWPJayOjryJ2bAP0SCPTCrjPD5h1A7n0ROvYWHrVPAKwvJ2uU5DXtG3AJ05acPyB3UKHTvX9AsQfONQGgNa6rtLLNTgXZ9gzfG3tHndijrx23ZCN8DKLiO8Z7zjrVQLnZ63HNNFxODk3vrPyWBHenuncu3UgymYdE2u3NU2zl7YbdK6jKkU6y3JW40eLHMTVsQz0rikXWCSsgvgZO4VAtmdnyP8VKZ6HX5o0ZFEuTGxi6Xex0FwozM25Jb5C_IJNcn_YiE2cedxuQZC0I5rJKQperi9KY0RSnnWDNk4SPMYbFCf7bA2m8AuoaxtCi9eWvT4AHKciou9nn-C4s0oSAbsIvtH2yH_On546krcxPiMBZGQJ2PWJAKLY1pzSwlxDvPDc4nADepjwPB25CQb95uyKEelEHbS6hyN-5jV_QOF-5hi_v4VTV2hOcZ5lHLagol-IN0n0s3tYVkKncvSGrDDWDwSuK8hV9Gdrwm0UMVbOocWUZuOrornTC7oOPBnbI5IkFmJb1mhffN4zMT8IzL2txOdanC8ZQtsUO1X2n9CZII25pBzhYWed6N83U9EIZpMJQ9nHlQ70DnWh2e66HjVRk5-6YRaV0lqfODI5o_MPjf1NlFasQ5fnpWfrAbzjhQOEmOZZqPWI74g_8l97qD4J9vIBPl3CCaFMvyDi_gH90UVLyP_5lh9nAyzWTF5ZofG3sZzB5bXYB38TIBN92LS5xvs_jM_LQBLmLvnQHJ9-q4wpRjiD6cvlkXTc93pTo16aPKI7xkapvEMGoWy7akr5AxedzV-uSoluxU3INqABuzNqqh41gjPOgyBmERKV-DUYH8iCtTogeegKic0f0gLm_sdvA5whIf30ymxgL7MYXHwhHrAJC7m466ZEL2HO2K5ZiHmjCKRIA1rhmJEFzZoUxybNpTS4LXqiNkCi2WCQDdZrY-580s-9urxX_6YhFECUxLfYHpHi_-dTsIQ9miriMAvtZKDhd6iWH4qEnqbNF8SBVbwWrhKSg1S2IQ3W63QnEobkDAo8zTR2DHTg7-i8wuJGhcvtFxQJJpgKoVdMHGKOKnWDhQrIU_OC1IgBMEx7slgG0NDklVoDENlhZUIjlj-wxi2My_U2thHxRx1-ZgWrRAscnqN6egN3IHtKgLfXDiH8nBWT0ETcgr6_WhAOE5jabxw1RyIK4aBehgMEjPaC2z3jbXjQ79cr3U7vsVlrNC8NjwcsTCyjaFoKX0xCnqXurbys7YTlgq1nhx2fITqfnWNDInf37rPL-ghqXDWVYXN_JdNBXi7yGCoOJo_aIEZLj-_0r4YEzalT6ru9y9RKI118YsQ267KvI0d0x58XA5sRKiCrA_yb4Xxy3zwIAddef9xOBKpZWsljN1nFGEslV_K1HOJ9YqmgOKi_tQBH33_kS7u7Lev979GsJbskHsQ-GyH8u41k5K1QpA5A9ASXTnv8vAvwi1K6mqSHwW08Y7wF70jSTVjTEqO3MVKkI7uzyoKqw9KWMi3eeBwhWwCHWE0gPH9uCx7vg3w1_xHxPm1egljAYw24ioDTRGPfommqGu-OsNkHM4mvQU0UPQ5i1HObJ7L8pPetwHOUa-dle0PKiFmrCZrasuBE6H11_GdItMSATgHCFBaR_iWY0GuKDpmkupYx0QYKAdovuD3rJ-QfOYa2my66D8vW-5iAmZImrhugmgSF6rI3R5LvZX994ucOgOg8jkPblWScf4uIXCkqNCp2FqTZfDKD83V1FwbVTZbWLn8KAwa7jHbd93Vu4pJ_ve7QwpvKvgHVbacmz63BtwmqB923fjYb1foH0Mh1BilSgUxekdCjh7lI_59x4VzNi8jzunk19wdE4iHc-BBI6_TY7BxDQGxz5_Rgs5neIODlxx2W_WXHw881J3NhuhBRYEkPJwr-NHK7tylh-tyejZNjqAG5FPgJ3pKjRPWYZ0U-eC9p4Mr_mddFM-fOF23bXsn3Az87D6oPsCaXjDxsmgQFISRxWTUsaQnZm_5_BStOAoaJygNWWNxa4sFj8SLJquc0sxvA7Y6JRRTQZlogdrOMurRPa0ozGkrskH1_bHEjPhbjFWxAHklcUwW4wZ9VF-sOXtVdpy3RdZK7PZ4SNI0JAeYg4oz3O8yfRiCF9rJUVkEM6k_rX7S_ATPV6w7XwCK3EwBLHCyfBzwqS_lpcR39gzUnoo5d4ADvhJCnw51O5SM8isIAVCz9phmrfQbawekP5GCLKj1XfKGyNjVfLeHnMLjZLJMIRVfZZoRJR4IpIAk-gwyg4DX7LcimnLVsvavfaqnrdZ9z_aYnVe3PlryK7QlgXmFVuYaXaCRgUs3SUvzHy03cJmSU-YTAMu5bFynOyQOYvbpyfh2Eu1CXsKsSnrDp0-NtEAqeUXBeNv3VN9SRLz45Lm4tMkBZ01MmO-77WtKpjagdygT4CJvuKMlUFc2ILBmblqmX41HInJlgenRxIHwlEXG0H7upsnXNCw7IU6OK02H1QOTbZ7xRrKqRze0IzzaddiY6XAp5nMjE_JtURAXInbT5PmwUc7oQ2iMXwn7PIUSv0-sKqt9tFbACtGB2Cio4oxcj2U0PxSfZBWj0KfkNm2jjOqx_auNgaWBKfG5q42KGtCmpkMWeJFAK7NF6h2NBFUqm7BBNQ92QLl3ZHakRJouyu28RT6YdV-ZX0jGxLEeFXnucY-VyvEbs2I4K3in_urM4gxHmrGN87waW-XTN6BBWGKIZ8qkMgKiwxZVrBdJx51_mtTv2evVJBfFWeUENPMZQcVN4KAld5aIz8F_5jQXwbABEsBxASNQwDI6L3bxrXZd9QfdjgS2KroDDiTiJg&cid=CAQSOwDq26N9ETpM69-9QIlBu2Qsb-L-_pFpcmKVq84-DZmedCfN2T9LqTDFYhYCohty4O7_dGcz2_QNOT28GAEgEw&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7f7a9e898a3f0fa3cbdf3366f13a37946eebf56ac85cb7be6c0d8adf54c8f74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D66E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxwuJtW27XzFhtw_a9LfBTxJU1TvpZVclFFFH_Y4ys7ExAy-t1lyKF9_yZTK9W90UTokP2iR_Hxlfcj4h6owNKWuz04XhjbJ6wv9IBDcPt00BT_aA
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1103447/64557517/xbbe/creative/ Frame D66E 		246 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQfoCl54np8Ez78vQ2e2hlwgFYsy3m6k2XYWJN6h1wMyzYI8xMSYkE9rV9umTudlHyJpelLjbCLXfODRbZJbWjoeceWwHanpFz1qESqRQAoCZ_4OcWFzBKnUHGOt6r6N5ISwCUXeBNEe_W-5aXDzuAAqu41UTZC82J6Sus0-No3zyEZwj14pon5bcdgYD2cxIRpbbF2jWaotDh4tw8OkXCccLL2hXZ0VGSTzg80AJvFAsLOPGte5NmkJ9ovzZqPFOAt7JBBJ0LoOzE_vzTxgO6SLqLsPKyUI5_ojgm5-dKJy9zc_2dHHcAwI5KFvOcZNspvbYXK20q_8j1X9l_Odp2aV4Cp23-xtTwhp774Q8LSChGObvC8TmSZFDb6qkiRDSLTKLt7kOP5Ers5HY_Pg5-pctrwzbzwkz9dsMZfshlTbV_HdtCvZwCnwQ3SHnXraDCCKQS_RiwKmLZpxQrsSADaZOSgjmH0aoULkUqxh9N5lWGLLxlrmg9b1z3XRdTtL9kf6e5pd2xSN7nxz5ZBzqkuA-LuDe84UxG-4v6L--FjK1E3kWS54if2vrFOUGB70iKyQBDoelKFc7zy0o5GOXe5Ruuotd0pXFod9WNkd9GSKMQR1E-VfzzKbfF-0iGRde7Zv2cw45S6vQjnOp62bf3E2c-Q_0QzkDQzab5OXHhIJcKtcOg5y9HpkeWo5kRsT4WR0PuP6Y9fTi_ZZtzJh8x6qtKd5_Xz8Vgn_yA5WAXoP7UTyqWf9ywr3P4GgWzohUjPkE9Tsa64Gu66YogB8ChYee6SqiqpWhfRhAQRcetdJmrDpjVgjvrAbCaueg8OXdLYDmYVv0TNyy3eN-kCMq7s5duiC6A1UuL2T8MBY1MCL1RcHZEF2KS8N9xPZZndONXGFQW41cc44pqDStW9K3D9OCiEU-aqUDlr9hrblMFzbOENQCLZHXnmmoscEaEC8dmZWNI2jOGXyOH7JmhPE-Q_YCiPiHDRpPrZL7rQUb5RP-b1xUSJqi2GV4f_fvHliQdE-B8TEhxgKDFGvkssiCF9ZYcHTlsEzcHnOJHgDd3DXnn4K51Skc8yuGN2ew5le-5vWjhYKezOnFo-jFodAeAy0n-a9aSS5sc1QlNGxv69PSBqobfuSfWRfmt17IUzPDqLMJ4T3Tgcc-6DlGchptoj-Du1sEWXcv8tXpm-wfAtSM01TUAL3e9tZqoYtfX3dfATwG2umoBmq4_9o6_RyGmXDubXA98_Q2IpbQBZ_CrjSa2IJYk7BWneSBmDhmAq_QYErWqezcSmqrm_xIQVeTRDvQu1AH7_Ghpp80znGoR021hL2SHXA28M3mbthKxeS21VYp8qF8CwEbWvLpAsWer94qeCQSODXv6bWd6-li_kkeUwJMB_XjTg6jNoLUeYORTE5z8LlS2rKSpj9ecSolvYMsYX9IahUQEcUIqe6qf9H4S7DgZJHCPXn4OWydSybQWW-bzqn81_SHLbOVgLg-6UiL5iZb9J1N4e1N9HLE5onembAw_QMlCXZjI6xppANgQoHWlHjvvZ0odpSeCJnlzcLpt1vyI-qP8WSL3yLAd7LutG5MUr979-yq_LdtEbnoNQRRCCz-s-jxtAetdTnxOIOE5KiZNHz9iAC6jkwjVYy22hEDMDO1XfYFLRUuYMqzbK1RFzUCNniRd5SOsRG51i8oWiIcJ93tl7oTdRz5MEK2kJbFGGdfbGC051wZ1pPv0p38DCGlh2zZZeSTRSNmWXoG92kf3qm5XmDFm2bFTYV5njhnWA6GFtLaQu5csYFBrwx1O8ZIkwXs1cm0ryi1tJyC2kc93hEyWXYTMiKseqFh1ioQk8MDW5kyhPg5VePGCEk1olOlOEkzjykEKAIaDiuXBYwvsHADDKvQN_gcy3gWIo51YPCH83IHJyxTkLTKWFCbrCIqAbQMtwG-nVr7ekeHqdBPDuWD4Kt9i0FWaI3JZn1tFwj911JrafNDbPhZjSgxD0SvoCsdQJoFSYRB1I7zvVZtGHdEObULXHA0i5RbuotzrZey2zbFSbN8fv9BM3P2glMoC5LZbfQx7sq35jfLfpmjWsZR41zt_kkLMGTyt5fiU5ewEweH_m2mE_hqQvkHZdG6axCWUF30hpKPAcYJLxmH2r3Sz4QcRs88f2Z4jrni3obY7HjDDJVHWuUKPoHkt9LmD8XDgOP1dbVgm0K9Uhqxm4mb1C1Z2S4s1wwRDjo8TbgWBTU2CTPnovFVccw_3rveFkrmJnc7a5haO6mnzuctg9bhMw8MOZvQ3F3lFwhmgz_QZjB8Vgs49ETofhRMpfWVCBpVTb7aWOF9I6n7rvxZL7zXxFMpTAPmAvWE7PnwMOf4hC7TVM7WTqRBzolkqrk-syrbvygks1klhOwYjRAhuzdRoaYh242MiO0w5e7CI5fUMayHwPeHhP9TqodSw10PzO3qmXJpBT650Ds_K3_GNR8j1ZCSrKi3NkvWXXoHY9L5Ldac3TvdyDOLl1JVRgSIuXovtBclgXZ8LwcqJ4328vfg9RtbxiQOrjgfZ2re-zxv3cJW2PHBiY-KdOQYTsaTEErdqaLelddvPWWkYea5Qy7J6Wm3JLWEmaDVWok1hR1i2ZD5x6uB6xqomcFkfoihStJ-WUVuijAfwl9NcQW7cGJ2Wkd2JYIVBUrYOPLK61ZY0mK9touY3mND2t6gZqwuOczxmv8afqoMq7mBMzdjLUoPfS002C86LYsiA04gk_XLveJQ5YWEAfUYmwxpM2RdNdwV0ajqKDioyNEpBWD7fueEttFEsFV-Yfo_DoM0pJcqjQ3vwTqqE3OToVqQDRTuc853WyhzuA5k5A3cOjQDrUI4aWiOSmbwi8drPh8YK9-32z9lDi4CRWQG7YIDgMwsOWVa7JorBFm-SAJsvE_9-qdra31hE_gnMNqXb5K5MlUBnbi1GeFluNBLLiMrLOrLihVXTn3JjkF1PE3CVPGB_N7rlWP8bcUOiP1p0d3mSQcgfxP96HnwjBmpu2VYIK0Uf5ZZ9IFYcxzjVguUXoo6bEM-d7s81M9GMIjNEFX2m00Ah2DdZfB-5bxNBUT95Q2zzTvzBQxBrICjaciMjn0g2RhyfTr2ZD_DeLAXL_psXJQitFFHe_5QFnrW0N3IrvVVkHUTRJCE8DFIDfniFSnjQqJsfjl4iQ9sGZirnfmcNsmScXWFLqwcKWLW6mzhSdpBuLv4DIb1OgoNYFcS7lCWeEmFJn0hZRblKNVJ8GoHOPOqXOsc1jERzvfFQ2zXEnPnYOc0DmqNsTLV0oWjOnWnAkmMcR7q5Hl7LT4ZaZgXE03ZvisLjCV27thjSx07Dy8LOnYHFAb4WX8DWnTdrC-Md2QXRZQIoJ9mqL_1CzdBu_UKKKx2GebJj164mu6nPMD46AS32IkZcHQHXpZY5hRK4a1Ne9iTmE1onMHN1RFSLtly__66i6sZNEWb1mgVw1vpliTRV72aEoz9jI1uzKdXns5iddQR4MA846NJqOE3CRPIiMSCDRVz2lIWTuqa55E84Hmqt3xMWtnwmQy8Cxl4PYgfXgf2YQUTJzqBy06UupVYaQwgEEjsA6tujfRE6TOvfvUCJQbtkLG_i_v6RaXJilavOPg2ZnnQnzdk_S6kwxWIWAqIbcuDu_3RnM9v0DTk9vBgBIBNgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-5845685380979936&ias_chanId=1&ias_placementId=17668765392&bidurl=https://ba.n1info.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g8YxwYnQEkb0rf-H6cB8mB
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.49.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-49-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
90076179d83df55f7dc01933b8f63a73f71bede46b4f136b3268e3b3e86b072e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D66E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:13:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
3690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:13:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D66E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
3159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D66E 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 13:14:52 GMT
B28820269.352114581;dc_pre=CKCj26-80_sCFY-K_QcdFvUNbg;dc_trk_aid=543221330;dc_trk_cid=181811941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/ Frame 1505
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352114581;dc_trk_aid=543221330;dc_trk_cid=181811941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352114581;dc_pre=CKCj26-80_sCFY-K_QcdFvUNbg;dc_trk_aid=543221330;dc_trk_cid=181811941;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352114581;dc_pre=CKCj26-80_sCFY-K_QcdFvUNbg;dc_trk_aid=543221330;dc_trk_cid=181811941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=8451
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352114581;dc_pre=CKCj26-80_sCFY-K_QcdFvUNbg;dc_trk_aid=543221330;dc_trk_cid=181811941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=8451
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D01C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2272891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwQgTlTQdHMWXFa9%2BicDjdLEqcVsml3m%2FIvSYHwgc8WQRtI%2BMbVrRwVF5YcajVdZBSU54W6y6mPP89eowiEGSWOv96BDUozHFFXi7dZWc%2FJK2Zdgz5sTH4bBHLts7qLcJoIczGNW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
771b9bdc2a9b925b-FRA
expires
Sun, 19 Nov 2023 13:14:52 GMT
animejs.js
static.criteo.net/animejs/ Frame D01C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:14:52 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame D01C 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:14:52 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame D01C 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:14:52 GMT
img
pix.eu.criteo.net/img/ Frame D01C 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fc7db8369314c442a8dd94287a8ff8fb8_square.png&v=3&w=356&s=rkmQJgAi0ArHa2aG3wDTcpxI
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28032607
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24954
expires
Fri, 20 Oct 2023 00:04:59 GMT
img
pix.eu.criteo.net/img/ Frame D01C 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F6a0067bf4afe49a0a7c182dac5a60db1_img_square_1.png&v=3&w=1200&s=pNOmrZZfv90uOeWgK3Pz0Dmc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28829960
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
136144
expires
Sun, 29 Oct 2023 05:34:12 GMT
img
pix.eu.criteo.net/img/ Frame D01C 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7c984f63-729b-4393-af00-627d39b0fd9f_adcfc637-cf8c-4d46-bb29-d8b8c46f8166.jpg&v=3&w=400&s=5Ol_Pai8Km2Es30UFfcfoVvd&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c1280929356dad255640e376bd6d017aa248b7a4a4d4cac619ecbadf58b4ad31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=320826
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23966
expires
Sat, 03 Dec 2022 06:21:58 GMT
img
pix.eu.criteo.net/img/ Frame D01C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fa638edf3-d44d-4903-a700-1c128dac87c9_bb2b402e-2a13-4c04-8ae4-ba8cdf47c97a.jpg&v=3&w=400&s=AX7hNywJJijNs_i2SZpS-IWG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a1218db524c537fdf99116e6de3c3a0149007cd7d9aaf4ebb3e203a6e0173d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=929288
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12558
expires
Sat, 10 Dec 2022 07:23:00 GMT
img
pix.eu.criteo.net/img/ Frame D01C 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F9280d7ae-9f02-42cb-8c6c-a829d9f1e9fd_23e4352c-b604-43d8-a16c-e5b53ddcf79e.jpg&v=3&w=400&s=bisbGzS5rLnhqEqmBAzD0LDv&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
544495cc3f17a4b84fa4eb12b28394ae7581d633f0fd43e14c9aeef41833a9be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=865258
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23552
expires
Fri, 09 Dec 2022 13:35:50 GMT
img
pix.eu.criteo.net/img/ Frame D01C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2Fautoscout24%2Fbdg_deal.png&v=3&w=400&s=F400UoB6GgHzYgI2acYkX2XE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3898341348e707a2908bbb226b1f23d6ffa5bb2038180de5ce2b1bebaf23f7ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30381859
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1711
expires
Thu, 16 Nov 2023 04:39:12 GMT
img
pix.eu.criteo.net/img/ Frame D01C 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F45a0ecae-0744-44f9-a32a-6df7a21350b4_31c2426e-6fbb-4345-9d55-a6ac98bfbd58.jpg&v=3&w=400&s=3D7_9pRJwPQBMTtnl10tKdiK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7169e86a2a01636d44c0f25ac7df060553cb6d3f2afe2f8fd0b1162fcaadf42c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=586438
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14488
expires
Tue, 06 Dec 2022 08:08:50 GMT
all
csm.eu.criteo.net/ Frame D01C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=_Y20mAOT2r365fLF6zZy32c6W1iF7jfIGUH-m3etSv22umNQn6SW9XeA0Ruxso5pqi747xF1Q8sz31hdU0CFErrSlzGabS4R8aq9HCzG9CQ5aLg51sFASDE5pen64Mj6osaXD3EBQ-gpe8iInqVOgh4C8D9M093CqcW_OeiCAQIF6wVODzuUSQqnkPPvrFAi6sB1VfdYK0td6bRqHrNpUS5zXbHESgIROkJQJ-EROFmnBL7rJAhG-xLkUCwMXnqiJZjO9g&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 13:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:14:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D01C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4YFywACypsHg4qgAA3wrND43PHWfs8HRtr3Ig&u=%7Cjx4UlRZlrVxIrzpTbKETRz6JJ0Ti78aTTWhlOkCf6T8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbv-ijrtW0LJYF7cugykHzss6_INTKTRYN6j49sxKbJC9kwjUhZfIkTTW7Dsavof_zkMl9di5PDKENjptcNoCdo-bMrvKssKeupS2005VsHPyxT-fiXNUwiJ-thGvqi6KXm4fvCj19TVeP1wT-8vRTUwBPcw5TwWcqXbQtIKry3NwSCQFypJnlsstnzJMo19oDm0dCodFwE90A3o5mMzlYx4OHZuE03tNG2nSt9j1LOrCXlwCE_rCci-VzCTlvlh4P_-0jMWBw26Dlwiwxs9XAoZ1WqWrLsgn2aGg9998_RsnejYp6Il29KnCimsE352bZKPpgvibYOTm9AfewMbrPgfeFWkvRiQbf5cDzeADD6S_Az71wP8eEhmGsi-SVSRfK3h75-J0PlRE1KNwMIe2NrW7rQegOEvfPZNaAoFT9OH_yZLAEujZPjLfTZPlDjJWETrq6GCdifLLe7P1NLZyJzh9TveOt67p30ydC4VQXziPEmWx4q4fKPTgXrq8fZUcRCQNicMalb4H-3N6doMkolUSNRhJoSwqDBQATbBuzCISyGcrC8zCrPg0MGV9VqX5XSNUKOi3fehqjcSr8PkMctlrYHSabrd7-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBPUIywWGY5uVC6CVjuwPrOG3uAvJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTU4NDU2ODUzODA5Nzk5MzbIAQmpAkZaj3z6aLE-4AIAqAMBqgSfAk_QRHmcikzo0jGmz3c1czA2WbniqZzP9N4FOpMErbI8qxAXTLwxLJdJQAkcWf0NUQbs43CLXkfJCj0MHFOpQDpY2I5AnhK5cLktf2VLtoBCeOYciKnTf5vTw_F740M8v5L7qem7Sf5Bq2LlviuwO_0bJhiAAZHWA3JHEwn0WzQCvCtmo1Wrxmg0GTttFMIJml50RxrWi2kXfgehdYhOr5nynPNZqBjaMX4O9jDVu9fwi0ZULFacaECPwDlU7D713sg-uyDCLIAad7AnnLabdH9NAY2tptHFkHyKFAjT07L4umRqeNCklDdxZCtIHxxjyB7HNHfOLWFoRKDitnvuPHWSIockLZWS-XGK08b8G-m5coYiLlGBLlE5RgZKq_A44AQBgAaJiPDzjaCK-XugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0eGUoKX_SYnRalreKX_tftYdXJ8A%26client%3Dca-pub-5845685380979936%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:14:52 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-13.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:49:17 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
1535
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
gbKpfjcHITn6fRi2Xrs7yzdb5jZsUEzdOa6yk7OLiWTrPPjrzlMIAQ==
expires
Tue, 29 Nov 2022 14:49:17 GMT
truncated
/ Frame 1505 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c9ad49717ce8fce399715f04233409d979807ab4f353b05ec98a7e2208af2c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 428D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNWFKG_73oxgGWzDblhDAbrtjux_G4iCCAYZW18mR7ZxIkpChzW5Wy1LWWXz4yvzTbC2GvoDrvhQIZdVPJ7HQBleh86b0cM1tBP76fP1KpzEVFNAndLtBk0u1VZbXGwiUzuCHYjo1HyZ8GdojyBQTGBvfbuz5neuuUOo2IigCIDkvFt9Sos
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 428D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4YFzApPPf0B8sszMUHZ.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNWFKG_73oxgGWzDblhDAbrtjux_G4iCCAYZW18mR7ZxIkpChzW5Wy1LWWXz4yvzTbC2GvoDrvhQIZdVPJ7HQBleh86b0cM1tBP76fP1KpzEVFNAndLtBk0u1VZbXGwiUzuCHYjo1HyZ8GdojyBQTGBvfbuz5neuuUOo2IigCIDkvFt9Sos
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1NBezZkSKo6fgZATDIYJE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 428D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENyFoFl83jClvWh631l-OYo&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENyFoFl83jClvWh631l-OYo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNWFKG_73oxgGWzDblhDAbrtjux_G4iCCAYZW18mR7ZxIkpChzW5Wy1LWWXz4yvzTbC2GvoDrvhQIZdVPJ7HQBleh86b0cM1tBP76fP1KpzEVFNAndLtBk0u1VZbXGwiUzuCHYjo1HyZ8GdojyBQTGBvfbuz5neuuUOo2IigCIDkvFt9Sos
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
AN-X-Request-Uuid
a1201bf0-1ab0-482b-9c09-8c0b615f26c3
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENyFoFl83jClvWh631l-OYo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 428D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGN6Ay88BMAE&v=APEucNWFKG_73oxgGWzDblhDAbrtjux_G4iCCAYZW18mR7ZxIkpChzW5Wy1LWWXz4yvzTbC2GvoDrvhQIZdVPJ7HQBleh86b0cM1tBP76fP1KpzEVFNAndLtBk0u1VZbXGwiUzuCHYjo1HyZ8GdojyBQTGBvfbuz5neuuUOo2IigCIDkvFt9Sos
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
AN-X-Request-Uuid
281fb422-0ef7-42e6-9880-de4872ab8881
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTExMjc1MDk5MTk0ODE0Ng%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7687 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:22:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 12:22:14 GMT
truncated
/ Frame 7687 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a13db1bcb871f153bce290cff64b7f9db8f64a5d9457de0ab8d0619bf462643

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:contents/ImageTag:types/ Frame 1505 		92 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3ae68bed0944154a00f2371f711d1ee5253d80443f7e3b3b6b69320783f9ddf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Nov 2022 16:37:03 GMT
index.html
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
6b72faabaeb068cbedbc817c17411226b693e35ee619c2bb88139201ae6914bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
523202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4111
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 11:54:50 GMT
expires
Thu, 23 Nov 2023 11:54:50 GMT
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7687 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHQZYK5dikKI5jsfZ9lPzBwwuZGfFvZ_RIIGbQM-yIst0sA_LS1V5hrMMHcV3sd5rnlBqMFOHRbeutXS-fCO8KwCsXNmemw7fJopSxTGP05ByuPuWbzphZG9oE601Gg1Moxwi33I6M212_EX_x2qn6wF9M1rAo7-rAQ0zXUSAMa54rPqwZuercKrmT-YV7TD8MUSbRWrbMwLPTIePR0q7nHsrqw8HLygkswlCIAjpWhZObYe6SxPIqtu8LMKMB1NYgdrF6BHqXPCHQEy-sW53oBoKjeEsskiLa1DDNNBOl2Gn378-bq14wcpKQFTWlKerL80kPBt2H9wTll-YgmAY8tExe6SoQiNb_kYdvPKSLCJ6Er52aUwWEmaIohXb5-pNDl9UqurEZzc-oXTellcIOt7qrrh9i4jekfZj81lb9l0MDEfMhk6c87j_vc6VHr-GW6yLp5imrfGVKACbeNqsJ3YKY_NwV_xvH_V_kieVhdvxjS4JLT387PGsCdxseYucu8oAt6RSkVq5mtgc_Xa5LfO0HC3KZ45tNbFWYKvxOE2zk4ZygoNjk2r_Ci5maxxxiCp3WhXLOAr6_C-v0o3278vG7nZV72OV_QFqDuO-P9NK-Vkgj_uNDJm-XMgAGHWd9590bVZlC8HXiJZP5bAWras3z426v0qA6_bkZoREYMEtD4dZjZg9mwJWnxyMONC7N40st6jHoCuYLHzPAZfmzANi7364VjI4ggWw-zzqQS-YWpOcy67_1HPNmjrRSrOA3SE0t0WGQ-LAD7Dfq8AYVXgTJwNuno2oXea1wuUr10vBBp33wBY0ybRXaDdDrRJC8oF_C7WC_9_v8gMcGyX2-wN-xTZ5tnZ7OeLs0ZYMMhnLWL0aA7ykJSHegLoD2fNsVW932J8-hTsGlhCHcgrez_8IMXLjARJAYm1wylwGWX6t-T2tDu__zgEOs4KeLj9FjKFq3BUEMkA83Cz-RzKpZ1_xQlLEH0V2sdSzM_WrlpM8Mnvjd4Ymj5Uh0fJWxgw5iOzvrr5DZuMWvnsZUxVxVhOkMJIglueCw_-O7wxGrcodHI8NuOBOqTL0Eh560yVBoorGpbl51mBX0WR9u0mA5TQDGJFr5G2xSJTc3NGRLS2X2UcCPRxpq-Tv3AZm4d4fvLIBLE3hMmsbFHNiFbBqtko0OJXG-Ii4XVdFDiajSuyKc5zJvQKIDhgpi8cZk7Q-dMpRvbp1DKKuZpufkGNfl98VSGzCoT9LUs04jbH8wvScG_oxz5g&sai=AMfl-YQtxaUOTTivkQQusf2sXUWorQI2NECERU5j6cu113HGSrwQ8rro6e2oB2_v_EXuEStDNxlIWGEnXeN17cuKlBWmaYpf_KI_n3ODvwNeSIE0aK6wnUloocDwHv7-CQtD08SJqNDceTG5EDsirw7gEhzM-fD8SZ8HDtF4G-DrkzEjxndNV2CmRllC6kDb6Rz3kdO9MXI-AsKvQ06J3b5rJ5aq3YjEeq8YiAE475oehVrLqhzU-m1tZiUPpbx1d8XqQcXSHZpIWYo0zTFYPrEO9LUx52YoptoPeVpFOWU6oA&sig=Cg0ArKJSzM5NXpbXMdDNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=405&cbvp=1&cstd=402&cisv=r20221110.95815&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:52 GMT
4.js
static.adsafeprotected.com/ Frame 7687
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1190396/65998078/4.js?adContainerId=brand_safety_ywWGY5SrLM3d7_UPjM-dmAE&cbFunctionName=goog_wrapCb_ywWGY5SrLM3d7_UPjM-dmAE&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ywWGY5SrLM3d7_UPjM-dmAE&cbFunctionName=goog_wrapCb_ywWGY5SrLM3d7_UPjM-dmAE&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ywWGY5SrLM3d7_UPjM-dmAE&cbFunctionName=goog_wrapCb_ywWGY5SrLM3d7_UPjM-dmAE&true_pb=
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-77.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
JwdpjwpdyHox6arBzJBAYLJeHm3pnPTp
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date
Mon, 28 Nov 2022 19:50:38 GMT
x-amz-cf-pop
FRA53-C1
age
62655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 21 Nov 2022 19:50:37 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
wT_II6C7g413P3sOWOq2ZNPtXJyDgsH0QUqARQQLgiyt2s89x9tbAA==

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
app19.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ywWGY5SrLM3d7_UPjM-dmAE&cbFunctionName=goog_wrapCb_ywWGY5SrLM3d7_UPjM-dmAE&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame C582 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-77.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
5953116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
uxQ6c0-2q9qjaEZkrbTpQrppixy_QNevcjzsvtBF-ajKIPn4Z7Ac4A==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D66E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGc_txpW8xal6r72HT-SsgSSvJlxif7UG51P4IiXI9_fuTK9SW379OOExMUaPpvEKiUKk9uChzrcHYV-Xif-BZeyieodYZraBmA_aTNgZTDC04YNvwFcnv0SBEP_uKoKtjba6F9_Tplb0iZiwy23MDvKTDcC-a1dD97Vpir2BSzZcMbsw&cry=1&dbm_d=AKAmf-AErUTnQlWPJayOjryJ2bAP0SCPTCrjPD5h1A7n0ROvYWHrVPAKwvJ2uU5DXtG3AJ05acPyB3UKHTvX9AsQfONQGgNa6rtLLNTgXZ9gzfG3tHndijrx23ZCN8DKLiO8Z7zjrVQLnZ63HNNFxODk3vrPyWBHenuncu3UgymYdE2u3NU2zl7YbdK6jKkU6y3JW40eLHMTVsQz0rikXWCSsgvgZO4VAtmdnyP8VKZ6HX5o0ZFEuTGxi6Xex0FwozM25Jb5C_IJNcn_YiE2cedxuQZC0I5rJKQperi9KY0RSnnWDNk4SPMYbFCf7bA2m8AuoaxtCi9eWvT4AHKciou9nn-C4s0oSAbsIvtH2yH_On546krcxPiMBZGQJ2PWJAKLY1pzSwlxDvPDc4nADepjwPB25CQb95uyKEelEHbS6hyN-5jV_QOF-5hi_v4VTV2hOcZ5lHLagol-IN0n0s3tYVkKncvSGrDDWDwSuK8hV9Gdrwm0UMVbOocWUZuOrornTC7oOPBnbI5IkFmJb1mhffN4zMT8IzL2txOdanC8ZQtsUO1X2n9CZII25pBzhYWed6N83U9EIZpMJQ9nHlQ70DnWh2e66HjVRk5-6YRaV0lqfODI5o_MPjf1NlFasQ5fnpWfrAbzjhQOEmOZZqPWI74g_8l97qD4J9vIBPl3CCaFMvyDi_gH90UVLyP_5lh9nAyzWTF5ZofG3sZzB5bXYB38TIBN92LS5xvs_jM_LQBLmLvnQHJ9-q4wpRjiD6cvlkXTc93pTo16aPKI7xkapvEMGoWy7akr5AxedzV-uSoluxU3INqABuzNqqh41gjPOgyBmERKV-DUYH8iCtTogeegKic0f0gLm_sdvA5whIf30ymxgL7MYXHwhHrAJC7m466ZEL2HO2K5ZiHmjCKRIA1rhmJEFzZoUxybNpTS4LXqiNkCi2WCQDdZrY-580s-9urxX_6YhFECUxLfYHpHi_-dTsIQ9miriMAvtZKDhd6iWH4qEnqbNF8SBVbwWrhKSg1S2IQ3W63QnEobkDAo8zTR2DHTg7-i8wuJGhcvtFxQJJpgKoVdMHGKOKnWDhQrIU_OC1IgBMEx7slgG0NDklVoDENlhZUIjlj-wxi2My_U2thHxRx1-ZgWrRAscnqN6egN3IHtKgLfXDiH8nBWT0ETcgr6_WhAOE5jabxw1RyIK4aBehgMEjPaC2z3jbXjQ79cr3U7vsVlrNC8NjwcsTCyjaFoKX0xCnqXurbys7YTlgq1nhx2fITqfnWNDInf37rPL-ghqXDWVYXN_JdNBXi7yGCoOJo_aIEZLj-_0r4YEzalT6ru9y9RKI118YsQ267KvI0d0x58XA5sRKiCrA_yb4Xxy3zwIAddef9xOBKpZWsljN1nFGEslV_K1HOJ9YqmgOKi_tQBH33_kS7u7Lev979GsJbskHsQ-GyH8u41k5K1QpA5A9ASXTnv8vAvwi1K6mqSHwW08Y7wF70jSTVjTEqO3MVKkI7uzyoKqw9KWMi3eeBwhWwCHWE0gPH9uCx7vg3w1_xHxPm1egljAYw24ioDTRGPfommqGu-OsNkHM4mvQU0UPQ5i1HObJ7L8pPetwHOUa-dle0PKiFmrCZrasuBE6H11_GdItMSATgHCFBaR_iWY0GuKDpmkupYx0QYKAdovuD3rJ-QfOYa2my66D8vW-5iAmZImrhugmgSF6rI3R5LvZX994ucOgOg8jkPblWScf4uIXCkqNCp2FqTZfDKD83V1FwbVTZbWLn8KAwa7jHbd93Vu4pJ_ve7QwpvKvgHVbacmz63BtwmqB923fjYb1foH0Mh1BilSgUxekdCjh7lI_59x4VzNi8jzunk19wdE4iHc-BBI6_TY7BxDQGxz5_Rgs5neIODlxx2W_WXHw881J3NhuhBRYEkPJwr-NHK7tylh-tyejZNjqAG5FPgJ3pKjRPWYZ0U-eC9p4Mr_mddFM-fOF23bXsn3Az87D6oPsCaXjDxsmgQFISRxWTUsaQnZm_5_BStOAoaJygNWWNxa4sFj8SLJquc0sxvA7Y6JRRTQZlogdrOMurRPa0ozGkrskH1_bHEjPhbjFWxAHklcUwW4wZ9VF-sOXtVdpy3RdZK7PZ4SNI0JAeYg4oz3O8yfRiCF9rJUVkEM6k_rX7S_ATPV6w7XwCK3EwBLHCyfBzwqS_lpcR39gzUnoo5d4ADvhJCnw51O5SM8isIAVCz9phmrfQbawekP5GCLKj1XfKGyNjVfLeHnMLjZLJMIRVfZZoRJR4IpIAk-gwyg4DX7LcimnLVsvavfaqnrdZ9z_aYnVe3PlryK7QlgXmFVuYaXaCRgUs3SUvzHy03cJmSU-YTAMu5bFynOyQOYvbpyfh2Eu1CXsKsSnrDp0-NtEAqeUXBeNv3VN9SRLz45Lm4tMkBZ01MmO-77WtKpjagdygT4CJvuKMlUFc2ILBmblqmX41HInJlgenRxIHwlEXG0H7upsnXNCw7IU6OK02H1QOTbZ7xRrKqRze0IzzaddiY6XAp5nMjE_JtURAXInbT5PmwUc7oQ2iMXwn7PIUSv0-sKqt9tFbACtGB2Cio4oxcj2U0PxSfZBWj0KfkNm2jjOqx_auNgaWBKfG5q42KGtCmpkMWeJFAK7NF6h2NBFUqm7BBNQ92QLl3ZHakRJouyu28RT6YdV-ZX0jGxLEeFXnucY-VyvEbs2I4K3in_urM4gxHmrGN87waW-XTN6BBWGKIZ8qkMgKiwxZVrBdJx51_mtTv2evVJBfFWeUENPMZQcVN4KAld5aIz8F_5jQXwbABEsBxASNQwDI6L3bxrXZd9QfdjgS2KroDDiTiJg&cid=CAQSOwDq26N9ETpM69-9QIlBu2Qsb-L-_pFpcmKVq84-DZmedCfN2T9LqTDFYhYCohty4O7_dGcz2_QNOT28GAEgEw&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:22:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 12:22:14 GMT
handler.svg
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		859 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/handler.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
9e391f70821c1f3c49a2d9a9a2e1b6085fcd1f5aafe404258adbd024a9bef517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
392
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:54:50 GMT
bg-1.jpg
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/bg-1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
46372e0e193b38780216e7f2e828bf072726f0458a14320ebf8afbc99c3d58d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 09:06:20 GMT
x-content-type-options
nosniff
age
533312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46212
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 09:06:20 GMT
bg-2.jpg
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/bg-2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
f96ebacb9442b4d6eb1067d6bec03595f7f0ab6f91aad5785e980586e6ef1950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:50 GMT
x-content-type-options
nosniff
age
523202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66852
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:54:50 GMT
bg-3.jpg
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/bg-3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
1c1e8a9e1341b6291660caf4c03c37cf6986b1431b5d3cd5486942d47373bb2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:50 GMT
x-content-type-options
nosniff
age
523202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62322
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:54:50 GMT
bg-4.jpg
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/bg-4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
1be23127b9a0bc74d3169b97c2a85e6ccf4d2aa7b0a12ffa6077c9ae2342c93f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:50 GMT
x-content-type-options
nosniff
age
523202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58033
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:54:50 GMT
button.svg
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		1 KB
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/button.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
990bc5b02fcb52bb6eb28a3bb246b668a3609f906a8b3ab504dd528c95e70328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:54:50 GMT
logo.svg
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
748735a831b31b735e397d4928ecf548aa9583136644b8989f5897db1f97e18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5994
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:54:50 GMT
dt
dt.adsafeprotected.com/ Frame 7687 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1190396&asId=28a8be3c-e7e4-6c55-84eb-3c31a2bdd451&tv=%7Bc:vmuBOV,pingTime:-3,time:80,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:80,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1190396-65998078%7C181%7C182%7C191%7C1a%7C1b%7C1c1,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:26%7D&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 7687 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1190396&asId=28a8be3c-e7e4-6c55-84eb-3c31a2bdd451&tv=%7Bc:vmuBOW,pingTime:-6,time:81,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:81,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B73~0%5D,as:%5B73~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1190396-65998078%7C181%7C182%7C191%7C1a%7C1b%7C1c1,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:26%7D&tpiLookup=ao:ba.n1info.com*&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adj
bid.g.doubleclick.net/xbbe/creative/ Frame D66E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQG...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQf...
65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQfoCl54np8Ez78vQ2e2hlwgFYsy3m6k2XYWJN6h1wMyzYI8xMSYkE9rV9umTudlHyJpelLjbCLXfODRbZJbWjoeceWwHanpFz1qESqRQAoCZ_4OcWFzBKnUHGOt6r6N5ISwCUXeBNEe_W-5aXDzuAAqu41UTZC82J6Sus0-No3zyEZwj14pon5bcdgYD2cxIRpbbF2jWaotDh4tw8OkXCccLL2hXZ0VGSTzg80AJvFAsLOPGte5NmkJ9ovzZqPFOAt7JBBJ0LoOzE_vzTxgO6SLqLsPKyUI5_ojgm5-dKJy9zc_2dHHcAwI5KFvOcZNspvbYXK20q_8j1X9l_Odp2aV4Cp23-xtTwhp774Q8LSChGObvC8TmSZFDb6qkiRDSLTKLt7kOP5Ers5HY_Pg5-pctrwzbzwkz9dsMZfshlTbV_HdtCvZwCnwQ3SHnXraDCCKQS_RiwKmLZpxQrsSADaZOSgjmH0aoULkUqxh9N5lWGLLxlrmg9b1z3XRdTtL9kf6e5pd2xSN7nxz5ZBzqkuA-LuDe84UxG-4v6L--FjK1E3kWS54if2vrFOUGB70iKyQBDoelKFc7zy0o5GOXe5Ruuotd0pXFod9WNkd9GSKMQR1E-VfzzKbfF-0iGRde7Zv2cw45S6vQjnOp62bf3E2c-Q_0QzkDQzab5OXHhIJcKtcOg5y9HpkeWo5kRsT4WR0PuP6Y9fTi_ZZtzJh8x6qtKd5_Xz8Vgn_yA5WAXoP7UTyqWf9ywr3P4GgWzohUjPkE9Tsa64Gu66YogB8ChYee6SqiqpWhfRhAQRcetdJmrDpjVgjvrAbCaueg8OXdLYDmYVv0TNyy3eN-kCMq7s5duiC6A1UuL2T8MBY1MCL1RcHZEF2KS8N9xPZZndONXGFQW41cc44pqDStW9K3D9OCiEU-aqUDlr9hrblMFzbOENQCLZHXnmmoscEaEC8dmZWNI2jOGXyOH7JmhPE-Q_YCiPiHDRpPrZL7rQUb5RP-b1xUSJqi2GV4f_fvHliQdE-B8TEhxgKDFGvkssiCF9ZYcHTlsEzcHnOJHgDd3DXnn4K51Skc8yuGN2ew5le-5vWjhYKezOnFo-jFodAeAy0n-a9aSS5sc1QlNGxv69PSBqobfuSfWRfmt17IUzPDqLMJ4T3Tgcc-6DlGchptoj-Du1sEWXcv8tXpm-wfAtSM01TUAL3e9tZqoYtfX3dfATwG2umoBmq4_9o6_RyGmXDubXA98_Q2IpbQBZ_CrjSa2IJYk7BWneSBmDhmAq_QYErWqezcSmqrm_xIQVeTRDvQu1AH7_Ghpp80znGoR021hL2SHXA28M3mbthKxeS21VYp8qF8CwEbWvLpAsWer94qeCQSODXv6bWd6-li_kkeUwJMB_XjTg6jNoLUeYORTE5z8LlS2rKSpj9ecSolvYMsYX9IahUQEcUIqe6qf9H4S7DgZJHCPXn4OWydSybQWW-bzqn81_SHLbOVgLg-6UiL5iZb9J1N4e1N9HLE5onembAw_QMlCXZjI6xppANgQoHWlHjvvZ0odpSeCJnlzcLpt1vyI-qP8WSL3yLAd7LutG5MUr979-yq_LdtEbnoNQRRCCz-s-jxtAetdTnxOIOE5KiZNHz9iAC6jkwjVYy22hEDMDO1XfYFLRUuYMqzbK1RFzUCNniRd5SOsRG51i8oWiIcJ93tl7oTdRz5MEK2kJbFGGdfbGC051wZ1pPv0p38DCGlh2zZZeSTRSNmWXoG92kf3qm5XmDFm2bFTYV5njhnWA6GFtLaQu5csYFBrwx1O8ZIkwXs1cm0ryi1tJyC2kc93hEyWXYTMiKseqFh1ioQk8MDW5kyhPg5VePGCEk1olOlOEkzjykEKAIaDiuXBYwvsHADDKvQN_gcy3gWIo51YPCH83IHJyxTkLTKWFCbrCIqAbQMtwG-nVr7ekeHqdBPDuWD4Kt9i0FWaI3JZn1tFwj911JrafNDbPhZjSgxD0SvoCsdQJoFSYRB1I7zvVZtGHdEObULXHA0i5RbuotzrZey2zbFSbN8fv9BM3P2glMoC5LZbfQx7sq35jfLfpmjWsZR41zt_kkLMGTyt5fiU5ewEweH_m2mE_hqQvkHZdG6axCWUF30hpKPAcYJLxmH2r3Sz4QcRs88f2Z4jrni3obY7HjDDJVHWuUKPoHkt9LmD8XDgOP1dbVgm0K9Uhqxm4mb1C1Z2S4s1wwRDjo8TbgWBTU2CTPnovFVccw_3rveFkrmJnc7a5haO6mnzuctg9bhMw8MOZvQ3F3lFwhmgz_QZjB8Vgs49ETofhRMpfWVCBpVTb7aWOF9I6n7rvxZL7zXxFMpTAPmAvWE7PnwMOf4hC7TVM7WTqRBzolkqrk-syrbvygks1klhOwYjRAhuzdRoaYh242MiO0w5e7CI5fUMayHwPeHhP9TqodSw10PzO3qmXJpBT650Ds_K3_GNR8j1ZCSrKi3NkvWXXoHY9L5Ldac3TvdyDOLl1JVRgSIuXovtBclgXZ8LwcqJ4328vfg9RtbxiQOrjgfZ2re-zxv3cJW2PHBiY-KdOQYTsaTEErdqaLelddvPWWkYea5Qy7J6Wm3JLWEmaDVWok1hR1i2ZD5x6uB6xqomcFkfoihStJ-WUVuijAfwl9NcQW7cGJ2Wkd2JYIVBUrYOPLK61ZY0mK9touY3mND2t6gZqwuOczxmv8afqoMq7mBMzdjLUoPfS002C86LYsiA04gk_XLveJQ5YWEAfUYmwxpM2RdNdwV0ajqKDioyNEpBWD7fueEttFEsFV-Yfo_DoM0pJcqjQ3vwTqqE3OToVqQDRTuc853WyhzuA5k5A3cOjQDrUI4aWiOSmbwi8drPh8YK9-32z9lDi4CRWQG7YIDgMwsOWVa7JorBFm-SAJsvE_9-qdra31hE_gnMNqXb5K5MlUBnbi1GeFluNBLLiMrLOrLihVXTn3JjkF1PE3CVPGB_N7rlWP8bcUOiP1p0d3mSQcgfxP96HnwjBmpu2VYIK0Uf5ZZ9IFYcxzjVguUXoo6bEM-d7s81M9GMIjNEFX2m00Ah2DdZfB-5bxNBUT95Q2zzTvzBQxBrICjaciMjn0g2RhyfTr2ZD_DeLAXL_psXJQitFFHe_5QFnrW0N3IrvVVkHUTRJCE8DFIDfniFSnjQqJsfjl4iQ9sGZirnfmcNsmScXWFLqwcKWLW6mzhSdpBuLv4DIb1OgoNYFcS7lCWeEmFJn0hZRblKNVJ8GoHOPOqXOsc1jERzvfFQ2zXEnPnYOc0DmqNsTLV0oWjOnWnAkmMcR7q5Hl7LT4ZaZgXE03ZvisLjCV27thjSx07Dy8LOnYHFAb4WX8DWnTdrC-Md2QXRZQIoJ9mqL_1CzdBu_UKKKx2GebJj164mu6nPMD46AS32IkZcHQHXpZY5hRK4a1Ne9iTmE1onMHN1RFSLtly__66i6sZNEWb1mgVw1vpliTRV72aEoz9jI1uzKdXns5iddQR4MA846NJqOE3CRPIiMSCDRVz2lIWTuqa55E84Hmqt3xMWtnwmQy8Cxl4PYgfXgf2YQUTJzqBy06UupVYaQwgEEjsA6tujfRE6TOvfvUCJQbtkLG_i_v6RaXJilavOPg2ZnnQnzdk_S6kwxWIWAqIbcuDu_3RnM9v0DTk9vBgBIBNgAQ
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
cafe /
Resource Hash
7bec5836c60d7584f378278efdadf7cf479a41cbea164a7842a285c8f6172b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23019
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQfoCl54np8Ez78vQ2e2hlwgFYsy3m6k2XYWJN6h1wMyzYI8xMSYkE9rV9umTudlHyJpelLjbCLXfODRbZJbWjoeceWwHanpFz1qESqRQAoCZ_4OcWFzBKnUHGOt6r6N5ISwCUXeBNEe_W-5aXDzuAAqu41UTZC82J6Sus0-No3zyEZwj14pon5bcdgYD2cxIRpbbF2jWaotDh4tw8OkXCccLL2hXZ0VGSTzg80AJvFAsLOPGte5NmkJ9ovzZqPFOAt7JBBJ0LoOzE_vzTxgO6SLqLsPKyUI5_ojgm5-dKJy9zc_2dHHcAwI5KFvOcZNspvbYXK20q_8j1X9l_Odp2aV4Cp23-xtTwhp774Q8LSChGObvC8TmSZFDb6qkiRDSLTKLt7kOP5Ers5HY_Pg5-pctrwzbzwkz9dsMZfshlTbV_HdtCvZwCnwQ3SHnXraDCCKQS_RiwKmLZpxQrsSADaZOSgjmH0aoULkUqxh9N5lWGLLxlrmg9b1z3XRdTtL9kf6e5pd2xSN7nxz5ZBzqkuA-LuDe84UxG-4v6L--FjK1E3kWS54if2vrFOUGB70iKyQBDoelKFc7zy0o5GOXe5Ruuotd0pXFod9WNkd9GSKMQR1E-VfzzKbfF-0iGRde7Zv2cw45S6vQjnOp62bf3E2c-Q_0QzkDQzab5OXHhIJcKtcOg5y9HpkeWo5kRsT4WR0PuP6Y9fTi_ZZtzJh8x6qtKd5_Xz8Vgn_yA5WAXoP7UTyqWf9ywr3P4GgWzohUjPkE9Tsa64Gu66YogB8ChYee6SqiqpWhfRhAQRcetdJmrDpjVgjvrAbCaueg8OXdLYDmYVv0TNyy3eN-kCMq7s5duiC6A1UuL2T8MBY1MCL1RcHZEF2KS8N9xPZZndONXGFQW41cc44pqDStW9K3D9OCiEU-aqUDlr9hrblMFzbOENQCLZHXnmmoscEaEC8dmZWNI2jOGXyOH7JmhPE-Q_YCiPiHDRpPrZL7rQUb5RP-b1xUSJqi2GV4f_fvHliQdE-B8TEhxgKDFGvkssiCF9ZYcHTlsEzcHnOJHgDd3DXnn4K51Skc8yuGN2ew5le-5vWjhYKezOnFo-jFodAeAy0n-a9aSS5sc1QlNGxv69PSBqobfuSfWRfmt17IUzPDqLMJ4T3Tgcc-6DlGchptoj-Du1sEWXcv8tXpm-wfAtSM01TUAL3e9tZqoYtfX3dfATwG2umoBmq4_9o6_RyGmXDubXA98_Q2IpbQBZ_CrjSa2IJYk7BWneSBmDhmAq_QYErWqezcSmqrm_xIQVeTRDvQu1AH7_Ghpp80znGoR021hL2SHXA28M3mbthKxeS21VYp8qF8CwEbWvLpAsWer94qeCQSODXv6bWd6-li_kkeUwJMB_XjTg6jNoLUeYORTE5z8LlS2rKSpj9ecSolvYMsYX9IahUQEcUIqe6qf9H4S7DgZJHCPXn4OWydSybQWW-bzqn81_SHLbOVgLg-6UiL5iZb9J1N4e1N9HLE5onembAw_QMlCXZjI6xppANgQoHWlHjvvZ0odpSeCJnlzcLpt1vyI-qP8WSL3yLAd7LutG5MUr979-yq_LdtEbnoNQRRCCz-s-jxtAetdTnxOIOE5KiZNHz9iAC6jkwjVYy22hEDMDO1XfYFLRUuYMqzbK1RFzUCNniRd5SOsRG51i8oWiIcJ93tl7oTdRz5MEK2kJbFGGdfbGC051wZ1pPv0p38DCGlh2zZZeSTRSNmWXoG92kf3qm5XmDFm2bFTYV5njhnWA6GFtLaQu5csYFBrwx1O8ZIkwXs1cm0ryi1tJyC2kc93hEyWXYTMiKseqFh1ioQk8MDW5kyhPg5VePGCEk1olOlOEkzjykEKAIaDiuXBYwvsHADDKvQN_gcy3gWIo51YPCH83IHJyxTkLTKWFCbrCIqAbQMtwG-nVr7ekeHqdBPDuWD4Kt9i0FWaI3JZn1tFwj911JrafNDbPhZjSgxD0SvoCsdQJoFSYRB1I7zvVZtGHdEObULXHA0i5RbuotzrZey2zbFSbN8fv9BM3P2glMoC5LZbfQx7sq35jfLfpmjWsZR41zt_kkLMGTyt5fiU5ewEweH_m2mE_hqQvkHZdG6axCWUF30hpKPAcYJLxmH2r3Sz4QcRs88f2Z4jrni3obY7HjDDJVHWuUKPoHkt9LmD8XDgOP1dbVgm0K9Uhqxm4mb1C1Z2S4s1wwRDjo8TbgWBTU2CTPnovFVccw_3rveFkrmJnc7a5haO6mnzuctg9bhMw8MOZvQ3F3lFwhmgz_QZjB8Vgs49ETofhRMpfWVCBpVTb7aWOF9I6n7rvxZL7zXxFMpTAPmAvWE7PnwMOf4hC7TVM7WTqRBzolkqrk-syrbvygks1klhOwYjRAhuzdRoaYh242MiO0w5e7CI5fUMayHwPeHhP9TqodSw10PzO3qmXJpBT650Ds_K3_GNR8j1ZCSrKi3NkvWXXoHY9L5Ldac3TvdyDOLl1JVRgSIuXovtBclgXZ8LwcqJ4328vfg9RtbxiQOrjgfZ2re-zxv3cJW2PHBiY-KdOQYTsaTEErdqaLelddvPWWkYea5Qy7J6Wm3JLWEmaDVWok1hR1i2ZD5x6uB6xqomcFkfoihStJ-WUVuijAfwl9NcQW7cGJ2Wkd2JYIVBUrYOPLK61ZY0mK9touY3mND2t6gZqwuOczxmv8afqoMq7mBMzdjLUoPfS002C86LYsiA04gk_XLveJQ5YWEAfUYmwxpM2RdNdwV0ajqKDioyNEpBWD7fueEttFEsFV-Yfo_DoM0pJcqjQ3vwTqqE3OToVqQDRTuc853WyhzuA5k5A3cOjQDrUI4aWiOSmbwi8drPh8YK9-32z9lDi4CRWQG7YIDgMwsOWVa7JorBFm-SAJsvE_9-qdra31hE_gnMNqXb5K5MlUBnbi1GeFluNBLLiMrLOrLihVXTn3JjkF1PE3CVPGB_N7rlWP8bcUOiP1p0d3mSQcgfxP96HnwjBmpu2VYIK0Uf5ZZ9IFYcxzjVguUXoo6bEM-d7s81M9GMIjNEFX2m00Ah2DdZfB-5bxNBUT95Q2zzTvzBQxBrICjaciMjn0g2RhyfTr2ZD_DeLAXL_psXJQitFFHe_5QFnrW0N3IrvVVkHUTRJCE8DFIDfniFSnjQqJsfjl4iQ9sGZirnfmcNsmScXWFLqwcKWLW6mzhSdpBuLv4DIb1OgoNYFcS7lCWeEmFJn0hZRblKNVJ8GoHOPOqXOsc1jERzvfFQ2zXEnPnYOc0DmqNsTLV0oWjOnWnAkmMcR7q5Hl7LT4ZaZgXE03ZvisLjCV27thjSx07Dy8LOnYHFAb4WX8DWnTdrC-Md2QXRZQIoJ9mqL_1CzdBu_UKKKx2GebJj164mu6nPMD46AS32IkZcHQHXpZY5hRK4a1Ne9iTmE1onMHN1RFSLtly__66i6sZNEWb1mgVw1vpliTRV72aEoz9jI1uzKdXns5iddQR4MA846NJqOE3CRPIiMSCDRVz2lIWTuqa55E84Hmqt3xMWtnwmQy8Cxl4PYgfXgf2YQUTJzqBy06UupVYaQwgEEjsA6tujfRE6TOvfvUCJQbtkLG_i_v6RaXJilavOPg2ZnnQnzdk_S6kwxWIWAqIbcuDu_3RnM9v0DTk9vBgBIBNgAQ
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8E8D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-77.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
5953116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
yETI1kJ43AE7iZMTOg1Yg6_VRx4Ggf7tbx4vwxVsO--sapEWFn4k6A==
dt
dt.adsafeprotected.com/ Frame 7687 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1190396&asId=28a8be3c-e7e4-6c55-84eb-3c31a2bdd451&tv=%7Bc:vmuBQ1,pingTime:-2,time:148,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:447,mdZ:700,beA:873,beZ:875,mfA:877,cmA:879,inA:879,inZ:884,prA:884,prZ:892,si:899,poA:900,poZ:923,cmZ:923,mfZ:923,loA:954,loZ:956,ltA:1021,ltZ:1021%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1190396-65998078%7C181%7C182%7C191%7C1a%7C1b%7C1c1,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:26,sinceFw:120,readyFired:true%7D&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8F02 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 04:25:46 GMT
expires
Wed, 29 Nov 2023 04:25:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tag.js
mc.yandex.ru/metrika/ 		209 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 17:04:33 GMT
etag
"6384bff1-11e96"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73366
expires
Tue, 29 Nov 2022 14:14:52 GMT
dt
dt.adsafeprotected.com/ Frame D66E 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=c78623e2-b186-5c67-36c0-d5191a578926&tv=%7Bc:vmuBQu,pingTime:-3,time:85,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7eBf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C191%7C1a%7C1b%7C1c*.1103447-64557517%7C1c1,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame D66E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=c78623e2-b186-5c67-36c0-d5191a578926&tv=%7Bc:vmuBQw,pingTime:-6,time:87,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7eBf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C191%7C1a%7C1b%7C1c*.1103447-64557517%7C1c1,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:ba.n1info.com*&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sequel-55.woff
s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/ Frame 5759 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/sequel-55.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
b79969bfe5205648c47230516c4f7da363bbc37cfcf56057abb24c8fbc34d747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13971516427212692199/CD~Alfa%20Romeo%20PAC_LG~DE_TA-Jetzt%20leasen_PR-Giulia_SZ~728x90_FF~None/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:54:50 GMT
x-content-type-options
nosniff
age
523202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23924
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:05:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:54:50 GMT
/
track.adform.net/csimpr/ Frame 1505 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59684398&csi=QZOwN7A5VPF4uNMt8qS8rnm299XZQQTpm53bPGXak1YJDwKV3Zer3D8lDpY3EfPkREZrQaylhxBij2gzJ3C0x2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12048960.jpeg
s1.adform.net/Banners/Elements/Files/2104702/ Frame 1505 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12048960.jpeg?ADFassetID=12048960&bv=0
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d9216c83cfc704feeb678caf5556bf4dc11f5d52d98760f1ea80e944865f55a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
last-modified
Mon, 21 Nov 2022 14:16:56 GMT
server
nginx
x-amz-request-id
tx00000a3affbcfdebcad91-00637b9c96-329354d9-default
etag
"2b896b0e6c55910b638dc6aa122dbad6"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
39954
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0F02 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 04:25:46 GMT
expires
Wed, 29 Nov 2023 04:25:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7D0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0THoP-u-1SKavOT4UWQCtSRlXUD3uw4Ffq9Ji3RXGKimHIIV0ZVL20Da_jpBq6hwh8TACSVSykNV8z0n8tMujITgrhzu66CUnOrvZgTOwAmMUT7_i46GT5ObMvApgbT6UBLjEJQczC70g3VL8UZ3D2dEylCYm-sGHfnRLlADTeWH2XZaujMu7tpAUjKUz83fbX79M6h-HkPz4mC-UeYs-8Ex0caZoMYIfJKmdJqcLDMlkwhRUOLB3_zBULS9ND9iQkYMJbfjmLs6mxIMmdq1Vsd6Fhau5zebPJk6VCm4S9ctabLmYOB2RUlQ8H_xiB5t6Ca4zN-W4WYU&sai=AMfl-YQLnZX2r5HmcvQ4rEP0j_xMRZpTFy_EBpTFocZgHfE5n8c4u38tPLS0sPbtJztqgPsftsAPtcHPbKvvZYBX7HWHbMYbh4fJ6mz6Ln0pn9ibpj3qG6nyW2X1pibGbAu6&sig=Cg0ArKJSzChpw6tEguXwEAE&uach_m=[UACH]&adurl=
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7D0B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:13:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
3690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:13:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D0B 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 13:14:52 GMT
6965042875740471069
tpc.googlesyndication.com/simgad/ Frame 7D0B 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6965042875740471069
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
5f16a44a44f6bc9fa32e54dad3293ed61d386629b48a7221bece130d8b8abe8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 08:31:21 GMT
x-content-type-options
nosniff
age
17011
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61520
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 08:22:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 Nov 2023 08:31:21 GMT
l
www.google.com/ads/measurement/ Frame 7D0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWqlmemfRMBiGWcWf5LbLPCEvEqLl4E2c4FFuTCi9FknAAX9mykerIk15NkLXWmyTt3UsL71wgEIZvGOXCFEMk5Qlx2Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame D66E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=c78623e2-b186-5c67-36c0-d5191a578926&tv=%7Bc:vmuBRx,pingTime:-2,time:150,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:399,beZ:400,mfA:402,cmA:403,inA:403,inZ:407,prA:407,prZ:413,si:419,poA:420,poZ:442,cmZ:442,mfZ:442,loA:485,loZ:488,ltA:549,ltZ:549%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B144~0%5D,as:%5B144~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1190396-65998078%7C181%7C182%7C183%7C191%7C1a%7C1b%7C1c*.1103447-64557517%7C1c1,idMap:1c*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:128,readyFired:false%7D&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 7D0B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
550bfcdef7071fe75a44fa8954411401ec80ad4df12a27c2bb438a950f9ac3d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 7687 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHQZYK5dikKI5jsfZ9lPzBwwuZGfFvZ_RIIGbQM-yIst0sA_LS1V5hrMMHcV3sd5rnlBqMFOHRbeutXS-fCO8KwCsXNmemw7fJopSxTGP05ByuPuWbzphZG9oE601Gg1Moxwi33I6M212_EX_x2qn6wF9M1rAo7-rAQ0zXUSAMa54rPqwZuercKrmT-YV7TD8MUSbRWrbMwLPTIePR0q7nHsrqw8HLygkswlCIAjpWhZObYe6SxPIqtu8LMKMB1NYgdrF6BHqXPCHQEy-sW53oBoKjeEsskiLa1DDNNBOl2Gn378-bq14wcpKQFTWlKerL80kPBt2H9wTll-YgmAY8tExe6SoQiNb_kYdvPKSLCJ6Er52aUwWEmaIohXb5-pNDl9UqurEZzc-oXTellcIOt7qrrh9i4jekfZj81lb9l0MDEfMhk6c87j_vc6VHr-GW6yLp5imrfGVKACbeNqsJ3YKY_NwV_xvH_V_kieVhdvxjS4JLT387PGsCdxseYucu8oAt6RSkVq5mtgc_Xa5LfO0HC3KZ45tNbFWYKvxOE2zk4ZygoNjk2r_Ci5maxxxiCp3WhXLOAr6_C-v0o3278vG7nZV72OV_QFqDuO-P9NK-Vkgj_uNDJm-XMgAGHWd9590bVZlC8HXiJZP5bAWras3z426v0qA6_bkZoREYMEtD4dZjZg9mwJWnxyMONC7N40st6jHoCuYLHzPAZfmzANi7364VjI4ggWw-zzqQS-YWpOcy67_1HPNmjrRSrOA3SE0t0WGQ-LAD7Dfq8AYVXgTJwNuno2oXea1wuUr10vBBp33wBY0ybRXaDdDrRJC8oF_C7WC_9_v8gMcGyX2-wN-xTZ5tnZ7OeLs0ZYMMhnLWL0aA7ykJSHegLoD2fNsVW932J8-hTsGlhCHcgrez_8IMXLjARJAYm1wylwGWX6t-T2tDu__zgEOs4KeLj9FjKFq3BUEMkA83Cz-RzKpZ1_xQlLEH0V2sdSzM_WrlpM8Mnvjd4Ymj5Uh0fJWxgw5iOzvrr5DZuMWvnsZUxVxVhOkMJIglueCw_-O7wxGrcodHI8NuOBOqTL0Eh560yVBoorGpbl51mBX0WR9u0mA5TQDGJFr5G2xSJTc3NGRLS2X2UcCPRxpq-Tv3AZm4d4fvLIBLE3hMmsbFHNiFbBqtko0OJXG-Ii4XVdFDiajSuyKc5zJvQKIDhgpi8cZk7Q-dMpRvbp1DKKuZpufkGNfl98VSGzCoT9LUs04jbH8wvScG_oxz5g&sai=AMfl-YQtxaUOTTivkQQusf2sXUWorQI2NECERU5j6cu113HGSrwQ8rro6e2oB2_v_EXuEStDNxlIWGEnXeN17cuKlBWmaYpf_KI_n3ODvwNeSIE0aK6wnUloocDwHv7-CQtD08SJqNDceTG5EDsirw7gEhzM-fD8SZ8HDtF4G-DrkzEjxndNV2CmRllC6kDb6Rz3kdO9MXI-AsKvQ06J3b5rJ5aq3YjEeq8YiAE475oehVrLqhzU-m1tZiUPpbx1d8XqQcXSHZpIWYo0zTFYPrEO9LUx52YoptoPeVpFOWU6oA&sig=Cg0ArKJSzM5NXpbXMdDNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=677&vt=11&dtpt=272&dett=3&cstd=402&cisv=r20221110.95815&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdy8aB6l7sBmh2WWeUhTep5koxM8byfvRo3Hyao0c7asTfB5PYZq0b6mQm9r1ILbwYoryuFROLu3nhlWvPY3tYco9XYiRFS17LQG8bIrDWAYt5iMCHCHGSHzcX4v9wrSPWSQ0gNI3Da5MAxlLDZOzR7EDaBd5ekaaeAIORwDUJVDC8mxdA9VUam3rgerv1YQbW9UoVxkaOiZn47O6tO5LrMMsnDhUZclCY_kYbMs7gZbpOw0EerFbM4tenOj1cAUIoTa4PH2bCKb-RW0HjneJ9LfDi6f4gYNoTMyceKi2br83xxEQP8JZfYZQ1supantHEIv9k43jdEKh__5Ji4ll97pZqrdL7XInvti1s&sai=AMfl-YT_5RvVJTgPtx43mUcAmV-LPhoDjn1qVFhLNe4HVuevicJlLuWkWXHHbNhFWcQ2yLpjDxOxiJOOmvqKFViI9PuUka5AGA-xdk4OKYXOdJhCzh1IPb3e7ouyonQD-0O2-8v3b2UosHGT33K-qKEhBg&sig=Cg0ArKJSzF5PSSpvUM7yEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:52 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 8F02 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 21:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 21:51:48 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 0F02 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 21:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 21:51:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvG0ShfeyeH84sFjgatTdp5-td2lLkWOz7yLsjqidRsN_GMsY5Qg9tbObRe0ly6JkXlJfQ_rSJKlOTrW67pDpdzX6Oqvn5vqKjHU1Vp6sPUPK4U7EIcd3ebK70uQOy43xuQZB-umHTPVkDj1KZn6-bikLROb1BGWKYLq9grt4kmGG_1X2lSBgWjlNy4BBQxfzbIvpGbFEBGVvRyJ5PLNQwt68bW47aJ4_Rn0-YaHqGjDEJxi2dJgj14NvLBg9m-6K_RFLeSgIv3hGUa8r_TWuKzOZrLdLtL5z5-0KII1FN6Y63qxY9qgA7Xv5rKTw2l5G1RdSIvVcYQz6T4bw&sai=AMfl-YSeAHWaIihln4MML_qNGtwwxf7jwAhg-gCPQ5yANciFCN_uDGGKXBiwGWAFk5lZUF0cWzXs3E-gN3-gT8KGf7r5Gxxtl46vA6KI0kCGiJSRs4CqrtOVMiVnMkocilmq&sig=Cg0ArKJSzEhb4HV9XHtUEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:52 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D66E 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Nov 2022 10:22:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame D66E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQfoCl54np8Ez78vQ2e2hlwgFYsy3m6k2XYWJN6h1wMyzYI8xMSYkE9rV9umTudlHyJpelLjbCLXfODRbZJbWjoeceWwHanpFz1qESqRQAoCZ_4OcWFzBKnUHGOt6r6N5ISwCUXeBNEe_W-5aXDzuAAqu41UTZC82J6Sus0-No3zyEZwj14pon5bcdgYD2cxIRpbbF2jWaotDh4tw8OkXCccLL2hXZ0VGSTzg80AJvFAsLOPGte5NmkJ9ovzZqPFOAt7JBBJ0LoOzE_vzTxgO6SLqLsPKyUI5_ojgm5-dKJy9zc_2dHHcAwI5KFvOcZNspvbYXK20q_8j1X9l_Odp2aV4Cp23-xtTwhp774Q8LSChGObvC8TmSZFDb6qkiRDSLTKLt7kOP5Ers5HY_Pg5-pctrwzbzwkz9dsMZfshlTbV_HdtCvZwCnwQ3SHnXraDCCKQS_RiwKmLZpxQrsSADaZOSgjmH0aoULkUqxh9N5lWGLLxlrmg9b1z3XRdTtL9kf6e5pd2xSN7nxz5ZBzqkuA-LuDe84UxG-4v6L--FjK1E3kWS54if2vrFOUGB70iKyQBDoelKFc7zy0o5GOXe5Ruuotd0pXFod9WNkd9GSKMQR1E-VfzzKbfF-0iGRde7Zv2cw45S6vQjnOp62bf3E2c-Q_0QzkDQzab5OXHhIJcKtcOg5y9HpkeWo5kRsT4WR0PuP6Y9fTi_ZZtzJh8x6qtKd5_Xz8Vgn_yA5WAXoP7UTyqWf9ywr3P4GgWzohUjPkE9Tsa64Gu66YogB8ChYee6SqiqpWhfRhAQRcetdJmrDpjVgjvrAbCaueg8OXdLYDmYVv0TNyy3eN-kCMq7s5duiC6A1UuL2T8MBY1MCL1RcHZEF2KS8N9xPZZndONXGFQW41cc44pqDStW9K3D9OCiEU-aqUDlr9hrblMFzbOENQCLZHXnmmoscEaEC8dmZWNI2jOGXyOH7JmhPE-Q_YCiPiHDRpPrZL7rQUb5RP-b1xUSJqi2GV4f_fvHliQdE-B8TEhxgKDFGvkssiCF9ZYcHTlsEzcHnOJHgDd3DXnn4K51Skc8yuGN2ew5le-5vWjhYKezOnFo-jFodAeAy0n-a9aSS5sc1QlNGxv69PSBqobfuSfWRfmt17IUzPDqLMJ4T3Tgcc-6DlGchptoj-Du1sEWXcv8tXpm-wfAtSM01TUAL3e9tZqoYtfX3dfATwG2umoBmq4_9o6_RyGmXDubXA98_Q2IpbQBZ_CrjSa2IJYk7BWneSBmDhmAq_QYErWqezcSmqrm_xIQVeTRDvQu1AH7_Ghpp80znGoR021hL2SHXA28M3mbthKxeS21VYp8qF8CwEbWvLpAsWer94qeCQSODXv6bWd6-li_kkeUwJMB_XjTg6jNoLUeYORTE5z8LlS2rKSpj9ecSolvYMsYX9IahUQEcUIqe6qf9H4S7DgZJHCPXn4OWydSybQWW-bzqn81_SHLbOVgLg-6UiL5iZb9J1N4e1N9HLE5onembAw_QMlCXZjI6xppANgQoHWlHjvvZ0odpSeCJnlzcLpt1vyI-qP8WSL3yLAd7LutG5MUr979-yq_LdtEbnoNQRRCCz-s-jxtAetdTnxOIOE5KiZNHz9iAC6jkwjVYy22hEDMDO1XfYFLRUuYMqzbK1RFzUCNniRd5SOsRG51i8oWiIcJ93tl7oTdRz5MEK2kJbFGGdfbGC051wZ1pPv0p38DCGlh2zZZeSTRSNmWXoG92kf3qm5XmDFm2bFTYV5njhnWA6GFtLaQu5csYFBrwx1O8ZIkwXs1cm0ryi1tJyC2kc93hEyWXYTMiKseqFh1ioQk8MDW5kyhPg5VePGCEk1olOlOEkzjykEKAIaDiuXBYwvsHADDKvQN_gcy3gWIo51YPCH83IHJyxTkLTKWFCbrCIqAbQMtwG-nVr7ekeHqdBPDuWD4Kt9i0FWaI3JZn1tFwj911JrafNDbPhZjSgxD0SvoCsdQJoFSYRB1I7zvVZtGHdEObULXHA0i5RbuotzrZey2zbFSbN8fv9BM3P2glMoC5LZbfQx7sq35jfLfpmjWsZR41zt_kkLMGTyt5fiU5ewEweH_m2mE_hqQvkHZdG6axCWUF30hpKPAcYJLxmH2r3Sz4QcRs88f2Z4jrni3obY7HjDDJVHWuUKPoHkt9LmD8XDgOP1dbVgm0K9Uhqxm4mb1C1Z2S4s1wwRDjo8TbgWBTU2CTPnovFVccw_3rveFkrmJnc7a5haO6mnzuctg9bhMw8MOZvQ3F3lFwhmgz_QZjB8Vgs49ETofhRMpfWVCBpVTb7aWOF9I6n7rvxZL7zXxFMpTAPmAvWE7PnwMOf4hC7TVM7WTqRBzolkqrk-syrbvygks1klhOwYjRAhuzdRoaYh242MiO0w5e7CI5fUMayHwPeHhP9TqodSw10PzO3qmXJpBT650Ds_K3_GNR8j1ZCSrKi3NkvWXXoHY9L5Ldac3TvdyDOLl1JVRgSIuXovtBclgXZ8LwcqJ4328vfg9RtbxiQOrjgfZ2re-zxv3cJW2PHBiY-KdOQYTsaTEErdqaLelddvPWWkYea5Qy7J6Wm3JLWEmaDVWok1hR1i2ZD5x6uB6xqomcFkfoihStJ-WUVuijAfwl9NcQW7cGJ2Wkd2JYIVBUrYOPLK61ZY0mK9touY3mND2t6gZqwuOczxmv8afqoMq7mBMzdjLUoPfS002C86LYsiA04gk_XLveJQ5YWEAfUYmwxpM2RdNdwV0ajqKDioyNEpBWD7fueEttFEsFV-Yfo_DoM0pJcqjQ3vwTqqE3OToVqQDRTuc853WyhzuA5k5A3cOjQDrUI4aWiOSmbwi8drPh8YK9-32z9lDi4CRWQG7YIDgMwsOWVa7JorBFm-SAJsvE_9-qdra31hE_gnMNqXb5K5MlUBnbi1GeFluNBLLiMrLOrLihVXTn3JjkF1PE3CVPGB_N7rlWP8bcUOiP1p0d3mSQcgfxP96HnwjBmpu2VYIK0Uf5ZZ9IFYcxzjVguUXoo6bEM-d7s81M9GMIjNEFX2m00Ah2DdZfB-5bxNBUT95Q2zzTvzBQxBrICjaciMjn0g2RhyfTr2ZD_DeLAXL_psXJQitFFHe_5QFnrW0N3IrvVVkHUTRJCE8DFIDfniFSnjQqJsfjl4iQ9sGZirnfmcNsmScXWFLqwcKWLW6mzhSdpBuLv4DIb1OgoNYFcS7lCWeEmFJn0hZRblKNVJ8GoHOPOqXOsc1jERzvfFQ2zXEnPnYOc0DmqNsTLV0oWjOnWnAkmMcR7q5Hl7LT4ZaZgXE03ZvisLjCV27thjSx07Dy8LOnYHFAb4WX8DWnTdrC-Md2QXRZQIoJ9mqL_1CzdBu_UKKKx2GebJj164mu6nPMD46AS32IkZcHQHXpZY5hRK4a1Ne9iTmE1onMHN1RFSLtly__66i6sZNEWb1mgVw1vpliTRV72aEoz9jI1uzKdXns5iddQR4MA846NJqOE3CRPIiMSCDRVz2lIWTuqa55E84Hmqt3xMWtnwmQy8Cxl4PYgfXgf2YQUTJzqBy06UupVYaQwgEEjsA6tujfRE6TOvfvUCJQbtkLG_i_v6RaXJilavOPg2ZnnQnzdk_S6kwxWIWAqIbcuDu_3RnM9v0DTk9vBgBIBNgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-5845685380979936&ias_chanId=1&ias_placementId=17668765392&bidurl=https://ba.n1info.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g8YxwYnQEkb0rf-H6cB8mB&adsafe_url=https%3A%2F%2Fba.n1info.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fba.n1info.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c78623e2-b186-5c67-36c0-d5191a578926,c:vmuBPq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-72sx5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:toA7eBf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C191%7C1a%7C1b%7C1c*.1103447-64557517%7C1c1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:cf1ee3be-6fe7-11ed-a9fe-325fc79019c7,v:19.8.366,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
3160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D66E 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1103447/64557517/xbbe/creative/adj?p=APEucNVAOPxBW5aG4S6R-JvutvYH7eAaxGW5MhEs_Mi0rvpAzG9_Pkg&d=CokBAKAmf-Bh6mGQggoXZEf3jo7ktQzx22Fn3S6pOjSzoAPpDzcOoqQJQopXzQGUvjWIrFSX-3Sk8qxSbHvdDNJQfoCl54np8Ez78vQ2e2hlwgFYsy3m6k2XYWJN6h1wMyzYI8xMSYkE9rV9umTudlHyJpelLjbCLXfODRbZJbWjoeceWwHanpFz1qESqRQAoCZ_4OcWFzBKnUHGOt6r6N5ISwCUXeBNEe_W-5aXDzuAAqu41UTZC82J6Sus0-No3zyEZwj14pon5bcdgYD2cxIRpbbF2jWaotDh4tw8OkXCccLL2hXZ0VGSTzg80AJvFAsLOPGte5NmkJ9ovzZqPFOAt7JBBJ0LoOzE_vzTxgO6SLqLsPKyUI5_ojgm5-dKJy9zc_2dHHcAwI5KFvOcZNspvbYXK20q_8j1X9l_Odp2aV4Cp23-xtTwhp774Q8LSChGObvC8TmSZFDb6qkiRDSLTKLt7kOP5Ers5HY_Pg5-pctrwzbzwkz9dsMZfshlTbV_HdtCvZwCnwQ3SHnXraDCCKQS_RiwKmLZpxQrsSADaZOSgjmH0aoULkUqxh9N5lWGLLxlrmg9b1z3XRdTtL9kf6e5pd2xSN7nxz5ZBzqkuA-LuDe84UxG-4v6L--FjK1E3kWS54if2vrFOUGB70iKyQBDoelKFc7zy0o5GOXe5Ruuotd0pXFod9WNkd9GSKMQR1E-VfzzKbfF-0iGRde7Zv2cw45S6vQjnOp62bf3E2c-Q_0QzkDQzab5OXHhIJcKtcOg5y9HpkeWo5kRsT4WR0PuP6Y9fTi_ZZtzJh8x6qtKd5_Xz8Vgn_yA5WAXoP7UTyqWf9ywr3P4GgWzohUjPkE9Tsa64Gu66YogB8ChYee6SqiqpWhfRhAQRcetdJmrDpjVgjvrAbCaueg8OXdLYDmYVv0TNyy3eN-kCMq7s5duiC6A1UuL2T8MBY1MCL1RcHZEF2KS8N9xPZZndONXGFQW41cc44pqDStW9K3D9OCiEU-aqUDlr9hrblMFzbOENQCLZHXnmmoscEaEC8dmZWNI2jOGXyOH7JmhPE-Q_YCiPiHDRpPrZL7rQUb5RP-b1xUSJqi2GV4f_fvHliQdE-B8TEhxgKDFGvkssiCF9ZYcHTlsEzcHnOJHgDd3DXnn4K51Skc8yuGN2ew5le-5vWjhYKezOnFo-jFodAeAy0n-a9aSS5sc1QlNGxv69PSBqobfuSfWRfmt17IUzPDqLMJ4T3Tgcc-6DlGchptoj-Du1sEWXcv8tXpm-wfAtSM01TUAL3e9tZqoYtfX3dfATwG2umoBmq4_9o6_RyGmXDubXA98_Q2IpbQBZ_CrjSa2IJYk7BWneSBmDhmAq_QYErWqezcSmqrm_xIQVeTRDvQu1AH7_Ghpp80znGoR021hL2SHXA28M3mbthKxeS21VYp8qF8CwEbWvLpAsWer94qeCQSODXv6bWd6-li_kkeUwJMB_XjTg6jNoLUeYORTE5z8LlS2rKSpj9ecSolvYMsYX9IahUQEcUIqe6qf9H4S7DgZJHCPXn4OWydSybQWW-bzqn81_SHLbOVgLg-6UiL5iZb9J1N4e1N9HLE5onembAw_QMlCXZjI6xppANgQoHWlHjvvZ0odpSeCJnlzcLpt1vyI-qP8WSL3yLAd7LutG5MUr979-yq_LdtEbnoNQRRCCz-s-jxtAetdTnxOIOE5KiZNHz9iAC6jkwjVYy22hEDMDO1XfYFLRUuYMqzbK1RFzUCNniRd5SOsRG51i8oWiIcJ93tl7oTdRz5MEK2kJbFGGdfbGC051wZ1pPv0p38DCGlh2zZZeSTRSNmWXoG92kf3qm5XmDFm2bFTYV5njhnWA6GFtLaQu5csYFBrwx1O8ZIkwXs1cm0ryi1tJyC2kc93hEyWXYTMiKseqFh1ioQk8MDW5kyhPg5VePGCEk1olOlOEkzjykEKAIaDiuXBYwvsHADDKvQN_gcy3gWIo51YPCH83IHJyxTkLTKWFCbrCIqAbQMtwG-nVr7ekeHqdBPDuWD4Kt9i0FWaI3JZn1tFwj911JrafNDbPhZjSgxD0SvoCsdQJoFSYRB1I7zvVZtGHdEObULXHA0i5RbuotzrZey2zbFSbN8fv9BM3P2glMoC5LZbfQx7sq35jfLfpmjWsZR41zt_kkLMGTyt5fiU5ewEweH_m2mE_hqQvkHZdG6axCWUF30hpKPAcYJLxmH2r3Sz4QcRs88f2Z4jrni3obY7HjDDJVHWuUKPoHkt9LmD8XDgOP1dbVgm0K9Uhqxm4mb1C1Z2S4s1wwRDjo8TbgWBTU2CTPnovFVccw_3rveFkrmJnc7a5haO6mnzuctg9bhMw8MOZvQ3F3lFwhmgz_QZjB8Vgs49ETofhRMpfWVCBpVTb7aWOF9I6n7rvxZL7zXxFMpTAPmAvWE7PnwMOf4hC7TVM7WTqRBzolkqrk-syrbvygks1klhOwYjRAhuzdRoaYh242MiO0w5e7CI5fUMayHwPeHhP9TqodSw10PzO3qmXJpBT650Ds_K3_GNR8j1ZCSrKi3NkvWXXoHY9L5Ldac3TvdyDOLl1JVRgSIuXovtBclgXZ8LwcqJ4328vfg9RtbxiQOrjgfZ2re-zxv3cJW2PHBiY-KdOQYTsaTEErdqaLelddvPWWkYea5Qy7J6Wm3JLWEmaDVWok1hR1i2ZD5x6uB6xqomcFkfoihStJ-WUVuijAfwl9NcQW7cGJ2Wkd2JYIVBUrYOPLK61ZY0mK9touY3mND2t6gZqwuOczxmv8afqoMq7mBMzdjLUoPfS002C86LYsiA04gk_XLveJQ5YWEAfUYmwxpM2RdNdwV0ajqKDioyNEpBWD7fueEttFEsFV-Yfo_DoM0pJcqjQ3vwTqqE3OToVqQDRTuc853WyhzuA5k5A3cOjQDrUI4aWiOSmbwi8drPh8YK9-32z9lDi4CRWQG7YIDgMwsOWVa7JorBFm-SAJsvE_9-qdra31hE_gnMNqXb5K5MlUBnbi1GeFluNBLLiMrLOrLihVXTn3JjkF1PE3CVPGB_N7rlWP8bcUOiP1p0d3mSQcgfxP96HnwjBmpu2VYIK0Uf5ZZ9IFYcxzjVguUXoo6bEM-d7s81M9GMIjNEFX2m00Ah2DdZfB-5bxNBUT95Q2zzTvzBQxBrICjaciMjn0g2RhyfTr2ZD_DeLAXL_psXJQitFFHe_5QFnrW0N3IrvVVkHUTRJCE8DFIDfniFSnjQqJsfjl4iQ9sGZirnfmcNsmScXWFLqwcKWLW6mzhSdpBuLv4DIb1OgoNYFcS7lCWeEmFJn0hZRblKNVJ8GoHOPOqXOsc1jERzvfFQ2zXEnPnYOc0DmqNsTLV0oWjOnWnAkmMcR7q5Hl7LT4ZaZgXE03ZvisLjCV27thjSx07Dy8LOnYHFAb4WX8DWnTdrC-Md2QXRZQIoJ9mqL_1CzdBu_UKKKx2GebJj164mu6nPMD46AS32IkZcHQHXpZY5hRK4a1Ne9iTmE1onMHN1RFSLtly__66i6sZNEWb1mgVw1vpliTRV72aEoz9jI1uzKdXns5iddQR4MA846NJqOE3CRPIiMSCDRVz2lIWTuqa55E84Hmqt3xMWtnwmQy8Cxl4PYgfXgf2YQUTJzqBy06UupVYaQwgEEjsA6tujfRE6TOvfvUCJQbtkLG_i_v6RaXJilavOPg2ZnnQnzdk_S6kwxWIWAqIbcuDu_3RnM9v0DTk9vBgBIBNgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-5845685380979936&ias_chanId=1&ias_placementId=17668765392&bidurl=https://ba.n1info.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g8YxwYnQEkb0rf-H6cB8mB&adsafe_url=https%3A%2F%2Fba.n1info.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fba.n1info.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c78623e2-b186-5c67-36c0-d5191a578926,c:vmuBPq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-72sx5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:toA7eBf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C191%7C1a%7C1b%7C1c*.1103447-64557517%7C1c1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:cf1ee3be-6fe7-11ed-a9fe-325fc79019c7,v:19.8.366,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
3160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:12 GMT
container.html
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:51 GMT
expires
Wed, 29 Nov 2023 13:14:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Nov 2022 13:14:52 GMT
door.js
script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/door.js?id=2420
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
61dc5d08e149faff5b20432369de5f8ce62e9179af0cea513379316449077ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-C1
etag
"2420...218.2022112913"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
mriCI_NzyIR3TG9cWnklZyEqRTI-JxdyeD6uB2wOJiuXKiNz4cVDaw==
/
track.adform.net/adfscript/ Frame E7AE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59671723;rtbwp=Y4YFywAFOjwHg4jBAAO3NeyGX2naFewUVt06_A;rtbdata=Ade0AEWu5LOUSJMHUJYX5u46hnxdg0eqI7dDWA5-9pUE_Wbr4wBf4EdlYceIdlNZ8FjiAZlrHrNlQlEd3KSQ_LMWGyRsdRhEEbFcpDqa96vvMHozR3O6QSfaY_1uO4hWtJ4O5-60MG-JbxrYjOJesncU5MQfL4sx1a6iBU_n379FpyHU7Kt1IJZ9QM3oeu6X3CNAwpwVJhQZxmfHT-Y4GBpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRdV-_tPjuH7nHVSrxQOgwUeA4_xXm2AhV0;nofp=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssJPL02q4yvVl5Vj2lKkWgqBuMk9vIvJZ-apx7Yq5kDAiP807zZKYIif7uh_BhZGBURZsGbB1rQk7xRvs6cuSUOsvn-GP_ScVIrw5zRm4ctQHc0MB1MWlMbKHbz83ixbR-GSSMIE7m0B7CeyMOPe1OQz7DVDCLU3rH2gqzqpCSbf_wRsSJmETZgctBlYQDOKxTl0aRo-js_b9F119o4EBjC_MpVbElRxIV2HOaoHqmoxeFe_AuY4aHzrSxa-D8JM1q5e2_-a-L_0R6wwZjDsr7Mmy8zVb-DRJrErhgBQo708A8QQHBMj-GiLOoxGmH9PYxgiHtP24qlKWyskCe7F-TRCg&sai=AMfl-YT_95_HzXw3rp1PD2Grik9PrTOXhSDUvEdIpQv58vI86bUhCflSZI6KooJXFVJeIXU68t9TLUTacYzway3ZhrmreVNxs3V-omJ_VhOZOgTKvNnRqcCKZhedQwDGxXBi23hroU5rMgTZZ3fFH285uYw&sig=Cg0ArKJSzMJlwmnQvSdMEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CPBYxywWGY7z0FMGRjuwPte6OsAXGp9zvXL3ShYmvC8CNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi01ODQ1Njg1MzgwOTc5OTM2yAEJqQJqaAfUZ72CPuACAKgDAaoE_wFP0JhP4CpiD8L6NmXD6LA2ocLRA4Xnhib93tvbjuIywzPrlg8oHuVLiQmqqU5trLafDaPc7ltPqBNuqbRWAblW7fufg9tbl9q3o8i-hLnTXK1oOJ9CaJ75U8I2Vz4zkpQvDTDqMhNYWIKDmym1T70NjZvbblq8gpBhp_OL9ffD-blmLkm0adxR9R2Bim-1su6fLfArZbt4mx9FwicJgKiX2omdmd6viAwQsx6AKm1B-v0vujuzjzC9FpVnhdZOh5_H-plKkeSWmB7gOI8yILiW_lNFBEl6tT9xSnfFpVInE1nK7WQCrBOi-2_TQ5wi5Pe2CPzL_LPL6UXfYvxb963gBAGABujkgZDlgLaWGaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2mF64qzndnCaMIx_llu01OIytF_g&client=ca-pub-5845685380979936&adurl=
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e92da247aad3c77b05422ce7a3353e334ba0ebc02d93bb1fe8cb41f67d246ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2373
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E7AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:13:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
3690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:13:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E7AE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
3159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E7AE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 20:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
58576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Nov 2023 20:58:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E7AE 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 13:14:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E7AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv875gljk7Uksbfbf-U3YJP8G3MeiRZ3OlBfr4nk4otnIP1uf57zp99SoqfTEogUFd59cno8jjmgebfLZW1dDYm8UahciucceJGTR16IOi7Adatcb1UTB9Nf1gclTKNkX64QBiHTwc9wEJXlo3rMETbi7HCWYrLRM7Sk5NqHbfNa9pOIncY7rZeImM5OQfaueG1F59Ijvi3jvjJuki-lXOMtP7EWiZw3UCfTXrEekmlm3TkgjOn-bTxvPsj46hIwOUko3OV2cUTfQ5PK9mlAHGGAzsok8imCeNGrmoO9W--5aF_ojHur6SbYIgelNP5AxE8pzovExMOJ2zhpEOBdtBuWiG1GDeMVTN7I6pbKzHznLlISh6dE1YwMFZrHDPbsLNt3UPp-UPEikyHqQxLNRAGOZ_xrPAPEYqt8hv-qDG7DBMkR0DryKad8U7QWs-nTCqJhkwhIopz5Xsh81h53fnGjzTOO1its5iQlHti22cAfnEUsBK_IQlbQwdmbgMlKTNB3qZskQ1pd8T2ecFxnVTKFCvTAHWjNPPu6hjOpfA8viVjYFzA3pg2ntCyTdEDnELmJMlGC4541Y7S38MBnVKFxQfHCFhEB5ov9Y25jKbyqy2Qv6del2RGUO4Rz7DKAZA3T_RbXUm7sCMCrqJx327-LtF76qYlUwfGaQLaLFnXpavqkQ2dfD1i7VFhKv8g_rnNEaVJJnGd1VVgGLpTR3CsU198_40Lzt4H7kbSeSGnTiiw58RWXonv3QvV92t9DPzapb7PG_zN6zWFA-wbggxb_pcIR1q1HWOnG0B8EYS0oSZWISX4yHsoadpTvhMjOwBzrwSYoPdA09C4YJf8dbCh0mfDnaqDFUE9FTCHfTa7GHIrGu1Sq6tzJVrFH1dRQ2P-LaLNr0P5qGvYrxM9tJKMsnecfmhi52cuFcqBuwnVKvb_7hJDi3NMlHWz54_jOWz_WOR0Dqauht67BfbcqJAN7kyYd_Lx-5EJ7LppyKXhvKZIxZpm3nIc27yu9V9B7tyboIjbbhv9Dv84Gd99DAMONJCwpUTY5_kjJU4qI91EwOkUZ43SlJEidLT3JrmDm_3x4RAf4LCob9-uqlIfIpKL-EQei_JzpiKWIl0GS_cSdphpWs2a6R8pLDVa7jYkn0RFY-SU_wR3iDMO4ZsQvIpoqeuGaLQMwRBfqorrAystHs1ZpXRKYH8BYuCLBPoKSpkWYEKbkWFSAFQaIEsuqBnluSsjXQFJiKIWMDT-Mn07RIIgXzI&sai=AMfl-YTORn7WmHYeaONW1d8Rhrt_pvo-kcSSnorGS-fsnIvdrYKvaHa3CBBT2AVfuHcP2bOtzoDOdoI3rLtvfL4ZVU11hS4oe9e0MBpcPMuN-BH2j8mamEkCPFnTtR5JFMV5glEUrKurvLeCQweCTSGTK8HjGJn3cgVMfX2oPSQJ8NG28ZuueiyjtI-Wg5lNgaEE0jjqKl0ryuZcvscxCe3ZVprA8kvm227TUPpy7e_0dmT-CfILF5EUcGFC15zPI3LYQ2a231PXNzST9_125XoBs9faCT87qpdxbtPduWKO5DzHE89u94fF4hqLHcgZiDlSKSuBbKgMiE9lTdM&sig=Cg0ArKJSzP8N58zruGDAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/1068647635432243200/ Frame 2A8A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
5a92193e1c8a6757c6542fa276633b7c4dfa1f312f83f9119737fb9f8546aa2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1556
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:52 GMT
expires
Wed, 29 Nov 2023 13:14:52 GMT
last-modified
Tue, 08 Nov 2022 07:30:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D66E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttn9aLpwU2E7LKgjfRf4nRCRpOdx5Uv-YaJsSmGcp_1PJUq5KGMhvBqBv7yTm_-Fv3wVSrY0Bx1wU0JZRsj8X-J6_odsnLIMA0eHDELaKDedATqE7md9ukb0xeg8OcHBeBf16Cpp9pEYfCNwPcBa--RJn5fEIwJwTsmjmXUlhI3CuZZMmbNSexvGtdP24HHNedyW9CrXxe&sai=AMfl-YSWaL68SBL6xikE5D2q89FEDWobsKu35aLn1JwR_K2-Ickl_-TP2Za4INfqoH_1didKYNsTStWbXH_dMcIzYXdY0SBVaoApTHIBxHJjOSrLibr7YTQEzTlPoqhoTU7B4kYpHFw1KGXeWxTqJyQU1I-V69Hbbg&sig=Cg0ArKJSzL3l3doULN9oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&cbvp=1&cstd=140&cisv=r20221110.44382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:52 GMT
syncframe
gum.criteo.com/ Frame 16C7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ba.n1info.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:14:52 GMT
server
Kestrel
server-processing-duration-in-ticks
695162
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
12048958.js
s1.adform.net/Banners/Elements/Files/2104702/12048958/main/ Frame FD54 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12048958/main/12048958.js?ADFassetID=12048958&bv=1537
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
56e454106a3207c726341d25272479a9d78e7804edff29d271555921256959da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 14:16:56 GMT
server
nginx
x-amz-request-id
tx0000014f98789c07d230e-00637b9c96-329354d9-default
etag
W/"74bb17997155a87800bae972f50d66bc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
dt
dt.adsafeprotected.com/ Frame 7687 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1190396&asId=28a8be3c-e7e4-6c55-84eb-3c31a2bdd451&tv=%7Bc:vmuBW0,time:519,type:e,im:%7Bimprf:%7Bttecl:704,ecd:117,tsecr:135%7D%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:519,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B511~0%5D,as:%5B511~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1190396-65998078%7C181%7C182%7C191%7C1a%7C1b%7C1c.1103447-64557517%7C1c1,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:26,sis:278%7D&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F576 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 10:44:06 GMT
etag
48472445140208031
expires
Wed, 30 Nov 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D66E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73c4d84c79168730aa69128298ac4f9324c43597842960d41f67c02b558b9444

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E7AE 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59671723;rtbwp=Y4YFywAFOjwHg4jBAAO3NeyGX2naFewUVt06_A;rtbdata=Ade0AEWu5LOUSJMHUJYX5u46hnxdg0eqI7dDWA5-9pUE_Wbr4wBf4EdlYceIdlNZ8FjiAZlrHrNlQlEd3KSQ_LMWGyRsdRhEEbFcpDqa96vvMHozR3O6QSfaY_1uO4hWtJ4O5-60MG-JbxrYjOJesncU5MQfL4sx1a6iBU_n379FpyHU7Kt1IJZ9QM3oeu6X3CNAwpwVJhQZxmfHT-Y4GBpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRdV-_tPjuH7nHVSrxQOgwUeA4_xXm2AhV0;nofp=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssJPL02q4yvVl5Vj2lKkWgqBuMk9vIvJZ-apx7Yq5kDAiP807zZKYIif7uh_BhZGBURZsGbB1rQk7xRvs6cuSUOsvn-GP_ScVIrw5zRm4ctQHc0MB1MWlMbKHbz83ixbR-GSSMIE7m0B7CeyMOPe1OQz7DVDCLU3rH2gqzqpCSbf_wRsSJmETZgctBlYQDOKxTl0aRo-js_b9F119o4EBjC_MpVbElRxIV2HOaoHqmoxeFe_AuY4aHzrSxa-D8JM1q5e2_-a-L_0R6wwZjDsr7Mmy8zVb-DRJrErhgBQo708A8QQHBMj-GiLOoxGmH9PYxgiHtP24qlKWyskCe7F-TRCg&sai=AMfl-YT_95_HzXw3rp1PD2Grik9PrTOXhSDUvEdIpQv58vI86bUhCflSZI6KooJXFVJeIXU68t9TLUTacYzway3ZhrmreVNxs3V-omJ_VhOZOgTKvNnRqcCKZhedQwDGxXBi23hroU5rMgTZZ3fFH285uYw&sig=Cg0ArKJSzMJlwmnQvSdMEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CPBYxywWGY7z0FMGRjuwPte6OsAXGp9zvXL3ShYmvC8CNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi01ODQ1Njg1MzgwOTc5OTM2yAEJqQJqaAfUZ72CPuACAKgDAaoE_wFP0JhP4CpiD8L6NmXD6LA2ocLRA4Xnhib93tvbjuIywzPrlg8oHuVLiQmqqU5trLafDaPc7ltPqBNuqbRWAblW7fufg9tbl9q3o8i-hLnTXK1oOJ9CaJ75U8I2Vz4zkpQvDTDqMhNYWIKDmym1T70NjZvbblq8gpBhp_OL9ffD-blmLkm0adxR9R2Bim-1su6fLfArZbt4mx9FwicJgKiX2omdmd6viAwQsx6AKm1B-v0vujuzjzC9FpVnhdZOh5_H-plKkeSWmB7gOI8yILiW_lNFBEl6tT9xSnfFpVInE1nK7WQCrBOi-2_TQ5wi5Pe2CPzL_LPL6UXfYvxb963gBAGABujkgZDlgLaWGaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2mF64qzndnCaMIx_llu01OIytF_g&client=ca-pub-5845685380979936&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Nov 2022 16:21:21 GMT
style.css
s0.2mdn.net/sadbundle/1068647635432243200/ Frame 2A8A 		0
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 2A8A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 06:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Nov 2022 06:28:55 GMT
dynamicBuilder.min.js
s0.2mdn.net/creatives/assets/1951882/ Frame 2A8A 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1400
x-xss-protection
0
last-modified
Wed, 04 Apr 2018 17:00:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:18:53 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2A8A 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:14:52 GMT
logic.js
s0.2mdn.net/sadbundle/1068647635432243200/ Frame 2A8A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1068647635432243200/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
c02e3cee6c3b3f815e45473b0200eab23828311692e61d2ff759454e0b713c12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1175
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 07:30:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 22:47:15 GMT
dt
dt.adsafeprotected.com/ Frame D66E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=c78623e2-b186-5c67-36c0-d5191a578926&tv=%7Bc:vmuBWS,time:481,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:481,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B475~0%5D,as:%5B475~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1190396-65998078%7C181%7C182%7C183%7C191%7C1a%7C1b%7C1c*.1103447-64557517%7C1c1,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:20,sis:251%7D&br=c
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
door.js
script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/door.js?id=2429
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
dbba01e78cdc8bd77ebfaaa28e1f3e66dcf1e337b0df0d33299ca66248c11772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
br
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-C1
etag
"2429...218.2022112913"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
DS7DKGIEwi3n-keJ9UCHiR1LFMslivuF_aaGDUnRrQ0udNHO-LKM7Q==
Adform.Styles-1.css
s1.adform.net/banners/scripts/components/styles/ Frame FD54 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/components/styles/Adform.Styles-1.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fa783436d33011ecbf66b0553b4f36ffedb0f390691c7c862c64b61df53dde8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 12:06:33 GMT
server
nginx
x-amz-request-id
tx00000a3ac82a896bcb348-006376618a-3293868f-default
etag
W/"b62e2870aabc91086ec46bd9abd1d747"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame FD54 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000a37373505363f9f8-0063766185-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.SliceVenetian-2.js
s1.adform.net/banners/scripts/components/ Frame FD54 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/components/Adform.SliceVenetian-2.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0c4631b99bfb39f2ecfae0ba9434e4a266fc6a21be8cdbc0eeb505237c0d807a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 12:01:36 GMT
server
nginx
x-amz-request-id
tx00000cceeca80eea9eefc-00637661eb-32941e2b-default
etag
W/"8b607c2c265b6800754794d78848bd0d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
custom.js
s1.adform.net/Banners/Elements/Files/2104702/12048958/main/bvpath_1537/scripts/ Frame FD54 		520 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12048958/main/bvpath_1537/scripts/custom.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7b9227f4bef0cfd15fa114c59a132fe697e7a59dbb2692b53a9d4515955b92be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 14:16:56 GMT
server
nginx
x-amz-request-id
tx00000b25c79a360fc97e7-00637b9c96-3293aae9-default
etag
W/"64e145ffe900570d88c329091ddafffa"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
json
gum.criteo.com/sid/ Frame 16C7 		444 B
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=n1info.com&sn=ChromeSyncframe&so=0&topUrl=ba.n1info.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ba.n1info.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
91fc74a323b545fb816d1e63d364c00ec52795a315aec9189de0f7e7b62062ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ba.n1info.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1736278
expires
0
dt
dt.adsafeprotected.com/ Frame 7687 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1190396&asId=28a8be3c-e7e4-6c55-84eb-3c31a2bdd451&tv=%7Bc:vmuBYo,pingTime:-10,time:667,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669727692996%7C%7C492259bb4aff297ae82d475fcc057c2b%7C%7C6663fc817094191839d96ef6de7d9494%7C%7C7643bfbd15ddd1a08ec74ca31802cda0%7C%7C2123dce75b2b30af5a452c0681065544%7C%7C51c342e102e805ca5614de656136634b%7C%7Cbf6d6f6be1b74e0b37336b6572efdd76%7C%7Cc2b841e6b52d6d1118a6553a1e7a6877%7C%7C1663701684%7D
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
track.adform.net/adfserve/ Frame E7AE 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59671723;rtbwp=Y4YFywAFOjwHg4jBAAO3NeyGX2naFewUVt06_A;rtbdata=Ade0AEWu5LOUSJMHUJYX5u46hnxdg0eqI7dDWA5-9pUE_Wbr4wBf4EdlYceIdlNZ8FjiAZlrHrNlQlEd3KSQ_LMWGyRsdRhEEbFcpDqa96vvMHozR3O6QSfaY_1uO4hWtJ4O5-60MG-JbxrYjOJesncU5MQfL4sx1a6iBU_n379FpyHU7Kt1IJZ9QM3oeu6X3CNAwpwVJhQZxmfHT-Y4GBpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRdV-_tPjuH7nHVSrxQOgwUeA4_xXm2AhV0;nofp=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssJPL02q4yvVl5Vj2lKkWgqBuMk9vIvJZ-apx7Yq5kDAiP807zZKYIif7uh_BhZGBURZsGbB1rQk7xRvs6cuSUOsvn-GP_ScVIrw5zRm4ctQHc0MB1MWlMbKHbz83ixbR-GSSMIE7m0B7CeyMOPe1OQz7DVDCLU3rH2gqzqpCSbf_wRsSJmETZgctBlYQDOKxTl0aRo-js_b9F119o4EBjC_MpVbElRxIV2HOaoHqmoxeFe_AuY4aHzrSxa-D8JM1q5e2_-a-L_0R6wwZjDsr7Mmy8zVb-DRJrErhgBQo708A8QQHBMj-GiLOoxGmH9PYxgiHtP24qlKWyskCe7F-TRCg&sai=AMfl-YT_95_HzXw3rp1PD2Grik9PrTOXhSDUvEdIpQv58vI86bUhCflSZI6KooJXFVJeIXU68t9TLUTacYzway3ZhrmreVNxs3V-omJ_VhOZOgTKvNnRqcCKZhedQwDGxXBi23hroU5rMgTZZ3fFH285uYw&sig=Cg0ArKJSzMJlwmnQvSdMEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CPBYxywWGY7z0FMGRjuwPte6OsAXGp9zvXL3ShYmvC8CNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi01ODQ1Njg1MzgwOTc5OTM2yAEJqQJqaAfUZ72CPuACAKgDAaoE_wFP0JhP4CpiD8L6NmXD6LA2ocLRA4Xnhib93tvbjuIywzPrlg8oHuVLiQmqqU5trLafDaPc7ltPqBNuqbRWAblW7fufg9tbl9q3o8i-hLnTXK1oOJ9CaJ75U8I2Vz4zkpQvDTDqMhNYWIKDmym1T70NjZvbblq8gpBhp_OL9ffD-blmLkm0adxR9R2Bim-1su6fLfArZbt4mx9FwicJgKiX2omdmd6viAwQsx6AKm1B-v0vujuzjzC9FpVnhdZOh5_H-plKkeSWmB7gOI8yILiW_lNFBEl6tT9xSnfFpVInE1nK7WQCrBOi-2_TQ5wi5Pe2CPzL_LPL6UXfYvxb963gBAGABujkgZDlgLaWGaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2mF64qzndnCaMIx_llu01OIytF_g&client=ca-pub-5845685380979936&adurl=;js=1;adfxid=2x;2744;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fba.n1info.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
74809a1ceb30dee8f0e0ff72b933f7327c08fb34d04213eb6c0e7d14df6926b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
4164
expires
-1
pixel
cm.g.doubleclick.net/ Frame F576
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VEFNRzN1MVIxUDAwclA1&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&google_cver=1&google_push=ASkJ3FbYUuj2sKTBDJHYXpyK6m-Kon3vKVc7eeAcX4yxJgc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VEFNRzN1MVIxUDAwclA1&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&google_cver=1&google_push=ASkJ3FbYUuj2sKTBDJHYXpyK6m-Kon3vKVc7eeAcX4yxJgcghGRwOM-k_W2yPAiFs79P19zHvuOR4emAP8ul3QMmrCLLvBgSV_3V
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 13:14:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0c6774dcbd8510e59@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VEFNRzN1MVIxUDAwclA1&google_gid=CAESEOWd7VfeEUBR6v0WCQcpJqU&google_cver=1&google_push=ASkJ3FbYUuj2sKTBDJHYXpyK6m-Kon3vKVc7eeAcX4yxJgcghGRwOM-k_W2yPAiFs79P19zHvuOR4emAP8ul3QMmrCLLvBgSV_3V
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F576 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAU8BulOifmhzK2GqCu8sHo&google_cver=1&google_push=ASkJ3FZrZN9eDnNuDorrNUUobHV1tbLPhWuVEd39lOWZ-gdPZT6rwKh9duto8sTYOi8gwdMLVUb8K-tVxtRwqf1Qwitb1IXTWUa_
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 29 Nov 2022 13:14:52 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F576 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGHWBo8oSK1T1ZNXQFkfR4s&google_cver=1&google_push=ASkJ3FbJnTWOIOQDB3UHPo1FP82Phm_AtX1xlbWGq6o-zbAnnTAvMISVYz5EhiLVAn7ARXC4rAq-FER_BT2VWW-cvauslR5kQC9i
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame F576
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGeGl2VwnRLV7HB1se2PQEc&google_cver=1&google_push=ASkJ3FZkryc3f7zCXklWMlnZAAxt3FLz4OYqpBPJHj8qCu57FXHeqMXjr5SnBQE56sBhd_VIbO5-To5pEgHjsmNk...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WYUvuSOcTz-Laqn9wwmB0A2&google_push=ASkJ3FZkryc3f7zCXklWMlnZAAxt3FLz4OYqpBPJHj8qCu57FXHeqMXjr5SnBQE56sBhd_VIbO5-To5pEgHjsmNk6hu3_U5ByrKl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WYUvuSOcTz-Laqn9wwmB0A2&google_push=ASkJ3FZkryc3f7zCXklWMlnZAAxt3FLz4OYqpBPJHj8qCu57FXHeqMXjr5SnBQE56sBhd_VIbO5-To5pEgHjsmNk6hu3_U5ByrKl
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Nov 2022 13:14:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WYUvuSOcTz-Laqn9wwmB0A2&google_push=ASkJ3FZkryc3f7zCXklWMlnZAAxt3FLz4OYqpBPJHj8qCu57FXHeqMXjr5SnBQE56sBhd_VIbO5-To5pEgHjsmNk6hu3_U5ByrKl
x-host
tde-deliveryengine-production-58fd8bff8b-hcf8w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F576
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHHzszvuVgnYRMvxVo9Tsgs&google_cver=1&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHDzY...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHHzszvuVgnYRMvxVo9Tsgs&google_cver=1&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHD...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHDzYRP0LG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHDzYRP0LG
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZIHDrP2t56MX6ec7AlVVQBcdzgWn5TZQNbe5dd43GERcw9NJhdnkJF__IK-qVZXJLWDH1xIgssB6NxLMIZsTmHDzYRP0LG
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame F576
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGb5_G12lhbX_HivnOsI5-U&google_cver=1&google_push=ASkJ3FaviuvUBqzRMhmwqn2Ig4Kgpvo70gWB3A1NsmPQbMLJcvCdL_7LsSVff90aiJV3yCM7xSbyHXfY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMjAzMTgwODgyMzMxNjg5&google_push=ASkJ3FaviuvUBqzRMhmwqn2Ig4Kgpvo70gWB3A1NsmPQbMLJcvCdL_7LsSVff90aiJV3yCM7xSbyHXfY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMjAzMTgwODgyMzMxNjg5&google_push=ASkJ3FaviuvUBqzRMhmwqn2Ig4Kgpvo70gWB3A1NsmPQbMLJcvCdL_7LsSVff90aiJV3yCM7xSbyHXfYn6b_Uqm6gH04J7YRy3g
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMjAzMTgwODgyMzMxNjg5&google_push=ASkJ3FaviuvUBqzRMhmwqn2Ig4Kgpvo70gWB3A1NsmPQbMLJcvCdL_7LsSVff90aiJV3yCM7xSbyHXfYn6b_Uqm6gH04J7YRy3g
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame F576 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOFfd7PfIdDo0las2-zAVN0&google_cver=1&google_push=ASkJ3FZq-KYkCtbX-QYjd5QTM5bn3pUDnDQ2ocirzOoT8SrFEG2WFPLr_mRjjhx_eNpFLs3Y_dFOIQk4T5jCF5AI06m99PFCbGbg
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:52 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame F576 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KvYePimwx_b4dHsZl3GM2jmxgZFhFIuGp4sYABRusmZDe8amDVLHC2rk2BMI2DBvCfHBAh
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
tentacle.js
tentacles.smartocto.com/ten/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tentacles.smartocto.com/ten/tentacle.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.188.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-188-76.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
748f098f044ff2324f32b50ef3991dfcf2b27fe41d0e5950a52e79e22a0cb531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 11:39:49 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=60, public
expires
Tue, 29 Nov 2022 13:15:53 GMT
B28820269.352130629;dc_pre=CMThkbC80_sCFdVx4Aod0DYN2w;dc_trk_aid=543416410;dc_trk_cid=182025848;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/ Frame E7AE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352130629;dc_trk_aid=543416410;dc_trk_cid=182025848;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352130629;dc_pre=CMThkbC80_sCFdVx4Aod0DYN2w;dc_trk_aid=543416410;dc_trk_cid=182025848;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352130629;dc_pre=CMThkbC80_sCFdVx4Aod0DYN2w;dc_trk_aid=543416410;dc_trk_cid=182025848;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=9375
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N571601.2060311ADFORM/B28820269.352130629;dc_pre=CMThkbC80_sCFdVx4Aod0DYN2w;dc_trk_aid=543416410;dc_trk_cid=182025848;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=9375
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12048961.jpeg
s1.adform.net/Banners/Elements/Files/2104702/ Frame FD54 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12048961.jpeg
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d9216c83cfc704feeb678caf5556bf4dc11f5d52d98760f1ea80e944865f55a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
last-modified
Mon, 21 Nov 2022 14:16:56 GMT
server
nginx
x-amz-request-id
tx00000f3c0414756fe4154-00637b9c97-329373d4-default
etag
"2b896b0e6c55910b638dc6aa122dbad6"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
39954
12048962.jpeg
s1.adform.net/Banners/Elements/Files/2104702/ Frame FD54 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12048962.jpeg
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
679b04dd309ca6d40cebcf8fb560aed7bd19fcd078d738f2b3d815affa6a0df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
last-modified
Mon, 21 Nov 2022 14:16:56 GMT
server
nginx
x-amz-request-id
tx00000094e084e9ecedd62-00637b9c97-32940f80-default
etag
"2de8a37e20a5e810e47f9c124eeeaff2"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
45527
dt
dt.adsafeprotected.com/ Frame D66E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=c78623e2-b186-5c67-36c0-d5191a578926&tv=%7Bc:vmuC14,pingTime:-10,time:741,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669727692996%7C%7C492259bb4aff297ae82d475fcc057c2b%7C%7C6663fc817094191839d96ef6de7d9494%7C%7C7643bfbd15ddd1a08ec74ca31802cda0%7C%7C2123dce75b2b30af5a452c0681065544%7C%7C51c342e102e805ca5614de656136634b%7C%7Cbf6d6f6be1b74e0b37336b6572efdd76%7C%7Cc2b841e6b52d6d1118a6553a1e7a6877%7C%7C1663701684,im:%7Bpci:%7Btdr:568%7D%7D,sca:%7Bspg:28a8be3c-e7e4-6c55-84eb-3c31a2bdd451%7D%7D
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame E7AE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee989ae1b4083cf0ab6f2fe74231268cb95a4f93fe624181e1f346692b6e5d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
12048960.jpeg
s1.adform.net/Banners/Elements/Files/2104702/ Frame 1505 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12048960.jpeg?ADFassetID=12048960&bv=0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d9216c83cfc704feeb678caf5556bf4dc11f5d52d98760f1ea80e944865f55a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
last-modified
Mon, 21 Nov 2022 14:16:56 GMT
server
nginx
x-amz-request-id
tx00000a3affbcfdebcad91-00637b9c96-329354d9-default
etag
"2b896b0e6c55910b638dc6aa122dbad6"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
39954
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame E7AE 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Nov 2022 16:21:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 05D2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9H6dv0Xhm02zb1eDPd95vDHb0przBPz1Bn1552TmwA5r9J_U_HPeyGksvZEzOLZxgcWQy1U379CxFcYu-GGl0liSPGDwOXaOwm3oOBUdsmdFE21y9FksRByHSJz6FYz88-kFpfQ&sai=AMfl-YQFQeFxxrmwmiY85ybYszILUxokEltucSmYp70jdUEULomzt_hz5nNVpyXzqoyE6nlRoyd1C4-r2mFVQUbrxgrMrLjaO7kvddCYw9ZxnC0vRMjwIqmu2kC_QrCuv2UxAvprWEVVeGYyWCka7g&sig=Cg0ArKJSzBlT963hus8nEAE&cid=CAQSSgDq26N9b-gASwLoDaO_yQbpMGrNYQJtgMnL5azQ5glU_SgkkDmg0tWVbohs0lHnhhcc2q5Oc1MoMubYm8ZOtHw1eFRbnfReSgjTGAEgEw&id=ampim&o=-100,199&d=360,1080&ss=1600,1200&bs=1600,1200&mcvt=1079&mtos=0,0,0,1079,1079&tos=0,0,0,1079,0&tfs=383&tls=1462&g=66.9393002986908&h=66.9393002986908&tt=1462&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-135-39.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 29 Nov 2022 13:14:53 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Tue, 06 Dec 2022 13:14:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F02 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk5aizAWGY7amCdWNgAfLjLSQDQAAAAA4AeAEAg&bg=!kpGlkdXNAAbvMpMzzzI7ACkAdvg8WuomHZ0-i6Y_li0sU63UsgpIizZrygFRtiCVFG9kSkEl2I-tbAIAAAGxUgAAAAJoAQeZAuXNMHO2Sz0wKyMWmr2CD-ZXpLQTUME_qLuU5wi8kdM7HB97rC4vXZvxpYkqntKjxAPXynk5mKWCHFERdrt-ZW1L8CbwOSlyQGcn_sHdFpM1w6ic82fihpyaDHTqNVca_IvFMss5YgKTuplUoqo1wpKXPR4LPFmrlo_Eot2kj3PxZzYTEpFFPfR_f84K3Or3ICmsMHAQipmykOCpZVSK6dNXBnmVelT0AFa3Xa8dzT540OtkjVI4g96FY4V3jva52PgZ2SCLTiDmiXtp9aNh4PSC_mKcF8CvT80UcRtpdG6dr7QzinzDVoibaL3kV_p4GJfBzwE1S0bu7OHE6maz9lst206PDyJi--0XG3iaQ3rrV1jet-TgSkNQadQpXz8Z535cR1V6Ag04GpysIxoJOUCssPlUHoFfNLQ12TIU0PLMevOeEj2K3pdes6Z2Brdbb28NREZfxA5DZZJOo91NLB0fm68-v-cjsPcOJGn22iwoAJZKm5IxpcuBAZ-4Pi9wMRX80s6zBid3J60becsQI1dBYG39H_L58UcPRsFXM5CEMngH8OPkBa4ZpJ1KsdPVY5yXr8fDjlqO9DhfAl2HFJ-oEaPXA5CMu2KE1RlZDPktlD54SxRfVUbMMHExUmL5jDDqeOzRperry00Y8ROSs7oblQtp0n3kF7F8Kz9qZGL-HApeqzX6Py5la5A22lqi18REatefiHJUiGj_kKVxoQ2oxXkPAjePcNH2CQkn-tpja18BImiipfHfz6u5LI5SFFSnx3LmFmCxvlU8C-0N0RRXbabQPVSzcTrWAs8aa1Gfa4-MHdq8a4blfG13F7zcuzLcZWFZeb1-lfXTJImKYjQADMEKscVMTlWIOvYAQVPZeo_pQNcQ79Tie5bI0puen1JFqCKHYHDDmbVtRlBV8ECZpBvHi1o49YWIKnIbqopWfJMps-KlJb_pGRI3_rrnwtRRTCbqfb4BKZKqltFnLbOMoQnvPNA
Requested by
Host: 4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D66E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttn9aLpwU2E7LKgjfRf4nRCRpOdx5Uv-YaJsSmGcp_1PJUq5KGMhvBqBv7yTm_-Fv3wVSrY0Bx1wU0JZRsj8X-J6_odsnLIMA0eHDELaKDedATqE7md9ukb0xeg8OcHBeBf16Cpp9pEYfCNwPcBa--RJn5fEIwJwTsmjmXUlhI3CuZZMmbNSexvGtdP24HHNedyW9CrXxe&sai=AMfl-YSWaL68SBL6xikE5D2q89FEDWobsKu35aLn1JwR_K2-Ickl_-TP2Za4INfqoH_1didKYNsTStWbXH_dMcIzYXdY0SBVaoApTHIBxHJjOSrLibr7YTQEzTlPoqhoTU7B4kYpHFw1KGXeWxTqJyQU1I-V69Hbbg&sig=Cg0ArKJSzL3l3doULN9oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=551&vt=11&dtpt=404&dett=3&cstd=140&cisv=r20221110.44382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F02 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwUNhywWGY5SrLM3d7_UPjM-dmAEAAAAAOAHgBAI&bg=!CAulC0_NAAbvMpMzzzI7ACkAdvg8Wkg1czvSMScSI_bSBScUtgMR2RjZJAD_y-RlNBZZNi3uXmDPKgIAAAHWUgAAAANoAQeZAuviMwiYOk4yrLux3VM7t6ppjdD9-oNzLAWiVwA4TuOsI5W6X1F1tzQJOD4y6qp8xNhIMWs7gl9JJPWTAo1y5oHQPt4S5Nut4-mF4ayScduq2G56oRshBkjocVh6nulzHySuETwf5m7yD9RP19pV6nUq7SIWFu4G4wYE6-vcxZ8ILr4WEWnrXeKgOvFjZ4RrKGHkog7dtWmFrcUSIuYxsufP4Q0qsvIX6MM89XBBGbMF8IpotHVAsNpfocIez9wWDmpIwPCeUl8pOFCb5VYFNNvdDp9rwEtvQoBfVtpDAprxUlCEL_ntxszHYhvCBJtbIdvOiuu88PkbScgdgbXSVzbs1F2UEgwYTIxLxUdqJ56E8VnEKF7Kbn5hTlN5clPYbm3HnOxQVSBWjo95pSAyfayB3Gqeilc3thb79W1PoPX-QPfvPn5muevUQai0kcY8kegJhjG5dGCVfv-p27k2yCd9i8cOdfpKdNc_YkzqPGsDRUGTeEuItxiLmFgaeFFfcV68THrZyOAX6jkTOWhsXyww6qZu2KQfucA7LkVEClt5YKmAr3T2J9pQ3znSRqxJHmxdPk8tOO5mwebOp_GgyALnXPguI24ZvugwsHuX6fxCmojZg9I8PdAH36LoTmyOQJXvc9zqylM9owXfKbSyGkg64PLhp6fz06YOVKqWUotZWdv7dXqGBavA_oi15BPEkBd-ExvFDgTmx8_1AOqFq62G3bV7d7BbCHzHZcu1TOfob92TBVDIXWNfysgxls-XMaq4Br1wja79P32Im1gHf_K1wq8WibPAVW6DChxPUQ4MjYuGNgFZJbZi9k8OtU1UZeK2ihm9YTwKvFieggCZ55fGtRuXU6UKL6haAvKENkgs-61QGQn0zYLBaS013qux5WWjoqTyb_LtsSSIzNFU7SNdDMxw9mH_Br4SE6kOjwQt6FCvfRx_OggIkwFoL5SXsXKmB_YNPwBF6zRKxEXO4ZWmtQO3-hSw82MQemw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6024915064365129746.json
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3543456/6024915064365129746.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1068647635432243200/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
db713462986609c9c74d35ee67a6effe8cb3b79bb3c86a68f40a3cce25c98eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6320
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:51:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:25:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2A8A 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7a5be6b4e12e1ea26c6a2a917b207d5ecfa25ba27d6c01c8ecc1e3a7c7088618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5678
x-xss-protection
0
logo.svg
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		148 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41539
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 13:50:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:23:36 GMT
72992913a2bda2d119133675964abc71.jpg
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/72992913a2bda2d119133675964abc71.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
f8e5aa3b62ba90b6d0fd454dccfc49991a83f952b2937b4228856c7ef22c6a09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:06:20 GMT
x-content-type-options
nosniff
age
513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19515
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:51:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:21:20 GMT
6287f3b21ed6f4775c7ce1a88be8c183.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		68 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/6287f3b21ed6f4775c7ce1a88be8c183.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:07:04 GMT
x-content-type-options
nosniff
age
469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 14:45:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:22:04 GMT
NewsGothforPorscheWTT-Reg.woff
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3543456/NewsGothforPorscheWTT-Reg.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:07:20 GMT
x-content-type-options
nosniff
age
453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38192
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 14:28:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:22:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2A8A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 13:14:53 GMT
/
track.adform.net/csimpr/ Frame E7AE 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59671723&csi=1bYKVyi37QV0EKWF_k16YsYpi41Qbav-aFsaE_LfZ8cJDwKV3Zer3D8lDpY3EfPkDig2BJl4kbM4F1wOUQn16WQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
boot
tracker_ba.contentexchange.me/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.15.13 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex2.irv.si
Software
nginx/1.21.6 /
Resource Hash
3098d0eaec98f6d0b61e42fdc84009f8576d83750e5015cc69f8b344bfdf65af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx/1.21.6
etag
W/"638605c8bc516d33ca9a3905"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
content-length
17829
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame E7AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDbaJ0VdaD50_rXd4qkq2D39V-K1GLPUOVb6Owh6nNUzKzTrdh8zLE0GEw_sbwlPmsBoF5B84Il_2nZpACW0DJeblWdIkvZli7XfySQXyM9Mx-oj4PfGEILCk7tJmfHLWrPYLoVgenOhcpJCZn4L7as45N7kxhu7OiUO6JSYqAvVGpFgpitCd54Y04yeyIBg-s-Vnd_TmpMWo5mf58WMXHKz4eoAkG4rP_nt5UBTJ6xDNWHbHG1pQxuSOTPil0d-0sZ6bbHtsipBfU0up7LFGMXbV5LCjIxKoV3BMX8k08XCqzLq6KqXb6zc8Q-o8yMFeLvB5d4RwaDaaiYBj207hZUNr46y5t&sai=AMfl-YTdlirupeYycZTDYzMPzHabfj0yTpmMZHqy--Tt2XPvK7pGy1kQXH6NXzGnptJUsOvKDi6_1Pb2tUKAF8D7yzeBBjSesPVeM6r7byXtApzM6sR1oElxlX-5dXEaY8cLV7g5OKzCjTm5qQcHEJ31KNA&sig=Cg0ArKJSzOdR7TEeD0BuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 13:14:53 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 2A8A 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1101613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21678
last-modified
Tue, 21 Jul 2020 23:12:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f177643-eca3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGNjXLxtntxuSysBDcnsYVC7ff35HUUsilheQo6l%2BW5hU9ViM2eKN1oG5YhyTmkPwxuWjNBrc8BUrO7LpyPaeZw%2F4VIicJKsc5b5QanVjK7W7zYgLAuuUSIWcI9mzLt1RpEjL0Cl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
771b9be478a3925b-FRA
expires
Sun, 19 Nov 2023 13:14:53 GMT
93709
stags.bluekai.com/site/ Frame 61DA 		71 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/93709?ret=html&phint=__bk_t%3DVijesti%20-%20N1%20Bosna%20i%20Hercegovina&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fba.n1info.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=97655203
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.108.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://ba.n1info.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

bk-server
a4d9
content-length
71
content-type
text/html
date
Tue, 29 Nov 2022 13:14:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-n
S
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://ba.n1info.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
https://ba.n1info.com
date
Tue, 29 Nov 2022 13:14:53 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
99cde3ac01063d2ff6f1b1aa70dd82f3.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/99cde3ac01063d2ff6f1b1aa70dd82f3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
f6c24cfb79bc066510ca6663d8f5fe7eec9190187daeaa2291f4e6f8a6c84d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:06:35 GMT
x-content-type-options
nosniff
age
498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28953
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:53:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:21:35 GMT
ca4d91f88bb3c183112610f637fc3e32.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/ca4d91f88bb3c183112610f637fc3e32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
f829117cf6947ba7f8ee317661fd211e0d8a7df56c9a0c108cc49844a2e5e90b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:06:35 GMT
x-content-type-options
nosniff
age
498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32812
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:53:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:21:35 GMT
843c046eb13967ff55f49bc7f8db89da.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/843c046eb13967ff55f49bc7f8db89da.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
3900448edd149e0eb13564cce3be3871f8cd500177e02e083134a7c6048a06ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:06:20 GMT
x-content-type-options
nosniff
age
513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34499
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:53:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:21:20 GMT
e68d38c204612035910c63f21a5bf2e9.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/e68d38c204612035910c63f21a5bf2e9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
f5db10b6874742367c911db855b140d43e946bd5e5a5024a1ed4ef999204091e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:06:20 GMT
x-content-type-options
nosniff
age
513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28935
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 09:53:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:21:20 GMT
a60f9d4a416a39527e57f4608d900d90.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/a60f9d4a416a39527e57f4608d900d90.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
fccfa7e4b12bad4c95a255b9a519d2c69aff2acc927dc51dc6be0a9388e88e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:07:10 GMT
x-content-type-options
nosniff
age
463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32463
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:06:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:22:10 GMT
b8de8cb1d45ff7a609076717fd1c62eb.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/b8de8cb1d45ff7a609076717fd1c62eb.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
9cae3d6821235e0ba8bf3721a1b106dcd718ba45e626ee5c3118261c112795d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:10:10 GMT
x-content-type-options
nosniff
age
283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19474
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:25:10 GMT
7eba591d8dfef215163a724ae91aba48.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/7eba591d8dfef215163a724ae91aba48.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
5e3f9283943f026394f2c5386a1d0a95cf809a6a4b1f3f3c6a619d2c4dd314e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:10:10 GMT
x-content-type-options
nosniff
age
283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15590
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:04:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:25:10 GMT
a2f1db8b3569b479e9e8489406d7e19e.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/a2f1db8b3569b479e9e8489406d7e19e.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
4afc8d3336a63f1cf33eb39f0fff7dec5800856b2f3c79bdb0e38f6b3d1b0d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:10:10 GMT
x-content-type-options
nosniff
age
283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15237
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:06:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:25:10 GMT
9e14e28b446e7f15214da1f95bb309fb.png
s0.2mdn.net/creatives/assets/3543456/ Frame 2A8A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3543456/9e14e28b446e7f15214da1f95bb309fb.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
250c5546cb3d3db1491e150f0ea7216aca300d4f28ceb532cecdbab17b7e24e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:10:10 GMT
x-content-type-options
nosniff
age
283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20055
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 11:06:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:25:10 GMT
12046857.js
s1.adform.net/Banners/Elements/Files/2104702/12046857/ Frame F512 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12046857/12046857.js?ADFassetID=12046857&bv=257
Requested by
Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
604976bcfb8fafbf99e4e400f9ca0ddc91626568ea54fdf2326dc5e7cac90ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:27:40 GMT
server
nginx
x-amz-request-id
tx00000d0577ddffeb768f1-00637b6a0a-329354d9-default
etag
W/"ecaff079a6e43860375f36f165e02c5c"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 472C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 21:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 21:51:48 GMT
dt
dt.adsafeprotected.com/ Frame 7687 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1190396&asId=28a8be3c-e7e4-6c55-84eb-3c31a2bdd451&tv=%7Bc:vmuC7i,time:1219,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1219,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1211~0%5D,as:%5B1211~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:209,fm:toA7ezL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1190396-65998078%7C181%7C182%7C191%7C1a%7C1b%7C1c.1103447-64557517%7C1c1,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:26,sis:278%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.37.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-37-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame F512 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000a37373505363f9f8-0063766185-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F512 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 13:14:53 GMT
index.js
s1.adform.net/Banners/Elements/Files/2104702/12046857/bvpath_257/ Frame F512 		147 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12046857/bvpath_257/index.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ea82bbd2874d8fbbffb40bea6c4268a884105939cca8171c1921cf367fd35cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:27:40 GMT
server
nginx
x-amz-request-id
tx00000864d136c433a3684-00637b6a0a-3293868f-default
etag
W/"92efa6221cca71eca3479ff44a54958a"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.min.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2316599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11066
last-modified
Mon, 04 May 2020 16:11:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9d-9079"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1%2FRKkSuA0J%2FLp0R2leSrM054S9DoLwuB%2FiwJ%2F6W2IiqlDDt944ly6RbeNwsfxMN2h%2FHxkNTQE3uf6vtgahyXllbbjDI16QYqD%2FYUIRmjuSUOe0m7wsAzehSsg9xonWUHoxeFG0M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
771b9be50981925b-FRA
expires
Sun, 19 Nov 2023 13:14:53 GMT
index_atlas_P_1.png
s1.adform.net/Banners/Elements/Files/2104702/12046857/bvpath_257/images/ Frame F512 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2104702/12046857/bvpath_257/images/index_atlas_P_1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f2c0dea9d0e385e86179f8fe584ce9e9400819f0a927492ca3af16e5e03d8569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:53 GMT
last-modified
Mon, 21 Nov 2022 11:27:40 GMT
server
nginx
x-amz-request-id
tx00000f612ac782fab52e0-00637b6a0a-32941e2b-default
etag
"ec1460a9cb22f4c87c3f277db34a92b8"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
51539
img
sync.mathtag.com/sync/ 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 169 32252b7 master cdg-pixel-x26 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 13:14:54 GMT
Server
MT3 169 32252b7 master cdg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 29 Nov 2022 13:14:53 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=2e92f153-7736-4874-ba40-06a594973432&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739...
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=2e92f153-7736-4874-ba40-06a594973432&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=2e92f153-7736-4874-ba40-06a594973432&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
479
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9e03f451-42d1-4b9a-bb2e-cbadf365c8c9&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXvJw3go1-tJsY8nLAmdNs&google_cver=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQ...
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXvJw3go1-tJsY8nLAmdNs&google_cver=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXvJw3go1-tJsY8nLAmdNs&google_cver=1&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7171425838958770328&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7171425838958770328&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7171425838958770328&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Date
Tue, 29 Nov 2022 13:14:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
v1
match.sharethrough.com/universal/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.182.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-182-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:14:54 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=24da0498-dfdb-4c36-9321-225aaf37776d&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739...
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=24da0498-dfdb-4c36-9321-225aaf37776d&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=24da0498-dfdb-4c36-9321-225aaf37776d&gdpr=1&gdpr_consent=BPjPDnbPjPDnbApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1929351
content-length
0
expires
Tue, 29 Nov 2022 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E7AE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmm6GiAmkAI33xWSK2wxAMN0pfnpDr9aLHIxGWbClXTttIt2ghPjSIARi7lTQUAWpnDaK6cSOiT-V1KFvLZ_iWfK4a-QrJcMkzyN8SP_qPVqtbwuQXmnem5qcDmuW_S0Cz7QJyra8n64mljVvlb9ILPFVpeVd8Fe8Vkb_TOUamtBC9XfUWAPwdgQ&sig=Cg0ArKJSzMmQIS3hjrd4EAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3591379633&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669727692685&rpt=821&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/Event/ Frame E7AE 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59671723&event=178&time=2&baid=56428069&name=Viewable%20impressions&imprid=8995471117553849279&icid=751203180882331689&eData=1bYKVyi37QWtOZnLIpidgZ7ajRnpNj1HYaJU2uM20NkeVZRfD4cQy4RuHtrVho245Ajpp0afcRAau94oJsHc8Q2&rtbdata=Ade0AEWu5LOUSJMHUJYX5u46hnxdg0eqI7dDWA5-9pUE_Wbr4wBf4EdlYceIdlNZ8FjiAZlrHrNlQlEd3KSQ_LMWGyRsdRhEEbFcpDqa96vvMHozR3O6QSfaY_1uO4hWtJ4O5-60MG-JbxrYjOJesncU5MQfL4sx1a6iBU_n379FpyHU7Kt1IJZ9QM3oeu6X3CNAwpwVJhQZxmfHT-Y4GBpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRdV-_tPjuH7nHVSrxQOgwUeA4_xXm2AhV0&rtbwp=Y4YFywAFOjwHg4jBAAO3NeyGX2naFewUVt06_A&rnd=891609953
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E7AE 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=751203180882331689@@59671723,8995471117553849279,100|1185|0|0|0|0|0|0|0||40|1|||||1|0|0|cZl9SAl3NQy48M5tcwHHbfU_kosrb9STkDQ8wo9et5sqWW8lPQnBfhhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 1505 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=751203180882331689@@59684398,2592358787620317277,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|ffUCUj-E8PG48M5tcwHHbfU_kosrb9STkDQ8wo9et5tufmOVnyqqqBhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E7AE 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=751203180882331689@@59671723,8995471117553849279,100|4784|0|0|0|0|0|0|0||163|1|||||1|0|0|cZl9SAl3NQy48M5tcwHHbfU_kosrb9STkDQ8wo9et5sqWW8lPQnBfhhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
rexdot.js
gars.hit.gemius.pl/__/_1669727698765/
Redirect Chain
  • https://gars.hit.gemius.pl/_1669727698765/rexdot.js?l=100&sendf=8&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba....
  • https://gars.hit.gemius.pl/__/_1669727698765/rexdot.js?l=100&sendf=8&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...
169 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gars.hit.gemius.pl/__/_1669727698765/rexdot.js?l=100&sendf=8&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=jqAaczyuxpqYCGIXAXLQfyEusnmU2VK2jb_c2HIx_xH.S7.saN3R9zhB0tviijii7E4.PxcT_Sc94RkL.oV2a2jvkgNh/yRHKftQsbwvj0/&fpdata=-TURNEDOFF&ltime=903&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638605c82d87aaf8
Protocol
H2
Server
141.95.172.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3214334.ip-141-95-172.eu
Software
GHC /
Resource Hash
45c64b84c7eeb59b5cb16e4b23f8c8094bd40933c497c757298091507a7588e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba.n1info.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:58 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Mon, 28 Nov 2022 13:14:58 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 13:14:58 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1669727698765/rexdot.js?l=100&sendf=8&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=jqAaczyuxpqYCGIXAXLQfyEusnmU2VK2jb_c2HIx_xH.S7.saN3R9zhB0tviijii7E4.PxcT_Sc94RkL.oV2a2jvkgNh/yRHKftQsbwvj0/&fpdata=-TURNEDOFF&ltime=903&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638605c82d87aaf8
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 28 Nov 2022 13:14:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ls.hit.gemius.pl
URL
https://ls.hit.gemius.pl/lsget.html
Domain
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
URL
https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/1068647635432243200/style.css

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| ft object| wpp_params object| WordPressPopularPosts undefined| do_request undefined| num function| $ function| jQuery object| addManagerParams object| objectPathUrl object| Foundation function| generateMenu object| w2g string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| dataLayer function| OneSignal object| mpn_wi object| mpn_ref object| mpn_sid object| mpn_dt object| mpn_ns object| pmn_os object| live_blog_settings function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup string| heateorSssWhatsappShareAPI function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS object| wp object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent number| CB_jQueryHoldReadyStarted number| ts number| rnd string| exts string| exuniqueid number| bfsample object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| google_tag_manager object| google_tag_data boolean| lwdgt_executed function| lwdgt_process function| cmpBundleComplete function| cmpBundleComplete2 function| generateHash function| w2gWhichTcf function| w2gTcf2 function| w2gTcfapi string| GoogleAnalyticsObject function| ga function| clarity function| fbq function| _fbq object| _sf_async_config function| ym object| dm object| tentacles function| bk_async number| DEBUG object| _contentExchange function| getNativeConfig function| gtagMPNative function| gtagGeneralErrorNative function| gtagAdMissing function| gtagHttpErrorNative function| gtagInvalidWidgetIdError function| gtagNoAdServersNative function| gtagReattemptLimitErrorNative function| gtagInitialiseFailedNative function| gtagInvalidClickErrorNative function| gtagSpaPotentialErrorNative function| gtagSpaErrorNative function| gtagItemCheckoutListNative function| gtagItemPurchaseNative function| prepareNumberForAnaliticsPriceNative function| createCommonCssPropertiesNative function| checkClickAmountNative function| createCookieForAdNative function| getCookieForAdNative function| setItemClickedCookieNative function| getExpireDateFromCookieNative function| downloadSSLibraryNative function| downloadGtagLibraryNative function| handleErrorsNative function| handle204 function| makeScreenShotNative function| setFontNative function| createFontLinkNative function| createCSSNative function| setClickTimeoutFlagNative function| clearSavedIdReferenceNative function| openNative function| openNativeLink function| formatTimeNative function| formatDateNative function| handleResponsivenessNative function| handleInitialResponsivenessNative function| prepareVolumPixelNative function| monadCreateLogoModalNative function| showModalHandlerNative function| hideModalHandlerNative function| monadMoveEyesNative function| createModalCssPropertiesNative function| checkIfItemIsInViewPortNative function| checkIfDeviceIsMobileNative function| iframeDetectionNative function| iframeDetection1Native function| iframeDetection2Native function| iframeDetection3Native function| saveCurrentlocationNative function| initiateSPAFixNative function| multyWidgetsInitialCommonFunctionsNative function| initialiseNativeWidgets function| initialiseNativeWidget function| createElementsNative function| confirmIfAdWasRenderedInDomNative function| confirmPixelNative function| checkIfValidClickNative number| __oneSignalSdkLoadCount function| __jp0 object| sizesBillboard object| sizesInfeed object| sizesSideBrandings object| sizesSideBanners object| sizesFooter object| sizesInText object| sizesAfterText object| sizesDynamicInText object| pbSizeBillboard object| pbSizeInfeed object| pbSizeSideBrandings object| pbSizeSideBanners object| pbSizeFooter object| pbSizeInText object| pbSizeAfterText object| pbSizeDynamicInText object| mappingBillboard object| mappingInfeed object| mappingSideBrandings object| mappingSideBanners object| mappingFooter object| mappingInText object| mappingAfterText object| mappingDynamicInText object| pbjs object| conf function| __cmp object| reloadAds object| googletag object| wtgAllConfigAdunitsReload object| CookiebotDialog object| CookieConsentDialog object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| google_optimize boolean| DotMetricsInitScript object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut function| display_contentexchange function| display_trafex function| contentExchangeLoad object| t boolean| tentaclesProcessedABTitles number| tentacle_timer_apply boolean| tentaclesExecuted object| tunnel object| DotMetricsSettings function| html2canvas object| Ya object| yaCounter71048401 object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue object| apstag object| DotmetricsJSON object| CryptoJS object| DotMetricsObj function| pbjsChunk object| _pbjsGlobals object| ADAGIO undefined| google_measure_js_timing object| tentacles_pageData object| Criteo boolean| apstagLOADED object| bextag object| bex object| adformtag object| ingestion object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| sas object| apntag object| _ADAGIO object| Adform object| _adform object| _fscope object| regeneratorRuntime object| ox_esp function| setImmediate function| clearImmediate object| criteo_pubtag object| criteo_identitytag_132 object| Criteo_identitytag_132 function| __esp_getUID2Async object| __uid2 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state function| addEventListenerBase

82 Cookies

Domain/Path Name / Value
ba.n1info.com/ Name: INGRESSCOOKIE
Value: 1669727689.223.2227.340626|9b46e68633bb51e0b0e8d00db72c0748
ba.n1info.com/ Name:
Value: cx_test
.contentexchange.me/ Name: cx_id
Value: 638605c8bc516d33ca9a3905
.contentexchange.me/ Name: cx_last_match
Value: 1669727688934
www.clarity.ms/ Name: CLID
Value: 0dfae243656f40f9abb193a0a9355332.20221129.20231129
.n1info.com/ Name: _cb
Value: CN5dXBC4kSTPCRQigl
.n1info.com/ Name: _chartbeat2
Value: .1669727689123.1669727689123.1.JT5BOCRuXx5GC9B2BAdPXay2kvH.1
.n1info.com/ Name: _cb_svref
Value: null
.n1info.com/ Name: _ga_EPGS7W0SPD
Value: GS1.1.1669727689.1.0.1669727689.0.0.0
ba.n1info.com/ Name: cx_id
Value: 638605c8bc516d33ca9a3905
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=ae717ce7-f343-4100-9772-0836094a71a9&Created=11/29/2022 13:14:49&UserMode=0&guid=6e8f7e24-9446-417c-a222-7a06db9cb4bf&ver=1
.n1info.com/ Name: _fbp
Value: fb.1.1669727689646.1796608688
.adform.net/ Name: C
Value: 1
.n1info.com/ Name: _ym_uid
Value: 1669727690750919842
.n1info.com/ Name: _ym_d
Value: 1669727690
.n1info.com/ Name: _ga
Value: GA1.2.1659247189.1669727689
.n1info.com/ Name: _gid
Value: GA1.2.938808586.1669727690
.n1info.com/ Name: _gat_UA-51336095-6
Value: 1
.adnetwork.agency/ Name: cecxh_u_key
Value: 90f61af2-5c61-439a-8c68-aabf5eecfe00
.adnetwork.agency/ Name: cexh_red
Value: 1
.n1info.com/ Name: mpn-devE_ga
Value: GA1.2.1659247189.1669727689
.n1info.com/ Name: mpn-devE_ga_gid
Value: GA1.2.453490437.1669727690
.n1info.com/ Name: _gat_gtag_UA_162781796_7
Value: 1
.n1info.com/ Name: mpn_ga
Value: GA1.2.1659247189.1669727689
.n1info.com/ Name: mpn_ga_gid
Value: GA1.2.894091185.1669727690
.n1info.com/ Name: _gat_gtag_UA_162781796_6
Value: 1
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 587288046fake
.adform.net/ Name: uid
Value: 751203180882331689
.n1info.com/ Name: _clck
Value: c6to3|1|f6z|0
.n1info.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 649097547fake
ba.n1info.com/ Name: DM_SitId495
Value: 1
ba.n1info.com/ Name: DM_SitId495SecId2420
Value: 1
.adnetwork.agency/ Name: contentexchange
Value: 42784c3869f050006e8488280489
ba.n1info.com/ Name: _pbjs_userid_consent_data
Value: 5094732098885957
.yandex.com/ Name: yandexuid
Value: 5270484041669727690
.yandex.com/ Name: yuidss
Value: 5270484041669727690
mc.yandex.com/ Name: yabs-sid
Value: 1268027501669727690
.yandex.com/ Name: i
Value: FPjnoxSJQy3ZofcpNRCPDhd1YlFr5FI3WD8lNrpmOH8kArVh+vxmSDV/taPOWk18W1G60iXixxo9A9N+HP+5pzl6ZxM=
.rubiconproject.com/ Name: khaos
Value: LB28R7Q6-1H-J3FI
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqxt8xJLw9MZQLgd+PzhHkUaOgd+vHJPmJTKRd31SdbDRrr+AebWfbBwFCfoC+4IsVfsarUO75z49E6gTCXDFU0vjgxBZdDkH5PsR+566iZHVDRw4End7d7+M0G1ot9S/k3CpdEDWBsWtb4cqRf/C4IWWLsIKAg9cLdnrJW3U7iJCye+Qywg9VNI3d+q7tt3l7poO3KZMNPMQ==
.openx.net/ Name: i
Value: 716ca08e-3f5c-05a6-2418-c3e769eedeb3|1669727690
ba.n1info.com/ Name: _sotmsid
Value: 0:lb28r7si:Cb1kAUBQMIkRFnEuAIjWWfqzOBzhs~ra
ba.n1info.com/ Name: _sotmpid
Value: 0:lb28r7si:Rl5~VOuYf1q_OMrghM2QX9IX0DJ~wSHd
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 526594=5212154
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.yandex.com/ Name: ymex
Value: 1701263690.yrts.1669727690#1701263690.yrtsi.1669727690
.n1info.com/ Name: _ym_visorc
Value: b
.smartadserver.com/ Name: pid
Value: 5864312831265897204
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=160067658&lo=-415003147&lt=638053244907257976&o=1
.n1info.com/ Name: _clsk
Value: 15x71f8|1669727691505|1|0|h.clarity.ms/collect
.adnxs.com/ Name: uuid2
Value: 7095112750991948146
.adform.net/ Name: TPC
Value: 1669727691921
.casalemedia.com/ Name: CMID
Value: Y4YFzApPPf0B8sszMUHZ.AAA
.casalemedia.com/ Name: CMPS
Value: 1130
.casalemedia.com/ Name: CMPRO
Value: 1130
.c.bing.com/ Name: SRM_B
Value: 2423EEF8E0E16007343BFC93E18A6160
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2423EEF8E0E16007343BFC93E18A6160
.c.clarity.ms/ Name: ANONCHK
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$IvQ%#U!]tbPl1M>e)ZlrFUfJ+tGXxoLZ0G_@RjQNAJ($pdP:/?XRnrpFc?03++3AJY*bpRz*qF1`*b^$N)fSiB
.doubleclick.net/ Name: IDE
Value: AHWqTUm-sFngQL3mdbY7Lmc1BbNNfZM1VTFtC78uOC1RRkVdQBg85xr3VmSaGggV2KI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.n1info.com/ Name: __gads
Value: ID=db1ba9c4f608df53:T=1669727691:S=ALNI_MaU-SXftyYxnRkWduusArT5XbonNA
.n1info.com/ Name: __gpi
Value: UID=00000b8a1976f5f9:T=1669727691:RT=1669727691:S=ALNI_MazMAVjHmQ0rJZuFlcFrLu8ezkgeg
.criteo.com/ Name: uid
Value: 24da0498-dfdb-4c36-9321-225aaf37776d
script.dotmetrics.net/ Name: AWSALBCORS
Value: o5YznqhO53OztnPKGr8Q+Vq+tCvlszkeG/xP/uyCbvupKvwixjm3hEFtXPPxwPaAKSQZN7swVqNkqtlSMSwFS9Ycot4gSB4ImwUIjfaXkgO0p54HZRURK2lIpjeC
.w55c.net/ Name: wfivefivec
Value: TAMG3u1R1P00rP5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2259852FB9-239C-4F3F-8B6A-A9FDC30981D0%22%7D
.blismedia.com/ Name: b
Value: 638605CD5E3A062F67996212BLIS
.n1info.com/ Name: cto_bundle
Value: g26eOF90bEl1bWhZalJJJTJCODQlMkZqdHZwMHVMc2lVOXdFNTNDMnNBY1h3VWZ1ZGlPJTJCUk54bnY1V3ZDZiUyRkRDc1ozdnlmYmppamFybWJlS3BPenV4QXNsR2NFV2t0a2xvUXRJanBpa3RFNGclMkJ0YTNpZXFaQW9SU29vZVl0SiUyRmhMRGNMN3hZaUJOSE9wcjZrdHhLVUJzcjk4NEx3T3clM0QlM0Q
.w55c.net/ Name: matchgoogle
Value: 5
.de17a.com/ Name: guid
Value: 1.3383833564431761983
.openx.net/ Name: pd
Value: v2|1669727694|gu
.adfarm1.adition.com/ Name: UserID1
Value: 7171425838958770328
.adsrvr.org/ Name: TDID
Value: 2e92f153-7736-4874-ba40-06a594973432
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjKt_j5zYWpOxAFOAE.
.smartadserver.com/ Name: csync
Value: 75:2e92f153-7736-4874-ba40-06a594973432

6 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9837.POlYMikk5tbeqKadPaTSBxvnKqybWCq188TFwziHJNNtlnYuNkaRqD44iZKrkZteOem4i8eu8VXUn_0nWjv3_Q%2C%2C.0pBnJpgSLcsRdZCmMkI_YSduwPc%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://s0.2mdn.net/sadbundle/1068647635432243200/index.html?e=69&leftOffset=0&topOffset=0&c=IgP396iiuW&t=1&renderingType=2&ev=01_247
Message:
Refused to apply style from 'https://s0.2mdn.net/sadbundle/1068647635432243200/style.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
javascript warning URL: about:blank
Message:
The resource https://rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
api.smartocto.com
ba.contentexchange.me
ba.n1info.com
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.monadplug.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
collector_sr.contentexchange.me
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
csm.eu.criteo.net
d3div1mtym39ic.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gars.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h.clarity.ms
hb.contentexchange.me
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id.sharedid.org
id5-sync.com
images4.contentexchange.me
ingestion.smartocto.com
lib.wtg-ads.com
linker.ba
ls.hit.gemius.pl
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
oa.openxcdn.net
onesignal.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-sync.sitescout.com
pm.w55c.net
prebid-eu.creativecdn.com
prg.smartadserver.com
prod.uidapi.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.nl.eu.criteo.com
rumcdn.geoedge.be
s0.2mdn.net
s1.adform.net
script.4dex.io
script.dotmetrics.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.wp.pl
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
sync1.adnetwork.agency
sync2.adnetwork.agency
tags.bkrtx.com
tentacles.smartocto.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
tracker_ba.contentexchange.me
ug.contentexchange.me
us-u.openx.net
waytogrow-d.openx.net
wrappers.geoedge.be
www.clarity.ms
www.contentexchange.me
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
4866d3c9e7048ff97ea0c435fc8912e1.safeframe.googlesyndication.com
ls.hit.gemius.pl
s0.2mdn.net
104.16.86.20
104.17.24.14
104.18.10.188
104.18.11.188
104.18.226.52
104.18.33.19
104.22.53.86
104.22.55.206
104.26.14.10
104.26.9.169
109.206.161.115
109.206.182.78
13.107.219.45
13.32.28.197
141.95.172.71
142.250.184.206
142.250.185.102
142.250.185.162
142.250.185.168
142.250.185.174
142.250.185.198
142.250.185.234
142.250.185.65
142.250.185.67
142.250.185.97
142.250.186.130
142.250.186.162
142.250.186.66
142.250.186.98
142.251.5.154
143.204.215.77
146.59.30.96
162.19.138.82
172.217.16.132
172.217.16.195
172.67.206.57
178.250.0.130
178.250.0.138
178.250.0.139
178.250.0.157
178.250.0.160
178.250.0.165
178.250.2.129
178.250.2.150
178.250.2.151
18.190.65.196
18.195.166.51
18.203.49.121
185.184.8.90
185.29.134.248
185.60.216.19
185.60.216.35
185.80.39.216
185.86.137.108
185.86.139.57
185.89.210.122
185.97.52.29
188.114.96.3
20.234.93.27
204.79.197.200
212.77.99.29
213.155.156.181
213.19.162.41
216.239.34.178
216.239.34.36
216.58.212.130
23.205.226.58
23.3.108.242
23.36.163.230
3.122.182.165
3.219.86.100
34.102.146.192
34.249.188.76
34.251.7.23
34.96.105.8
35.190.0.66
35.244.159.8
37.157.4.25
37.157.6.236
37.157.6.245
46.19.11.36
46.19.11.65
46.19.15.13
46.19.9.11
46.19.9.32
46.19.9.50
52.10.37.64
52.223.40.198
52.224.31.34
52.51.156.2
54.71.217.198
65.9.66.21
65.9.66.83
66.155.71.149
72.251.249.14
81.17.55.113
85.114.159.118
87.250.251.119
96.16.135.39
99.86.1.2
99.86.3.236
99.86.4.122
99.86.8.13
0026cc19602260508aaf1cb5c76469fa7d07929de596633d95e18d8d4170aeca
01407c7390c6b0c5bef7fdb0f10e932fa875373919b5fcff7af773d7e10abf5f
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e05328b11738adc204d2588d388ffa90331e81ddf94bcd3d0b0cf7b1dc06ee
02ef7a7894c90c45474bd08a852a58f20cd8176989c2bf4f001bbdec26eaa9b6
0304168b6aaf7466c7fc26104d7d7d627fcc7a3efa6398fc346910db9dca414d
04c01db8c7edffe053f2f6e039d16d4171d690474753b20b40f32157c413e975
052ca306b1cc2092554cc4cc2ba776dc825f5eeab768df536043b51f529d6e7d
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
05844e1731e3c884da07c1c590a647504d327f66e8ef8c28c88bea6183c25668
060237f074936b54a16597afe583ce7b32245528a39c59ff8e4a52745207cf6a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08487b6b4baadd62d1a93ed1b6cb9f3442b69f9526634cbeba8f1c9c5a24be4d
09221a97c1b1c0789594cfd3204c1730632d2a23510fb6c6b68e1031090f02d6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09e9a495010d3ae94a44a71dc9304e8ff5216e53913948183a4d1cbd52b49cd3
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0aa134e279eec37f2f91739edd89ff4c21288bb9de59fdddcbbeeefad414edb0
0acf188b877847f05d8aad71df93b047e03795ad7d3ef28a1af0d3c36c378ea0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c186a16099f669961ae7593298d365a8ca4578adf9aba75b26c9b0ebd9b427e
0c4631b99bfb39f2ecfae0ba9434e4a266fc6a21be8cdbc0eeb505237c0d807a
0deca67b61d1ff6e984979a861ed4299d4e588cacf287cdac989e8f444f5a5e5
0e3a3951abf590eb48c95a3a6f5a1cd375a42dc6db1bcc5d83742248334e3d2a
0e6c39ca4e5a35d2b7425c6542e999aa7109b66ef72566a55dd797025c7eda4b
0eb8e321b1bc76c270d333f53b798903af7439d037df86348eda7ad10a3a7946
10239ddf3c790d4d6408ab2f4294559c8ede291d339a99b74b75f38589c96e87
1039d38c88f07c3bc488482908a6149b9b08423c19be6a286ce38f6e9b51a692
11448ecc103dfc9caee847eb8f26104dad1d25a5e79100151fdc99f0af19e176
11a850ac168696a4c6ad04c569817f0405aca5da1c24fca0a0465007f7e412ce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1360fe8efbd1442e5a366cdbac6b6731c1d3f6d57362a44d37da22d7739b99c7
1513359af551aa5d164d7318ecd2dda6cece34b76ffd8ba108630ff38047bffd
1545187c9f91f90bfbea1b9b7a3d4261073594d2c8bf6cd0046fc5f6144e38bb
163d8bc5b9d16a7224a59b509a8f74fe7a182fa478c852d6563a08291239b828
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
189433fa983a405badda1a13854ac9f53c87d386deda1723f3028b57c83de640
19272f6d3c019a9941a76e3eb25e724f89b733f99f326280395c8e27495eb695
19960cb7b30118c5004765157e0882439da93d0444401d4b6d05ad596c9979b3
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1be23127b9a0bc74d3169b97c2a85e6ccf4d2aa7b0a12ffa6077c9ae2342c93f
1bf25cdfe2fc605cabbd4e4ddc260d118bc14114e201bc74b4d32c3289605881
1c1e8a9e1341b6291660caf4c03c37cf6986b1431b5d3cd5486942d47373bb2c
1c2faa6174878c7411f389bb07dd922a19ffa214a875b13c21b67c3bb5b406f8
1c9ad49717ce8fce399715f04233409d979807ab4f353b05ec98a7e2208af2c9
1d46ba24c1dcca5785c78f37a72dd53cfbfa7ab25ace161ce106d740cfe69eac
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f4040b256517d8b2f661bcc9a465e9ec8328558c06b421cd8953bc831238016
20584ea5e23cfa259c1d35d09d0f2408c8cbb6ac40522da90ffc126a3b1e13ed
2346a0e6f414698984efac6b133868928fb82e533360d88f6bc6ab1bb932e94a
23e2e35f1d3ed66e9a5b85671b932f088ea89f996c645e95e58c581c92974c6a
250c5546cb3d3db1491e150f0ea7216aca300d4f28ceb532cecdbab17b7e24e5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
280865333e4cb34a25edf5eef36e6d09915d94b783322e3869f2f23b341fe02f
29f64c686fe63f32baf9470e6db4e890b77b88c5b58e88560437535b766c30a0
2abca3763edb10f04d00c3ce560c4b6cad28dbecd8419e27ca18e21391226b74
2bc63f7b67c742b65068070ad7035f6bae252b8d85f6d88ea36edc2596a78442
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b
2e54d09aefdcf93b7d7e00e7e3dc528d82bf9fd89370e0e7f5f253a4fb09930b
2f5ac802dda6495c6fc363fec22daa17fd539878df9ff6dd1ccb840c8071d503
2fa6e6b6d5f01a156bc7893a7ec28b778aeb66b02d5a692afc1cbc19d6e26a57
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3098d0eaec98f6d0b61e42fdc84009f8576d83750e5015cc69f8b344bfdf65af
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c7405b518fc46286b149fa379f8d911c05127dad6f8a8494eaed10926522fd
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
343360584576429d664ec5cb08d5d2003251a1587a739e3c32cf12b382e55de5
351155e0ca67e2fa9869dad9b0c5a83defaa2a59c5be7865c1933e9f2766153a
3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f
359aec9c030d015e48df904a4179c81c52cc8cb983d65251ad770bb3cc5cb0e3
36262942d3d2108762f6b03a229c3495c146b9abdfa53ebcda4b191d2968937b
3671f064e11fcb610a596e9efca38ca1faa433c255c4abdd093183b93a2ed52b
3898341348e707a2908bbb226b1f23d6ffa5bb2038180de5ce2b1bebaf23f7ec
3900448edd149e0eb13564cce3be3871f8cd500177e02e083134a7c6048a06ec
39fe36f34d681cac32c40fdd65fc8f42262a73516c40987cc481a868a346565a
3a0aa9c228561784f0b76145ec242b68d967943a4569e022097d1ef1fcbbde04
3a37358c11882b5b4483286b5984677dd11fd85f84eb91122ac6866376e1e9c1
3ae68bed0944154a00f2371f711d1ee5253d80443f7e3b3b6b69320783f9ddf6
3b88f30028de2a4ceb0296d8ca75adeab4d6a61d448ab09c5aa3868a55a77b6d
3c443e28e9a0c2b2d9e32da1817c45076cc871ec13fbe8af360f92daf3e14d65
3cbc1f1a9dc92e26cf270a0688ebf392c73a9cfbca2422202a68027abbf2834c
3cda4d47d62644aeccdcf6ba57cf18949b666fae190b3f2786dbf15fee47abe6
3d2ef14c486fc9cfe09da82714a65ac843191f35a48498b8bcb25b4ae1610e32
3d6222f139b4071e1fc7a0a79c0da03b2b1c5ba857ea46d547528112ec8614e7
3dd9d4728dba07db796ecec27c7a6dacd4df482f44852e9bce54eef2e280a917
3e79cd45eaa04e9e6b56500ddcdf65071e41af5c88099222651372d26c4a2d0c
3f2ad2f4f3160b674a3dda2d973516946b5186ef40f09880e1e341b5f1b2c2b5
3fb1594cbb989b25497242af569883075f2209667caedcd9e94cd470357593b4
4099f69b85b3b8b11476d57c606eadf52662b5a74330de2f2c1926cb3d2841f2
41890030c99106ddf45cf2dc51b9ed0241bca57ac0febf325e66c17f825d5738
4271e79969552a80c34be48c5a741d7a6178827b732b072629e485e9ff7641d3
42fc64c3fd340d26050a5ecb1ec631d8815ce425a8ee31cf03c58ceee80b87b7
43a5264c7e4b7ead753a1fb9b647b950336ccf2659b311a3ac7a976b9a870b34
44d8e0a002b249e53e1adf57e16edae56f8e8b747f791a0c58c7a68f0a5b997c
45ac8a9ce40a22fc1ccd820bb87721fa79c1f406d0cd38b4c9bbe5664dbcee2e
45c40aaec97fbe3e31ffabe9947721438b0f9a858faf61dfd5f89b98168ecef5
45c64b84c7eeb59b5cb16e4b23f8c8094bd40933c497c757298091507a7588e5
46372e0e193b38780216e7f2e828bf072726f0458a14320ebf8afbc99c3d58d4
4662b69107f6c77b93f5efae512a526df00ae9881360562d01c5747626458c0d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4766e328fae56d6b79bc8ed7555235951617fb38a72ed02e387bfe938ddbe3d1
484e0948c10744fa7075ad1d13a6da2fcd66bdfe4f1235edcb4ff683ab8ad511
4afc8d3336a63f1cf33eb39f0fff7dec5800856b2f3c79bdb0e38f6b3d1b0d06
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5c370d25a23abb77a8bb85f6cb0993483781e955dfb7fd5511b891e982759e
4e932716fcd14e54f1050f0ebd4aca9ce02a1d3d4ee80d35fc9caf1b83245c59
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50747b37eb3a695e024dea86126c2da52a485bf45176f8e98469beb6cef04b26
5225336b845641f51f0ef67b91af970c67a717514952557796a51219a1100c76
5313a1a888f3b4aff955ebbae7c3a8c39e03d3aeb29a3e7e703a151122f5b536
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54060db83e49763f64477ffbd51ec2a34e40a91b1c0807a6a3f1fdfe983c88ac
544495cc3f17a4b84fa4eb12b28394ae7581d633f0fd43e14c9aeef41833a9be
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548e73c652d334e7e64e974f5da120a864a13a7c125203f127f74de64526887d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c69db3bd4f5b460b3d6f1467dc7e8e85404c0e4ad2b10a5a7e211d52998b9d
550bfcdef7071fe75a44fa8954411401ec80ad4df12a27c2bb438a950f9ac3d0
5517bc68270f0b2b7602c7a3dbff959f3fa9026bf7b33e9bc15a6815edce69ad
56d397821afe79df6bc7243638b79deea58cfe58ea35a57af38fa93b957325b6
56e454106a3207c726341d25272479a9d78e7804edff29d271555921256959da
57ed833cd86d4c365ef135ac98a29cdb161292c765899ab0c112eae9ea0987f0
5a15b9924fa1dcc8ce4d6e3679f736301380611dfd792e2804ce43c95594124e
5a92193e1c8a6757c6542fa276633b7c4dfa1f312f83f9119737fb9f8546aa2a
5ac34881cf76745b633e4ba90d8475acaad9fa52fbb08cd8faec3f365d4fe179
5b68046c35ee8af8cd0494315d3978d822c265242d2484e294cb8b2385b5172d
5b6dc752c776430781d356f762287fb7d553df14e076162817320615cdfb4736
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c7688b1907af3fd2ed193f6dd122ee3bc3d3d87c51dbd0d9b2732c0d2e05699
5cd927aa467ed6783acad28d90791e6ce4cff168434c4bc44e0065f72e816083
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e3f9283943f026394f2c5386a1d0a95cf809a6a4b1f3f3c6a619d2c4dd314e7
5f16a44a44f6bc9fa32e54dad3293ed61d386629b48a7221bece130d8b8abe8c
60230e4a926befe53988ed6cacfadb185f864adfc951ef3324f5fc2ccadf54b8
604976bcfb8fafbf99e4e400f9ca0ddc91626568ea54fdf2326dc5e7cac90ee5
60c5f23e1eca5fc14e0fbf60e9c606fba5f4e442422a7b06d1ebc1d63956adfa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dc5d08e149faff5b20432369de5f8ce62e9179af0cea513379316449077ebe
620de612a584bdb7bbde11ee03071806e29259eb0a4bba223f0398545bbca69e
65065ec0e7a2c35d8f69ceb910923d292bfa8f4f59b050e51ef7096a71da4a42
65c4b6f8fb6d6e0414e00d1fa8b902e47efac0cd64f2a35d8ad6767f10171138
65deea7d3a9ca3e91b046ae25243edbbff6d994da52f281fb8123b0742eaa3a7
65fdf57f497409b8db132cf82de62196ff3150122580acb6c094cb9b5d1380fc
66624ee7e76cfbea3d717dbfaccfd501f00080e4653341fc1f7caa01de6f1cf1
679b04dd309ca6d40cebcf8fb560aed7bd19fcd078d738f2b3d815affa6a0df0
67aadc95e1663793f12d034c7b5a985ea06bd020b007b0ff657099e1d73abf4b
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6aeff218767565b6839c790c769249836821e4610e2223bb9020fdd03f420969
6b72faabaeb068cbedbc817c17411226b693e35ee619c2bb88139201ae6914bb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c869f274afd036b8418c780b09473a327dbf68b4f254b7074d5dd14280a7c04
6da53188292e2b74fb97ef097ad36b2427056ca26bedb6a5916abf08dcde71d3
6f2d020b3bef30ffe4a43c7250bf7e799c5fb27daa3623d92a177599bb3c366f
6fd404f8274a78ad004e3b031fc3065cbb1b953956103aa5982019d570dd4896
6fe94d6664946c6463d2ac305de897e7135df0dcf121359c34ee87f0235efe7f
7169e86a2a01636d44c0f25ac7df060553cb6d3f2afe2f8fd0b1162fcaadf42c
721f4c021d879982d666e9b40589730f3174cea763c7641e1c9555b299944cd8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73675bf96bf60a5c4608857f63b27ecca13e6ded891b492fe1750f99bfb6295b
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
73c4d84c79168730aa69128298ac4f9324c43597842960d41f67c02b558b9444
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7461b246ae0182196d3092a5e40ec270c1685bddcf28118a882bae51d5daac42
74809a1ceb30dee8f0e0ff72b933f7327c08fb34d04213eb6c0e7d14df6926b0
748735a831b31b735e397d4928ecf548aa9583136644b8989f5897db1f97e18d
748f098f044ff2324f32b50ef3991dfcf2b27fe41d0e5950a52e79e22a0cb531
7495f069489170c6dd7ad4a71310a1836f5f5b0417cfc58b3dfa8e61df5e7572
749b53442e109557196c6dfd92754eb8e6e61cd51cb0d3986b7f6bd886a9aba8
759b1559d5f7b15a94b6962455abfe6d4d95c717bb4094be3ffa0dc92b36d399
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1
77d05e61761d89d0f0d59c5c6c43cdd72e524b59b81ed9b46b8e83dedc868940
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
791dbe935d023cd588ac612b8fff2bda30ed626a73fcead815c9e31710826fe2
7958fbb91fdef851f42ff8d29d1c265ed5b560e994fe873e0997294aa945b106
7a5be6b4e12e1ea26c6a2a917b207d5ecfa25ba27d6c01c8ecc1e3a7c7088618
7a83a2df2c44eb00deba4a466d6867e7ec194152f7200d1e4a6488d0617d450f
7b507cdf3dec53bd5af9acc7b8d7ddf1d29d611a3fb8803499c614f31441cbe7
7b9227f4bef0cfd15fa114c59a132fe697e7a59dbb2692b53a9d4515955b92be
7bec5836c60d7584f378278efdadf7cf479a41cbea164a7842a285c8f6172b59
7c5b7a22af89b9b8b7d8e7128c2e64194e9b59ba2f86135243ebca2bd33ac9f8
7cd37402b662ee9944c11b2f0aa0af2d6df27dc6b32d7396427bb6f383aca25e
7ed2ff6c13460978436c34f4b5e578e33727656b688504efb77a3ecd53d39d24
7f7a9e898a3f0fa3cbdf3366f13a37946eebf56ac85cb7be6c0d8adf54c8f74d
7ff5fa1db0fde492c288e40fa43601e1d144003e2fc33de53d6b55099d3679ae
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83c45d2a8b0133c0c10802abb2510b8ee51f1bb2a745288a1944af4f9a508fda
83ddc7870c5e7bb9ca5e4560b6c790d2ce40ae17897475529cdc0c9479e46d81
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8494dc370c184b5aa8f397a70cc6646e56c56924098c1d02eb3f067e183db60e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
858bf26ff8b455724239611b09322011c5d05af4445c1e6954848b36eb52a463
87605f97c08a293e3056b49a1dd625d75812d6d1b8cc699a2e004b8e3ba28846
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0ffc58f014a73b9c8ceccccd165dd7b98b8edff9bcd37854db4900efe2d890
8a13db1bcb871f153bce290cff64b7f9db8f64a5d9457de0ab8d0619bf462643
8a233af1d0f7a3c7f78d33d23edfb96a8204d7cac61ee9cc13f2c060976a37a7
8a540cc5945aea6d81f7705af39fc8868fe7e72bcbf2f0396ace451451109e22
8a5a34c5aae42c5748c1630e651b9e6b319408bb4ea3a2091521c08083a51d65
8b008e0404de46c8d0bcdb138615868da1975146cb971b0ff6e21a92fd3c98e9
8bc5b64a74d7d84673f302f1b914a7e6a0feb73ce4a4209152d7194d001a8a7c
8c5751cf511ce5ef1475a104f8bf2b43e6c5fad4315a00d84c4f3bce403d16a6
8c6765056d79874bd0bc43c82ee19114017fb028184801df8c39a49ca978b702
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
8df0ad7afaece822d7d4e1984534d3c68fa1dcc60622b6d83911f2bc293eaa03
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8eef616e3f59087acf14c19bd6b373bef7d25dad71e19d91107901648c5d846a
8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b
90076179d83df55f7dc01933b8f63a73f71bede46b4f136b3268e3b3e86b072e
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9161cdbce2dd417afe6ba4fa809f3b05a0afb0e13cf52055979c25529264040d
91fc74a323b545fb816d1e63d364c00ec52795a315aec9189de0f7e7b62062ce
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
948b75875f0b3fa0d59ac75e332af3a11d89b8bc101a0914ee041068c99c6be8
951c201eceb26489dc9b4cc8ea4e408ae957410ea32b0fc7d4845d851886739f
95b19b336ae37187fe586d8764fbc4e370f0799ef3625b039efb4763383d058a
9649384f82539d23da2a9d4923f91058536f34cef5952d520157656c52699b10
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97d3ffb95092ec94b83f5f47e8745b2c189dd3a13bf7feb2208214c74d6b521c
990bc5b02fcb52bb6eb28a3bb246b668a3609f906a8b3ab504dd528c95e70328
997d14d6f42b0db16c58e285534d64509893d3116dd2488f5e6175a125b3fdbf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359
9c7bfc0ec1c383cffff45e2328114030c68097d0fa69c96b478543a67147feb5
9cae3d6821235e0ba8bf3721a1b106dcd718ba45e626ee5c3118261c112795d9
9e391f70821c1f3c49a2d9a9a2e1b6085fcd1f5aafe404258adbd024a9bef517
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42
9f73a6d4157095f93bed3c6cbad789a2bb3c80a7fb6f96452f9a54df3c86b996
9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0b1bc77d30b16a3fd36b68b2939be5571e819adad00d478f17afc4f2c1197ad
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1173705b5ad6c6150d9e471db5f1176d61402f6cd480d727a214b8d061688f9
a1218db524c537fdf99116e6de3c3a0149007cd7d9aaf4ebb3e203a6e0173d48
a26e9861ecb71bcf67ba4963050ad34d59c1a670ceb4e9f602fe4911ca6d3fcc
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a78ed8ad2965d49c1594db81e0fca507ab140104c7439a6536758daae8b2155d
a7c4f5ec7780573959171598e4cf92ac50545dd8bcf55a5c2a041906c1863cd4
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
aa7ffdae3140bdf337a9edb14016f985c272a4bc51a6d22ee548abc7085608c9
ab5770308d93a1b620a7d57ab0b2f951ffc405085067423d4fff082db95669bc
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad22210b8771222403a491bb9900aa387490f6f2024cab51feacd105cb707a51
ad9526e3aeee2668af9e8c36ead5afc4e2291875435d04dd10a9761e9b331776
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b213596f8c6a75d05e3649be5e43a6cf193cfe4cedb2233295e915606d9b148d
b2e88dc15ce201e8bdd8d4ebf8c2509cf1ea29aafe1b0364a19b7e5103977091
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b445975f208e85a144de14dea72259f43e2da137fe56b2e9fbfd14afcc99730b
b469a7a46d7f4261acdf866b60de0c5f3216eed6081229b4de7dca0dcab73c7e
b645f1f59a2f6a6baecc074226cf72aed2549ce20770c6ad088a617908c0c0fb
b6b8b50f8a3da256dbdd8bd618f3a6e8718bcc6cc9a0b65119eb105108897eef
b79969bfe5205648c47230516c4f7da363bbc37cfcf56057abb24c8fbc34d747
b971ca6bf025b396328992a6b65cb4c97a86b74f0538fcaca703a3120b42e798
bb535e6c76d13724a276de833eda5448234d67180dc5df9a667db3b8514c39cd
bbe6f09737a0c8c586f5ea24f3c69fc363cedf3794afcbb759e35c1b9d450771
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bd91ab610e73c9efb3a030c514e0398bd0fc36c2ae470bc08659ea635540d323
be2dcd0750392c2617a6cc07d3ebae33aac8c1cd812f8324f32cf38f7e264e0a
be90b7299fe5a48b5ba79e56648f350f13da18b58f93ff0ac7ecb40048eb67e0
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bff4b5944197f5a245036c6096b676c9cf398a4d0fed4b11beb61b8a2cf8892f
c02e3cee6c3b3f815e45473b0200eab23828311692e61d2ff759454e0b713c12
c1280929356dad255640e376bd6d017aa248b7a4a4d4cac619ecbadf58b4ad31
c20a6bce2622b4ade912a5c6ff85153ac6e1f91bfa46887f84009d8243e43eac
c22e92032232c57932296e3a24ba79f56decde028845d49709f98f208ccbd059
c26a79d0a9286f138bb994c7e6e274b2311fb4decbf7715d94e3ea18916a4a40
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c563b6218b0f4989b8de94e9fe94ac4878d88e3c1d0a8f72762d05ea35b65039
c59c0cb3f8063e579c58ef3092e30a372ca7d9c30d3fc3b1b24c8dd2524b44f1
c5e3410bcb61ecd4f61c037c9b57cfdfd87ef8c2fab38548817f1df3464d80b8
c773dc0c03143d31a7a0f50f4d69ae9202c29753d42de342d33cc002b8af173e
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cea10a562f29862f65d60fbe691f0e016a8ed4123d305f7c7de3257cda07b80b
cefd56807f5cf704def4e028b1655162049c21467d9f71e8b4e252161194121c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1c32e720f8ec6b0875c6771d7a1cca2229daae604edd06044cfab948ac53e70
d29934d0983a31746a0114dbb7b6b0ce2bac20e7a58addea7ccd4d3ac139544b
d29efbdb1613dd373678cc6e8e6e6f4cf003ce3d076c2be27e456e93dfa601c0
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
d477f817703268b28def4e51ffd507a6f40bd8816275fedee7ca21be09f1b3b6
d509e758948dccb55f4ff51961d9b699306299c520db8033d0299b58cda70240
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d5cf3fef2eee5171e3ebaba47803143d972820ed37a74f39383817da869f22be
d603997b48d9bdb94db835793dc7f9299e3496bd7f1803260b383505c61c778a
d68612cc92380eb66e77e1ba86b72c89a72c51cb7b8469e746bb4594670454ad
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d705361157ec3a3d50f5530a85420a5999e56eae1f6569b3a43ed44897d48790
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d9216c83cfc704feeb678caf5556bf4dc11f5d52d98760f1ea80e944865f55a6
db713462986609c9c74d35ee67a6effe8cb3b79bb3c86a68f40a3cce25c98eed
dbba01e78cdc8bd77ebfaaa28e1f3e66dcf1e337b0df0d33299ca66248c11772
dcbb9541c46241c398f891b49ffe015780b6eef33363eb929530477910e2ff2a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd16335c24534cb686cb6b742b6b10f228fe32b6c9072021ccb77aaab3d19d1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de622f94d8cf64557610dd4247e09b88b5f04d661c08b26883cda6f67c953604
e0b7e0680a588ae3dba8658a482aaae69dbe9981136719abaf301ecb25223637
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e18e4cb1e2e4d0e55861fe2c4c46dfdfe73e1d070a859a3d0becc2f9a5b656b9
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34414282fb505678ceaf061ee118b5392c552c68d171a2165a45c8a55971f34
e36d5eb43776fefa8061f557bf277ba9abdf1117e1484d2f6df5ddc66ce4adc1
e394a0ebe3b6b4f621902ac726cf312d38577d8a51e8415995bc49bbeceaab9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439ab8ee7e09568a0a3c9ba4f7921129e48f45a5525a4b753e374fe5bb5bf0c
e678a34d935a6a8b74ad2a0fbcfc8504443c31e21d8f12abe34c3f44913d4059
e70adcd31bc54c86975b907975bf0957771f299aa3d7f57c2642495441053a7d
e72b8cd005b7a9b4a1eb1dca12d68c95110cfa6faba7140e1b27d24e7c328fdf
e7e6564d5860837325e74f41ecc2e710d136829e2ddb90f92aad4581b669a91f
e8a459ac5c3ba61111c2bf7c7db5a770102cc6eaa9278366245e01d4be2a0204
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e90e35d282fd28c8613233147718464914cd6afadcaa22af50648ac545286162
e92da247aad3c77b05422ce7a3353e334ba0ebc02d93bb1fe8cb41f67d246ed3
e9666cf216dafc01b31655395c3398c51ad1e80c0792db67ddbb9693bbac0e73
ea058413a6122efaf3fb58216d79bd6886a87e206304a50c4a3b0e477bc3941c
ea82bbd2874d8fbbffb40bea6c4268a884105939cca8171c1921cf367fd35cb6
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ebd0070ca4819270200c94b6ea5ec82c771a71719a1d3c9e41ccd8d95544070e
ed5a7dfc58623228bbb29d42eddb64333e1c1db36ac4c83c159dc01e8796f40b
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee989ae1b4083cf0ab6f2fe74231268cb95a4f93fe624181e1f346692b6e5d64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef75b52f7f33b51ddc94e2dba3c793056f8b92c978aebee3eba56160a35aaffd
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f0ac3f1fed855a39298510847241f2ea79f82a5e82966c1cbda85734b92d1437
f0c7b5560131883cc58d9d2b7b2da3726c2284bfffa900417b7f2d24f82e3edd
f1c1ea9b4265a39ea8c2b6c87368403339cca63dd59777237e5c353142aff2fb
f28e74a7de5325321a658a83e95a80ae5d9ccf26538c8c6c841dc4f5c5960b28
f2c0dea9d0e385e86179f8fe584ce9e9400819f0a927492ca3af16e5e03d8569
f3c4d190f9eb7a44795ff5772c1f504fadbe7538a28ae61ccaf3e9baa58e73e5
f531e3e24fb22510e9ff3d3e06f72e4837cfc10fc86e45f4a4059ddc8941669c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5db10b6874742367c911db855b140d43e946bd5e5a5024a1ed4ef999204091e
f6c24cfb79bc066510ca6663d8f5fe7eec9190187daeaa2291f4e6f8a6c84d1b
f7147c3e27d2395eda678a84f970e06fca08af0753de991596e5743fa7a98c06
f829117cf6947ba7f8ee317661fd211e0d8a7df56c9a0c108cc49844a2e5e90b
f8e5aa3b62ba90b6d0fd454dccfc49991a83f952b2937b4228856c7ef22c6a09
f8f0c9adba4ba4d7eb7cf7f2dca4b82c71035d74d1e453d9a505418a93ffe27a
f96ebacb9442b4d6eb1067d6bec03595f7f0ab6f91aad5785e980586e6ef1950
fa65d5b06b7a9bb87c9f8986e54f764df108c030fa7205994a2333c800d55c96
fa783436d33011ecbf66b0553b4f36ffedb0f390691c7c862c64b61df53dde8c
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fc4f214434204b0f69f2ff931b16c9725121c4a0e9817891212dfd44a5d452c4
fccfa7e4b12bad4c95a255b9a519d2c69aff2acc927dc51dc6be0a9388e88e46
fd65c9e713aab76687e4486c6c0c4116f7446924c4094248152da08187f2de0d
fda076d84c1c128a35760885641893bbf4d7cedb2d41bb9a5cbe56d797c39c43
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9